The funding package approved by Congress and President Donald Trump has temporarily extended a cybersecurity grant program used by state and local governments to support their cyber defense measures.
The State and Local Cybersecurity Grant Program’s (SLCGP) authorization was extended until Jan. 30 under legislation passed earlier this week to reopen the federal government after it shut down for more than 40 days.
SLCGP was set to expire on Sept. 30 without reauthorization from Congress. The program’s funding lapsed throughout the duration of the government shutdown.
Congress established the program as part of the Infrastructure Investment and Jobs Act of 2021. The grant program provides $1 billion in funding over four years and operates under a partnership between the Cybersecurity and Infrastructure Security Agency and the Federal Emergency Management Agency.
What that program looks like in the future has been left up for debate, with state chief information officers and local officials both hailing the program and pointing out flaws.
Some of those flaws recently shared with Congress include its “one-size-fits-all” model that limits efficiency for larger jurisdictions, and the stringent application process which mandates tight deadlines that may be harder to meet for small communities who have limited staff.
One thing that everyone has agreed upon has been that the program needs more funding over a longer stretch of time – more than its initial four years.
“SLCGP has been instrumental in helping state and local governments strengthen their cybersecurity defenses and the inclusion of both demonstrates that Congress is indeed taking this issue seriously,” the National Association of State Chief Information Officers (NASICO) said in a statement on Congress’s reauthorization of SLCGP and the Cybersecurity Information Sharing Act of 2015 in its short-term funding package.
However, NASICO noted that the move is “only a temporary solution to a significant and pressing problem.”
“Congress should act swiftly to provide certainty and stability for state governments by passing a long-term extension of both programs, combined with adequate levels of funding, that will allow stakeholders to strengthen their cyber defenses and meet the challenges of the future,” NASICO said.
Congress now has about two months to figure out a longer-term solution for the key cyber grant program before its short-term extension expires.