Local governments are under attack from ruthless and resourceful cyber criminals. According to one recent report, almost 70% of city and county IT leaders have dealt with ransomware attacks in the last year—and from Dallas to Oakland, they’re often falling victim.

It’s never been more important for local governments to take cybersecurity seriously by investing the time and money necessary to put robust protections in place. The Kentucky Department of Homeland Security is stepping up to help by offering generous cybersecurity grants to local governments for cybersecurity upgrades. The application window is short, though.

The quick rundown below explains everything you need to know. And if you have questions or want help completing the application in the time remaining, Dean Dorton is here to get it done.

City and country governments across Kentucky are eligible for the State and Local Cybersecurity Grant Program (SLCGP). Locally-owned infrastructure such as the water company, school district, or police force are also eligible. Private companies and nonprofits are not eligible.

Grant recipients can use the funds for almost any activity related to improving cybersecurity. Examples include drafting policies and procedures, hiring security staff or contractors, conducting vulnerability assessments, replacing old or risky hardware and software, buying backup storage, offering security awareness training, and more. The grants will not pay for things like ransom demands or cyber insurance premiums.

The SLCGP will award $7,413,939 in grants. Local governments will be the biggest beneficiaries, with 80% of the total or $5,931,151 going to cities and counties. There are no minimum or maximum limitations placed on the grants. The period of performance is 48 months, so funding for any products, personnel, or services purchased with grants will expire on Nov 30, 2027.

Grants awarded under the SLCGP will reimburse 100% of the cost of allowable expenses. However, the entity that gets the grant must match 20% of the funds awarded. That means if a city won a $10,000 grant to pay for vulnerability assessments, it would need to provide $2,000 of local funding.

Grant seekers must first complete an online cybersecurity gap analysis, available here, followed by a self-certification process, but only for those cities and counties with more mature cybersecurity already in place. The application itself requires quotes for the products/services the grant will pay for along with other details and documentation.

The deadline to apply for grants is September 15th. The Dean Dorton team is here to help cities and counties navigate the application process before this major funding opportunity goes away. There’s still time, so contact us ASAP.