Local governments are eligible as sub applicants and must work with their state or territory's Cybersecurity Planning Committee to receive awards. Local governments are defined as a county, municipality, city, town, township, local public authority, school district, special district, intrastate district, council of governments (regardless of whether the council of governments is incorporated as a nonprofit corporation under State law), regional or interstate government entity, or agency or instrumentality of a local government; an Indian tribe or authorized tribal organization, or in Alaska a Native village or Alaska Regional Native Corporation; and a rural community, unincorporated town or village, or other public entity.
eligibility requirements include:
- A minimum of 80% of state allocations must pass through to local governments.
- In addition, at least 25% of the total funds made available under the grant must pass through to rural communities.
- A maximum of 20% can be used by state agencies to administer the grant program.
- Developing a state-wide Cybersecurity Plan based on CISA/FEMA approved State Plans.
- Working with Cities, Counties, K12 and Water Sector to develop detailed implementation plan.
Adoption of security best practices and advancements toward zero-trust architecture are required to be included in individual projects.
Focus areas include:
- Multi-factor Authentication
- Network Security
- Backup Protection
- Threat Intelligence
- Software and Hardware
- Cybersecurity Education