Congress is correct, too. In 2021, it established the State and Native Cybersecurity Grant Program (SLCGP) to “award grants to eligible entities to deal with cybersecurity dangers and cybersecurity threats to data techniques owned or operated by, or on behalf of, state, native or tribal governments.”
The SLCGP authorizes $1 billion over 4 years to assist state, native, tribal and territorial governments scale back systemic cyber dangers and requires a pass-through of no less than 80 p.c of these funds to native governments, whereas reserving 25 p.c of these funds for rural jurisdictions. A key part of the SLCGP ties any disbursement of funds to the Cybersecurity Infrastructure and Safety Company’s (CISA) approval of a state’s cybersecurity plan. That proposal should meet the necessities set forth within the SLCGP, equivalent to implementation of the Nationwide Institute of Requirements and Know-how (NIST) cybersecurity framework.
This September, the Homeland Safety Committee — with bipartisan help — launched the Defending Info by Native Leaders for Company Resilience Act(PILLAR Act, H.R. 5078), which seeks to not solely lengthen SLCGP for 10 years, but in addition present lengthy‑time period stability and funding, strengthen milestone‑primarily based accountability, increase its scope to AI and operational expertise, and make clear value‑sharing between federal and state governments.
