Program

COVID-19 Federal Assistance e311

Topics

Federal Funding Streams, Fund Planning & Allocation

Funding Source

Infrastructure Investments and Jobs Act

What funding opportunities and resources other than the State and Local Cybersecurity Grant Program (SLCGP) can be used towards Cybersecurity projects?

There are several sources of cybersecurity funding (i.e., local, state or tribal, regional, federal, and private sector funding sources) available for cybersecurity projects. Entities seeking funding opportunities for cybersecurity projects should become familiar with funding sources available in their jurisdictions, including at the state, tribal, regional, or local levels. In addition, entities should consider the following federal funding sources outside of the State and Local Cybersecurity Grant Program (“SLCGP”), including those authorized by the Infrastructure Investment and Jobs Act (“IIJA”).

The IIJA includes funding for new and existing cybersecurity programs that focus on strengthening cyber systems and defense against future attacks, some of which provide opportunities to state, local, tribal, and territorial entities, including but not limited to:

  • U.S. Department of Homeland Security Cybersecurity Programs
    • Rural and Municipal Utility Advanced Cybersecurity Grant Program ($250 million)
    • Cyber Response and Recovery Fund ($100 million)
    • Department of Homeland Security (DHS) Science and Technology Directorate ($157.5 million)
    • CISA Risk Management Operations ($35 million)
    • Office of National Cyber Director ($21 million)
  • U.S. Department of Energy Programs
    • Cybersecurity for the Energy Sector Research, Development, and Demonstration Program ($250 million)
    • Rural and Municipal Utility Advances Cybersecurity Grant and Technical Assistance Program ($250 million)
    • Energy Sector Operational Support for Cyber Resilience Program ($50 million)

The IIJA also includes several programs across various federal agencies which, while not cybersecurity-specific, allow for investment in cybersecurity measures as an eligible use to support program objectives, including but not limited to:

  • U.S. Department of Commerce Programs
    • Broadband Equity, Access, and Deployment Program ($42.5 billion)
  • U.S. Department of Transportation Programs
    • Port Infrastructure Development Program ($2.25 billion)
  • U.S. Department of Energy Programs
    • State Energy Program ($500 million)
  • U.S. Environmental Protection Agency Programs
    • Clean Water and Drinking Water State Revolving Funds ($11.7 billion)
    • Drinking Water State Revolving Fund ($11.7 billion)
  • Department of Homeland Security Programs
    • State Homeland Security Grant Program ($415 million)
    • Urban Areas Security Initiative ($615 million)
  • United States Department of Agriculture Programs
    • Cyber-Physical Systems Grant ($7 million)

In addition to the agencies and programs listed above, interested organizations may wish to contact the Cybersecurity and Infrastructure Security Agency (“CISA”) which offers a range of cybersecurity assessments at no cost to the requestor.[1] CISA assessments are provided upon request on a voluntary basis and can help any organization with managing risk and strengthen its cybersecurity. Once risks are identified after taking an assessment, interested parties should carefully review the eligibility parameters and policy guidelines for the programs listed to determine which sources of funding are appropriate to pursue.

Last Updated: March 3, 2023

[1] CISA, “Cyber Resource Hub,” available at: https://www.cisa.gov/cyber-resource-hub.