CPU Funding Opportunities

A header image of computer code overlaid with the logo of the Cyber Preparedness Unit

Maryland organizations and jurisdictions have access to multiple funding streams to support their development, resilience, and cyber maturity.

To learn more about what's available, check out the list below!

State + Local Cybersecurity Grant Program

The FFY 2023 Application period is now closed. Applications are being reviewed by the committee and announcements will be made soon.

General Info:

The goal of the State and Local Cybersecurity Grant Program (SLCGP) is to help states, local governments, rural areas, and territories address cybersecurity risks and cybersecurity threats to information systems. The program enables DHS to make targeted cybersecurity investments in state, local and territorial government agencies, thus improving the security of critical infrastructure and resilience of the services that state, local, and territorial governments provide to their communities.

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Emergency Management Agency (FEMA) are jointly managing the SLCGP. CISA will provide subject-matter expertise and determine allowable activities, while FEMA will conduct eligibility reviews and issue/administer the grant awards consistent with all applicable laws, regulations, and policies.

(Read the official FEMA Notice of Funding for this grant here)

Background, Purpose, & Strategy

In Maryland, the strategy for prioritizing and approving projects using SLCGP funds will be developed and maintained by the State of Maryland SLCGP Planning Committee.

The purpose of the Maryland State and Local Cybersecurity Grant Program Planning Committee (the “Committee”) is to develop, approve, implement, monitor, review, and revise as appropriate a strategic plan (the “Funding Plan”) that establishes funding priorities and approves projects, which are intended to identify, assess, and address cyber risks within and across state and local government organizations in the State of Maryland in accordance with the requirements of the Infrastructure Investment and Jobs Act (IIJA) (Pub. L. No. 117-58) and the State and Local Cybersecurity Grant Program (SLCGP) administered by the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA).

The SLCGP funds granted to the State of Maryland will be distributed by the Committee. The Committee will award subapplicants who demonstrate the ability to put forward the most competitive projects, in alignment with the project application, and maintain federal and state grant compliance.

FFY 2022 Next Steps

The following information applies only to those who submitted projects by the June 17, 2024 deadline and were approved for SLCGP funding.

Congratulations to the the FFY 2022 applicants that have received SLCGP funding! Below, you'll find the continuing requirements for completing your project:

General Information for Subrecipient Projects

NOTE: The information below is general information for approved projects. If you have received SLCGP funding, you MUST recived the SLCGP Subaward Guidelines document that was emailed to your project's desingated primary point of contact for a full list of continuing requirements.

Reimbursement Process

The SLCGP is a reimbursement-based grant program and will reimburse jurisdictions for approved grant project-related expenses. Subrecipients who seek reimbursement for project-related expenses are required to provide documentations that supports the proof of purchase and the proof of payment. The subrecipient must ensure that the documentation is complete and accurate to prevent delays in the review, approval, and payment process.

All documentation submitted with the reimbursement request must demonstrate what product/work the reimbursement request is for and that the expense in question is both in compliance with the approved project and allowable under FEMA's FFY 2022 NOFO and the conditions set forth in the Maryland FFY 2022 Funding Guide.

Programmatic Reporting

If your project is a one-time expense:
You will not need to complete quarterly reports; instead, you will complete a one-time closeout report.

If your project is NOT a one-time expense:
Subrecipients are required to submit various financial and programmatic reports as a condition of award acceptance for subrecipient projects. Future awards and funds drawdown may be withheld if these reports are delinquent. Records of these reports, along with any additional documentation supporting the financial expenditures for the project, should be held for at least 3 years after the end of the project's period of performance.

Subrecipient Quarterly Status Reports (QSRs)
Subrecipients are required to report financial and programmatic information on a quarterly basis. The passthrough entity (MDEM) will provide a template for the subrecipients to utilize and will allow subrecipients to report on:

Expenditures & obligations
Brief narrative of project(s) status
Summary of project expenditures
Description of any potential issues that may affect project completion
Data collected for any additional Committee performance measure requirements

NOTE: Recipients are required to submit an updated SLCGP Measurable Milestones document (provided in the QSR template)

The QSR template is available here.

Deadlines for QSRs

For the reporting period of July 1 - Sep 30, reports are due October 15.
For the reporting period of Oct 1 - Dec 31, reports are due January 15.
For the reporting period of Jan 1 - Mar 31, reports are due April 15.
For the reporting period of Apr 1 - Jun 30, reports are due July 15.

Closeout Reporting Requirements
Subrecipients are required to submit a final report within two weeks of project completion.

Please note that all FY 2022 projects must be completed by:
September 30, 2026.

This report is in alignment with closeout reporting requirements as stated in the FEMA SLCGP NOFO. Subrecipients will utilize the final report document to:

Provide a final progress report detailing all accomplishments, including a narrative summary of the impact of those accomplishments throughout the period of performance.

The Closeout Report template is available here.

Submit other documents as required by the Committee or the passthrough entity (MDEM), including:

All invoices not previously submitted (see reimbursement information above)

Where to Submit Reports
Reports may be submitted by email to slcgp.grant@maryland.gov.
Please use the following subject line formatting:

For Quarterly Reports
FY[funding year] SLCGP - [Subrecipient Name] - [Project Title] Quarterly Report
For Closeout Reports
FY[funding year] SLCGP - [Subrecipient Name] - [Project Title] Closeout Report
Example: "FY[22] SLCGP - [MDEM] - [SLCGP Project 1] Quarterly Report"

General Information for ISO (aka the Local Support Program) Shared Service Recipients

The Maryland Department of Information Technology (DoIT) oversees the Local Support Program. Information and next steps for this program will be sent to your designated primary point of contact.

FFY 2023 Next Steps

The following information applies only to those who submitted projects by the October 3, 2024 deadline.

The FFY 2023 application period is now closed.
Applications are being reviewed by the Committee and announcements will be made soon.

Want to Learn More?

If you have questions about the SLCGP or the application documents, please email slcgp.grant@maryland.gov.

General Information about the Maryland SLCGP

If you are a subrecipient of FFY 2022 SLCGP funds, please review the Maryland FFY2022 SLCGP Subrecipient Funding Guide for detailed grant information.

If you are a subrecipient of FFY 2023 SLCGP funds, please review the Maryland FFY2023 SLCGP Funding Guide for detailed grant information.

For more general and commonly requested information, please review the Maryland SLCGP FAQ. [PDF] [Word]

SLCGP Planning Committee Minutes & Agendas

Find these on MDEM's Public Meetings page!