Funded by Congress in the Infrastructure Investment and Jobs Act, the State and Local Cybersecurity Grant Program (SLCGP) will appropriate $1 billion over the next four years to shore up cybersecurity vulnerabilities faced by state, local, and territorial governments. Oregon’s share of this funding is approximately $15 million. Eighty percent of funding must support local entities and 25 percent must support rural entities. 

Building a Cybersecurity Committee

The first step in unlocking this federal funding is seating a statewide cybersecurity planning committee. This committee will identify risks and project opportunities related to cybersecurity with at least 50 percent of its members having professional experience in cybersecurity or Information Technology (IT). AOC requested self-nominations for this committee, and a number of county IT directors have secured seats. The association will work with these members to ensure that county project priorities receive appropriate advocacy.

Creating a Plan

It is anticipated that the first year of SLCGP funding will be used to create a statewide cyber plan, another requirement of the enabling legislation. On December 9, the state’s Joint Emergency Board authorized a state match of nearly $3 million to unlock SLCGP funds and support the creation of a statewide plan. AOC will utilize the county members on the planning committee to ensure that county cybersecurity needs are incorporated into the final plan.

Required Cyber Assessment

Another of the requirements of the SLCGP, for those who do receive funding, will be to participate in the Nationwide Cybersecurity Review (NCSR). This is a post funding award requirement, but entities can participate today if they aren’t currently doing so. The NCSR is an assessment that measures gaps and capabilities of cybersecurity programs. The individual assessment results are only shared with the individual entity, so specific information remains private. Aggregate data may be used to help inform the SLCGP cybersecurity plan for Oregon.

New to the NCSR? Please complete the registration form on www.cisecurity.org/ms-isac/services/ncsr.

Returning Participant? Please visit the NCSR portal at https://cis.my.logicmanager.com/ to login to the platform and access your information.

The NCSR is open until February 28, 2023.

For questions, or feedback, please contact AOC Legislative Affairs Manager, Tyler Janzen.

Contributed by: Tyler Janzen | Legislative Affairs Manager