The Florida Digital Service last week launched a $30 million program to distribute cybersecurity improvement grants to local governments across the state, part of a broader agenda that could spend as much as $150 million on the public sector’s IT security and resiliency.
The grants, which are to be awarded competitively, kicked off just a few days after officials at the U.S. Department of Homeland Security disclosed that Florida was one of two states that declined to apply for a new federal cyber grant program, which plans to distribute $1 billion nationwide over the next four years.
But the Florida Digital Service is going ahead with its own cybersecurity funding program for the state’s cities and 67 counties. According to documents published Feb. 16, when the application window opened, local governments that are approved will be able to avail themselves of the state government’s cyber assets, which include a security operations platform, endpoint detection software, email security services, multifactor authentication and other access management tools and vulnerability assessments.
Officials at the DHS’s Cybersecurity and Infrastructure Security Agency told StateScoop earlier this month that the first funds from its program, created by the 2021 infrastructure law, have started moving out to states whose plans have been approved. Forty-eight states, the District of Columbia and five territories have all applied. But officials in Florida — and South Dakota, the other state to decline participation — have called some of the federal program’s requirements for reporting and vulnerability scans as “invasive” and laden with “administrative burdens” in explaining their decisions. The two states have also noted that the CISA program is only temporary and requires states to post matching funds.
The DHS program “maintains invasive and bureaucratic requirements that will do little to enhance Florida’s cybersecurity capabilities,” a spokesperson told The Record earlier this month.
Dan Hoblick, a spokesperson for the South Dakota Bureau of Information and Telecommunications, told StateScoop that while Gov. Kristi Noem’s administration will continue to evaluate the CISA funding, any projects it could potentially cover need longer-term assurances.
“Governor Noem’s budget proposes investing substantial funds into state cybersecurity during this legislative session,” Hoblick wrote in an email. “Like many federal grants, there are substantial administrative burdens and a lack of clarity as to the requirements. Any projects would require substantial long-term investments by both state and local governments, specifically in funding and administrative oversight.”
Noem and Florida Gov. Ron DeSantis are among the Biden administration’s sharpest critics, and both are said to be considering running for the Republican Party’s 2024 presidential nomination.
The Florida Digital Service, which is led by state CIO James Grant, is scheduling a series of town halls and webinars on its grant program ahead of a March 31 application deadline. But the Florida program is not without requirements of its own: Local governments that are approved will be required to sign incident-response riders and data-sharing agreements with the state, according to the program’s documentation.
Along with the $30 million local grant program, Florida’s proposed budget for the 2022-23 fiscal year includes funding for major increases on state-government network resiliency, upgrades at the state’s public universities and the hiring of an additional 36 full-time employees at the Florida Digital Service.