State Officials Urge Congress to Renew Cyber Grant Program
Data Breach TodayArchived May 22, 2026✓ Full text saved
Officials Warn Local Governments Lack Resources to Counter Advanced Threats State cybersecurity officials warned Congress that Chinese-linked intrusions and rapidly advancing artificial intelligence systems are overwhelming local defenses as states push lawmakers to expand long-term federal cyber grant funding and preserve federal coordination efforts.
Full text archived locally
✦ AI Summary· Claude Sonnet
Governance & Risk Management , Government , Industry Specific
State Officials Urge Congress to Renew Cyber Grant Program
Officials Warn Local Governments Lack Resources to Counter Advanced Threats
Chris Riotta (@chrisriotta) • May 21, 2026
Share Post Share
Credit Eligible
Get Permission
Image: U.S. Department of Homeland Security
State and local governments, public utilities and school districts across the United States are increasingly struggling to defend against rapidly evolving cyberthreats fueled by ransomware syndicates, state-sponsored hackers and artificial intelligence systems, officials warned lawmakers Thursday.
See Also: New Trend in Federal Cybersecurity: Streamlining Efficiency with a Holistic IT Approach eBook
Security officials from Tennessee, New York and Florida told the House Homeland Security cyber subcommittee that states are being forced to confront nation-state level threats with uneven resources, aging infrastructure and mounting operational demands. Witnesses repeatedly urged Congress to reauthorize and expand a state funding grant program through the proposed Providing Individuals Various Opportunities for Technical Innovation, Learning and Lasting Success in Cybersecurity Act, or PILLAR Act - while warning that continued cuts to federal cybersecurity coordination efforts could leave smaller jurisdictions exposed.
"The rapid evolution of advanced large language models introduces a new category of cybersecurity risk that state and local governments are not yet fully equipped to manage," said Kristin Darby, chief information officer for the state of Tennessee, adding that "the pace and scale of cyberthreats continue to outstrip the resources available at the state and local level."
States have struggled to bolster frontline cyber defenses amid proposed budget reductions at the Cybersecurity and Infrastructure Security Agency, uncertainty surrounding the Multi-State Information Sharing and Analysis Center and growing concerns about the implications of frontier AI systems (see: Congress Proposes Steep Cuts to CISA ). The federal government "has dramatically pulled back" it's cybersecurity resources for states just as the threat environment is accelerating at an unprecedented pace, said Samir Jain, vice president of policy for the Center for Democracy and Technology.
"The result is a widening gap between rapidly escalating threats and diminished federal capacity to help state and local governments meet them," Jain said.
The hearing also focused on the future of the State and Local Cybersecurity Grant Program, a federal initiative launched under the 2021 infrastructure law that has become one of the primary sources of cybersecurity funding for smaller governments, public utilities and school districts (see: CISA Unveils Final $100M Cyber Grants as State Burdens Soar ).
The PILLAR Act would extend and expand the program while aiming to stabilize long-term federal investment into state and local cyber resilience efforts.
The legislation would reauthorize the grant program through 2030 while prioritizing support for rural and underserved communities and expanding eligible funding categories tied to operational technology, critical infrastructure and AI-related risks.
"Sustained federal resources through the PILLAR Act and the State and Local Cybersecurity Grant Program are essential," said Colin Ahern, director of security and intelligence for New York, noting that the legislation would provide the funding "needed to modernize fragile systems and deploy enterprise-grade defenses across our state and local governments."
"Programs that states have built up over three years cannot be sustained at current scale without more financial support," he said. "In a meaningful number of cases, programs initiated with SLCGP funding will simply shut down, taking the cybersecurity posture of the jurisdictions they serve with them."
Lawmakers expressed bipartisan support for authorizing additional funding through the state grant program and the PILLAR Act throughout the hearing. Rep. James Walkinshaw, D-Va., said "there's strong support" within the committee to reauthorize the program despite the administration proposing continued cuts to federal cyber investments.
Walkinshaw, whose Northern Virginia district includes a dense concentration of federal employees and contractors swept up in the Trump administration's cyber and broader workforce cuts, warned that state and local governments are increasingly being asked to defend against threats once largely handled at the federal level. He said smaller jurisdictions in particular continue to be vulnerable to ransomware, supply-chain compromises and attacks targeting operational technology systems tied to water, transportation and emergency response services.
Several lawmakers also raised concerns about the operational consequences of shrinking federal cyber coordination efforts at CISA, particularly as states contend with a growing volume of AI-enabled attacks and Chinese-linked critical infrastructure intrusions. Witnesses repeatedly warned that frontier AI systems are dramatically compressing the time between vulnerability discovery and active exploitation, potentially overwhelming traditional patching and incident response models.
Florida's Chief Information Officer Warren Sponholtz said campaigns linked to Volt Typhoon and Salt Typhoon have forced Florida to shift toward a more proactive operational model, while urging lawmakers to reauthorize state funding programs with an eye towards permanent, sustainable and long-term investments.
"An adversary does not look at those responsibilities as separate silos," Sponholtz said, referring to Florida's utilities, transportation systems, schools and public safety networks. "An adversary sees one target. Our job is to build one coordinated defense."
Officials from all three states argued that statewide shared-services programs have become one of the few viable ways for smaller governments to access enterprise-grade cybersecurity protections amid persistent staffing shortages and budget constraints. Darby said Tennessee has engaged more than 1,500 organizations through its statewide cybersecurity initiative while helping nearly 300 organizations onboard to MS-ISAC services.
New York experienced similar results from the state's managed shared-services model, Ahern said, by deploying endpoint detection and response capabilities across more than 102,000 endpoints in local government environments and helping reduce reported ransomware incidents since 2023.
But witnesses warned those programs could become difficult to sustain if federal grant support expires or CISA coordination efforts continue to dwindle. Multiple officials also criticized reimbursement-heavy grant structures and cost-sharing requirements that smaller communities often struggle to meet.