Official websites use .gov
A
.gov website belongs to an official government
organization in the United States.
Secure .gov websites use HTTPS
A
lock (
) or https:// means you’ve safely connected to
the .gov website. Share sensitive information only on official,
secure websites.
N/A
97.137
The goal of the State and Local Cybersecurity Grant Program (SLCGP) and the Tribal Cybersecurity Grant Program (TCGP) is to assist state, local, tribal and territorial (SLTT) governments with managing and reducing systemic cyber risk. This goal can be achieved over the course of the Period of Performance (POP) as applicants focus on their Cybersecurity Plans, priorities, projects, and implementation toward addressing the program objectives. Program Objectives for SLCGP and TCGP include: 1. Develop and establish appropriate governance structures, as well as plans, to improve capabilities to respond to cybersecurity incidents and ensure continuity of operations; 2. SLTT agencies understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation, and structured assessments; 3. Implement security protections commensurate with risk (outcomes of Objectives 1 & 2); and 4. Ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility. Performance Measures: • Percentage of entities with CISA approved state-wide Cybersecurity Plans • Percentage of entities with statewide Cybersecurity Planning Committees that meet the Homeland Security Act of 2002 and SLCGP funding notice requirements • Percentage of entities conducting annual table-top and full-scope exercises to test Cybersecurity Plans • Percent of the entities’ SLCGP budget allocated to exercises • Average dollar amount expended on exercise planning for entities • Percentage of entities conducting an annual cyber risk assessment to identify cyber risk management gaps and areas for improvement • Percentage of entities performing phishing training • Percentage of entities conducting awareness campaigns • Percent of entities providing role-based cybersecurity awareness training to employees • Percentage of entities adopting the Workforce Framework for Cybersecurity (NICE Framework) as evidenced by established workforce development and training plans • Percentage of entities with capabilities to analyze network traffic and activities related to potential threats • Percentage of entities implementing multi-factor authentication (MFA) for all remote access and privileged accounts • Percentage of entities with programs to anticipate and discontinue use of end-of-life software and hardware • Percentage of entities prohibiting the use of known/fixed/default passwords and credentials • Percentage of entities operating under the “.gov” internet domain • Number of cybersecurity gaps or issues addressed annually by entities
This chart shows obligations for the program by fiscal year. All data for this chart was provided by the
administering agency and sourced from SAM.gov, USASpending.gov, and Treasury.gov.
For more information on each of these data sources, please see the
About the data page.
The State and Local Cybersecurity Grant Program and Tribal Cybersecurity Grant Program provides Federal funds to address cybersecurity risks and cybersecurity threats to information systems owned, operated by, or on behalf of SLTT governments.
Single Audit Applies (2 CFR Part 200 Subpart F):
For additional information on single audit requirements for this program, review the current Compliance Supplement.
OMB is working with the U.S. Government Accountability Office (GAO) and agency offices of inspectors general to include links to relevant oversight reports. This section will be updated once this information is made available.
