State and Local Cybersecurity Grant Program (SLCGP)

  1. Home
  2. Programs
  3. Cybersecurity
  4. State and Local Cybersecurity Grant Program (SLCGP)

State and Local Cybersecurity Grant Program (SLCGP)

The U.S. Department of Homeland Security (DHS) is providing funding to address cybersecurity risks and threats to information systems of State, Local, and Territorial (SLT) subrecipients. The State of New Mexico SLCGP Cybersecurity Planning Committee (Planning Committee) developed a statewide Cybersecurity Plan, which included a cybersecurity capabilities assessment to form an initial understanding of the cybersecurity posture across New Mexico. Based on the assessment results, the Planning Committee identified and approved five (5) initial cybersecurity projects to address cybersecurity gaps leveraging federal fiscal year (FY) 2022 (Year 1) SLCGP funding.

Available Projects for Year 1 of the SLCGP

Through the development of the SLCGP Cybersecurity Plan, the Planning Committee has identified and approved the following five (5) initial projects to increase cybersecurity capabilities:

  1. Cybersecurity Governance and Planning – Receive assistance to establish or enhance cybersecurity governance (e.g., cyber plans, policies & procedures, standards, organization structure) and implement or increase the adoption of cyber-hygiene and best practices (e.g., multi-factor authentication, enhanced logging, migration to .gov internet domain).
  2. Cybersecurity Risk Assessments – Obtain assistance with performing cybersecurity risk assessments (e.g., Nationwide Cybersecurity Review (NCSR)) to better understand cybersecurity posture, identify cybersecurity risks, and determine gaps in cybersecurity controls. Assessment results will be leveraged to update the statewide Cybersecurity Plan and identify and prioritize future SLCGP-funded projects. RFQ: Risk Assessment
  3. Vulnerability and Attack Surface Management – Receive cybersecurity risk mitigation services through the deployment and integration of vulnerability and attack surface management capabilities.
  4. Cybersecurity Training – Obtain basic cybersecurity awareness and phishing training for employees.
  5. Cybersecurity Workforce Development Planning – Participate in development of the strategic plan and roadmap for assessing cybersecurity workforce capabilities and implementing cybersecurity workforce development and training programs through the National Initiative for Cybersecurity Education (NICE) Framework.

The Planning Committee has coordinated with the New Mexico Office of Cybersecurity to implement and provide cybersecurity projects as services to eligible entities. To maximize funding and resources, the Planning Committee encourages eligible entities to apply for projects as State-provided services.

SLCGP Subrecipient Requirements

How an entity implements cybersecurity capabilities (through State-provided services, direct funding, or a combination of both) will dictate associated requirements that the entity must meet through the implementation of those cybersecurity capabilities:

Entity Receiving State-Provided Services

  • Obtain cybersecurity services and capabilities provided by the New Mexico Office of Cybersecurity.
  • Coordinate with the NM Office of Cybersecurity to scope and define project requirements.

Entity Applying for Direct Funding

  • Submit Investment Justification form and Project Worksheet to implement projects that meet the goals of the NM Cybersecurity Plan.
  • Responsible for any SLCGP cost-share requirements.
  • Fulfill quarterly programmatic and financial reporting and documentation requirements.
  • Subject to audit and oversight reviews as permitted by the grant program.

How to Participate

For additional information, you may e-mail the Planning Committee at: Cybersecurity.Planningcommittee@doit.nm.gov 

*Note: The sub-recipient grant application process for FY 2022 (Year 1) of the SLCGP has CLOSED. However, we encourage you to periodically revisit this website and look out for other communications from the New Mexico Office of Cybersecurity on the opening of the FY 2023 (Year 2) sub-recipient grant application process.