State and Local Cybersecurity Grant Program (SLCGP)

Overview

Through the Infrastructure Investment and Jobs Act (IIJA) of 2021, Congress established the State and Local Cybersecurity Improvement Act, which established the State and Local Cybersecurity Grant Program, appropriating $1 billion nationwide to be awarded over four years. In FY 2022, $183.5 million was made available nationwide under the SLCGP, with varying funding amounts allocated over four years from the IIJA. Each state and territory will receive a funding allocation as determined by the statutory formula. 80% of total state allocations must support local governments, while 25% of the total state allocations must support rural areas/jurisdictions; these amounts may overlap. This federal grant program is jointly administered by the Federal Emergency Management Agency (FEMA) and the federal Cybersecurity and Infrastructure Security Agency (CISA).

As the State Administrative Agency, Cal OES will administer the funds pursuant to California’s SLCGP allocation. The IIJA requires the funds to be allocated according to a state cybersecurity plan developed by a cybersecurity planning committee.

The California Cybersecurity Integration Center (Cal-CSIC) formed a subcommittee of the California Cybersecurity Task Force called the Cybersecurity Investment Planning Subcommittee for this purpose (CCTF-CIPS) in late 2022. The CCTF-CIPS serves as the planning committee for purposes of the grant program and is open to all potential grant subrecipients.

California’s Cybersecurity Plan was approved by FEMA and CISA at the end of September, 2023; disbursement of SLCGP funds is awaiting approval of individual projects named in the plan, and funds will be released to California per-project as those projects are approved by FEMA and CISA. State-level projects identified in the Cybersecurity Plan encompass all sub-recipient applications that will subsequently align to those.

The Cal OES State & Local Projects Unit is coordinating closely with the Cal-CSIC and our federal partners at FEMA and CISA to implement and administer the SLCGP and ensure all grant requirements are met.

Cybersecurity Plan

In coordination with the CCTF-CIPS and the Department of Technology, the Cal-CSIC and OES developed California’s initial SLCGP Cybersecurity Plan which is posted here:

Cal-CSIC CCTF 

All funding allocation decisions will be made in accordance with the Cybersecurity Plan and SLCGP requirements.

SLCGP Application Process for Sub-Recipients

Eligible subrecipients for the SLCGP (see FY22 NOFO page 9 or FY23 NOFO page 14), will submit their proposed projects to Cal OES once the Competitive Funding Opportunity (CFO) is opened and announced on the Cal OES website and State Grants Portal. Proposals will be evaluated, and awards allocated in accordance with program requirements and the Cybersecurity Plan.

Eligible local and tribal government entities and agencies of the State of California may subscribe to the CCTF-CIPS distribution list for updates (see below). Send questions about SLCGP to: StateLocalProjects@caloes.ca.gov

CCTF-CIPS Contact and Distribution List

If you are interested in receiving updates related to the SLCGP program and/or would like to be involved in the efforts of the CCTF-CIPS, please find more information here: Cal-CSIC CCTF

Notices of Funding Opportunity (NOFOs)

• FY22 Notice of Funding Opportunity (NOFO): https://www.grants.gov/search-results-detail/343579
• FY23 NOFO: https://www.grants.gov/search-results-detail/349776

SLCGP State Guidance

• FY 2022 SLCGP State Supplement, (coming soon)
• California SLCGP Cybersecurity Plan

Resources

The following list of CISA resources are recommended products, services, and tools at no cost to the state, local, tribal, and territorial governments, as well as public and private sector critical infrastructure organizations.

• Cal OES State and Local Cybersecurity Fact Sheet
• CISA: State and Local Cybersecurity Grant Program Fact Sheet
• CISA: State and Local Cybersecurity Grant Program Frequently Asked Questions
• CISA: Cyber Resource Hub
• CISA: Ransomware Guide (Sept. 2020)
• CISA: Cyber Resilience Review
• CISA: Free Cybersecurity Services and Tools

Program Timeline

• August 2022: Cal OES and the Cal-CSIC formed the CCTF-CIPS
• September 2022: SLCGP FY22 Notice of Funding Opportunity (NOFO) published
• January 2024: California Awarded $7.9 Million First-Year Funding
• September 2023: Cybersecurity Plan approved by FEMA/CISA
• July 2024 (estimated): Cal OES will announce SLCGP subrecipient RFP process – this will be the first opportunity for potential subrecipients in California to submit proposals for funding through this program.