Other requests included faster sharing of federal cybersecurity intelligence with state and local agencies, and simplifying the application process so that small, resource-strapped communities can more easily access funds.
“These are often the very communities that would benefit the most,” Kramer said.
Robert Huber, chief security officer at Tenable, was also on the panel and agreed with Kramer:
“Any administrative burden that might be involved in applying for the grant would be significant for an entity such as that, smaller size. But make no mistake, those smaller rural entities, that could be [home to] the hydrostation that fuels a larger municipality. That's a national security [matter] and an economic impact to the region.”
RELATED: Explore critical infrastructure security strategies and solutions.
Local Jurisdictions Have the Most at Stake
Connecticut disperses funds to local jurisdictions as financial packages, whereas Utah and some other states directly purchase tools for specific jurisdictions. Despite a slow start to SLCGP due to lack of awareness, both Connecticut and Utah say that most if not all local jurisdictions are now aware of the program and benefit from the flexibility of the funding model.
“With funding secured through the SLCGP and corresponding state appropriations, a comprehensive cybersecurity initiative has been deployed across 140 governmental entities in the state,” Fuller said of Utah.
Small and rural communities’ needs are particularly dire, Kramer said during his testimony.
“Of the 19,000 municipalities nationwide, over 16,000 have populations under 10,000 people. Many have no dedicated IT staff at all.”
DIVE DEEPER: Small and rural communities are modernizing legacy tech.
Louisville used the funds to develop the Kentucky Cyber Threat Intelligence Cooperative. The platform shares timely, actionable cyberthreat information among regional governments and private sector partners.
“This grassroots multisector effort strengthens the entire region's cyber resilience, not just Louisville's, and it wouldn't be possible without this grant program,” Kramer said.
Kramer also advocated for larger cities to be able to apply directly for grant funding.
“We urge Congress to create a complementary direct-funding track for eligible larger municipalities,” he said.
Lawmakers Express Bipartisan Support
Lawmakers on the committee by and large expressed bipartisan support for the program.
“Getting this reauthorized and fixed, I think, is a very important goal that we all have,” said Rep. Andrew R. Garbarino, R-N.Y., who serves as chair of the subcommittee.
Rep. Eric Swalwell, D-Calif., ranking member of the subcommittee, added, “Reauthorizing the cybersecurity grant program is necessary to ensure we do not take our foot off the gas at this critical time, and passing a reauthorization bill before this program expires in September is one of my top priorities on the committee.”