Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Cyber grants deliver results, state CISOs confirm – but Congress must act before time runs out

(McCrary Institute)

By Don Kauffman

Federal cybersecurity grants for states and local governments are delivering measurable results – but unless Congress acts in the next two weeks, that support will expire.

On the latest episode of Cyber Focus, New Jersey Chief Information Security Officer (CISO) Michael Geraghty and Arizona CISO Ryan Murray made the case for renewing the State and Local Cybersecurity Grant Program (SLCGP). They described how the funding has already saved communities from costly ransomware attacks, provided shared services to municipalities that could never afford them on their own, and begun to stitch together the seams between local, state and federal cyber defenses.

Geraghty pointed to New Jersey’s investment of $5 million in endpoint detection and response tools, which he said stopped 179 ransomware attacks in a single year. The potential loss avoided: about $45 million. For him, the takeaway is straightforward: “It’s money well spent and something that’s tangible,” he said. “Through a grant program, we should be able to show the fruits of our labor and … I think we have a good story to tell as far as how we reduced risk in the state of New Jersey.”

Murray highlighted how Arizona is using SLCGP funds to establish student-led regional security operations centers in partnership with community colleges across the state. These SOCs extend protection to local governments that would otherwise struggle to build capacity, while also training students who will form the next generation of cyber professionals. “We’re not going to buy more tools with this money,” Murray explained, “but we’re going to help augment our staff and our resources.” The approach shows how federal grants can simultaneously fill workforce gaps and harden defenses in underserved communities.

Both leaders stressed that state and local governments cannot go it alone. Geraghty put it plainly: “There is no one organization that is going to be able to defend themselves against nation-state actors, cyber-terrorist organizations, transnational criminal groups, and even the hacktivists or low-level hackers.” The only way to stay ahead, he said, is through a coordinated strategy that maximizes shared resources across all levels of government.

Murray warned that without congressional renewal, the trust and momentum built through the program could erode quickly. Services that states are now providing at no cost to local governments could disappear, forcing municipalities to fend for themselves or pay for services they cannot afford. “A big way to break that trust is for us to take away the services that we’ve been providing,” he cautioned.

As host Frank Cilluffo underscored, even the federal government cannot face down nation-state adversaries alone. “It really is one team, one fight,” he said.

The question is whether Congress will keep that team funded – or let the clock run out.

You can watch the full episode and subscribe to Cyber Focus here.

Click to listen highlighted text!