Tag Archives: Cybersecurity and Infrastructure Security Agency

Exploring the State of State and Local Cyber Resources

Posted on by

State and local organizations are highly targeted by cyber criminals due to the value of the data they hold and the criticality of the systems they operate. In 2024, there were over 40,000 potential cyber attacks targeting state, local, and tribal governments. Despite this very real threat, these same organizations are largely underfunded and understaffed when it comes to cyber protection.

The federal government has looked to fill this gap between risk and preparedness. The State and Local Cybersecurity Grant Program (SLCGP) was established under the Infrastructure Investment and Jobs Act of 2021, providing (when combined with the Tribal Cybersecurity Grant Program) $1 billion in funding available over four years for state, local, tribal, and territorial cybersecurity efforts. This program ended at the close of the 2025 government fiscal year but received a short-term extension under the stopgap funding agreement that reopened the government in November 2025. Continue reading

Funding Security at the Local Level

Posted on by

The State and Local Cybersecurity Grant Program (SLCGP) was launched as part of the 2021 infrastructure law to help states and localities bolster their cybersecurity defenses. State and local agencies hold incredibly sensitive data yet historically lack the budget and staff to implement modern security tools and approaches, making them a target for threat actors. The SLCGP was designed to bridge this gap, allowing states to bolster their cyber infrastructure. Funding for this program is set to expire in September 2025, leaving states worried about how they will continue to maintain and enhance their cybersecurity postures.

What is the SLCGP?

The Cyber Grant Program is jointly administered by the DHS's Federal Emergency Management Agency and the Cybersecurity and Infrastructure Security Agency. It requires states to funnel 80% of the funding to local governments, which are often the shortest on IT staff and funding, to ensure the equitable distribution of funding across organizations. Continue reading

DHS’s Commitment to Innovation

Posted on by

Under its umbrella mission of "securing the nation from the many threats we face," the Department of Homeland Security (DHS) defines several mission areas critical to meeting this goal. These include countering terrorism and preventing threats, securing and managing borders, administering immigration, securing cyberspace, building resilience, and responding to incidents, as well as combating crimes of exploitation. To support these areas, the DHS Innovation, Research & Development Strategic Plan defines eight scientific areas as focal points for research:

  • Advanced sensing
  • AI and autonomous systems
  • Biotechnology
  • Climate change
  • Communications and networking
  • Cybersecurity
  • Data integration, analytics, modeling, and simulation
  • Digital identity and trust

In a previous post, we looked at DHS's work with artificial intelligence (AI), digital identity, and climate change. In this post, we'll take a look at the activity happening in more of these eight areas. Continue reading

The State of Cybersecurity in the States

Posted on by

State and local agencies are some of the most attractive and vulnerable targets for cyber criminals. In 2023, malware attacks increased by 148%, and ransomware incidents increased by 51%. These agencies are targeted because they hold valuable personal data on citizens and control critical services--yet their security efforts have historically been underfunded and under-resourced. However, the tide may be changing.

A report on the ransomware experiences of state and local government in 2024 showed a dramatic decrease in the number of those organizations that were impacted this year. The report found ransomware attacks impacting 34% of state and local governments, marking a sharp decrease from the 69% affected in 2023. Let's take a look at some of the trends and activities that are fueling the improvement in state and local cybersecurity. Continue reading

Securing the Machines that Drive our Democracy

Posted on by

The devices used in voting are relatively low-tech. In order to avoid cyber threats, even those that use a touch screen to capture votes are intentionally not connected to the internet. However, even this unconnected approach has security risks that need to be addressed so that these devices and the data they hold aren't tampered with. The states and localities that administer elections are continually focused on the full spectrum of security risks, putting processes and systems in place in advance of election day to ensure that voting is safe and secure.

Diversity is a Strength

The diversity of voting machines being used across the country reduces threat impacts. If there is an issue with a piece of software, it won't impact the entire national voting system, just particular machines. While software vulnerabilities are still huge problems, standardizing on one type of machine nationwide would mean one software bug could wipe out all electoral results. Continue reading