| Photo by Towfiqu Barbhuiya on Unsplash
NEW YORK – With nearly $6 million in funding through the federal State and Local Cybersecurity Program (SLCGP), New York has released a cybersecurity plan detailing a whole-of-state approach to reduce cyber risk and build clear resiliency in local governments statewide.
This grant program will expand access to cybersecurity information, tools, resources, and services so that public sector entities in New York have access to the most sophisticated cyber defenses. Given the available funding, New York will use its economy of scale purchasing power to procure and deliver best-in-brand software, hardware, and services to eligible entities.
“A cyberattack can halt an entire community, and it’s essential that local governments have the resources and information needed to protect themselves and quickly respond to a cyber threat,” Governor Kathy Hochul said. “This funding will provide tools to help municipalities secure critical infrastructure to protect New Yorkers and reduce cyber risks.”
To ensure the maximum number of New York entities can benefit from the limited SLCGP funds, New York will directly procure software, hardware, and services for delivery to eligible entities. During the program’s first year, New York State focuses on shared services initiatives to help local government entities build a baseline level of cybersecurity. These initiatives are:
- Multi-Factor Authentication (MFA): MFA is a method to authenticate a user that requires them to provide two or more verification factors to gain access to a resource. New York will provide hardware and/or software tokens and professional services that eligible entities can use to implement MFA in their technology environments.
- Cybersecurity Certification Scholarship: New York will provide scholarships for select employees from eligible entities with roles or responsibilities related to information technology, information security, cybersecurity, data privacy, and/or data security to achieve an industry-recognized cybersecurity certification.
- Cybersecurity Awareness Training: New York will provide online cybersecurity awareness training for eligible entities for their employees.
Eligible entities can indicate their interest in one or more shared service offerings by completing the SLCGP Interest Form. Responses to this form will help the state appropriately plan to address statewide needs utilizing FY2022 funding in Year 1 of the program. A formal application process will commence later this year. Application information will be made available on the Division of Homeland Security and Emergency Services’ Grant Programs webpage.
The release of the cybersecurity plan is Hochul’s latest step to strengthen the state’s cyber defenses and ensure the state and its local partners are prepared as digital threats continue to increase.
In August 2023, Hochul released the New York State Cybersecurity Strategy based on unification, resilience, and preparedness. The Cybersecurity Strategy’s five pillars –Operate, Collaborate, Regulate, Communicate, and Grow– informed the development of the Grant Plan and are reflected throughout.
This year, to protect New York’s critical infrastructure, Hochul has also proposed new hospital cybersecurity regulations and signed landmark legislation to protect New York’s energy grid from cyberattacks. As cyber threats rapidly evolve, New York remains at the cutting edge of cybersecurity policy and continues to strengthen defenses across the public and private sectors.
“…[T}hrough our partnership with President Biden and Congress, New York is investing in a safer and more resilient cyber future for our communities,” said New York State Chief Cyber Officer Colin Ahern.
–-With Ricky Rillera/PDM