GrantExec

Cybersecurity Incident Response Planning and Tabletop Exercise Grant

This funding opportunity provides financial support to Massachusetts state agencies for developing cybersecurity incident response plans or conducting tabletop exercises to improve their readiness against cyber threats.

$40,000
Active
Recurring
Grant Description

The Cybersecurity Incident Response Planning and Tabletop Exercise Grant Opportunity is a competitive funding program administered by the Massachusetts Executive Office of Public Safety and Security's Office of Grants and Research (OGR). This program is designed exclusively for Massachusetts state agencies and aims to strengthen the stateโ€™s cybersecurity posture through the development of Incident Response Plans (IRP) or the execution of Tabletop Exercises (TTX). The funding originates from federal sources via the U.S. Department of Homeland Security (DHS) and its Federal Emergency Management Agency (FEMA), specifically under the State and Local Cybersecurity Grant Program (SLCGP), with additional support from the Healey-Driscoll Administration through matching state funds. The primary objective of this funding opportunity is to assist state agencies in reducing their cybersecurity vulnerabilities and threats, and in mitigating the impact of cyberattacks. Agencies can apply to either develop a formal Cyber IRP or conduct a TTX to test and refine an existing one. These exercises are intended to help agencies modernize their cybersecurity frameworks, align with Zero Trust Architecture principles, and prepare their cross-functional teams, including senior leadership, for real-world cyber incidents. Each applicant may only pursue one of these two allowable objectives per application cycle. A total of approximately $1,000,000 in funding is available through this program. State agencies may request up to $40,000 to develop a Cyber IRP or up to $30,000 to implement a TTX. The awarded funds must be used with a vendor approved by the Commonwealth, listed through the COMMBUYS system, and may only be spent on direct project costs. Unallowable expenses include personnel, administrative costs, equipment, and food. State match requirements mandated by FEMA will be covered by the Commonwealth. However, these match funds must be spent by June 30, 2026, or the subrecipient will be responsible for providing their own match. Applicants must be Massachusetts state agencies, including independent or quasi-public agencies, district attorney offices, and sheriff departments. Municipalities, nonprofits, and private entities are not eligible. The Chief Executive Officer of the applying agency must sign the application, and each agency may only submit one application. Additionally, subrecipients are required to maintain SAM registration, obtain a Unique Entity Identifier (UEI), and complete several cybersecurity compliance steps, including Cyber Hygiene Services from CISA, adherence to Homeland Security Exercise and Evaluation Program (HSEEP) standards, and completion of the Nationwide Cybersecurity Review (NCSR). Applications are due by 4:00 p.m. on October 1, 2025. Optional support is available through a webinar scheduled for September 16, 2025, at 11:00 a.m. Award announcements are anticipated in November 2025, with the grant performance period expected to run from November/December 2025 through June 30, 2026. Required documents include a completed online application and a Budget Excel Workbook (Attachment B). Email submissions will not be accepted. Applications will be evaluated through a peer review process using a detailed scoring rubric that includes the applicant's organizational profile, needs assessment, project description, milestones, and budget justification. All awards will also be subject to final approval by FEMA. Additional monitoring or special conditions may be required based on a risk assessment conducted by OGR. For further information, applicants may contact Program Coordinators Sarah E. Cook or Ira Berberaj via email at sarah.e.cook@mass.gov and ira.berberaj@mass.gov respectively.

Funding Details

Award Range

$30,000 - $40,000

Total Program Funding

$1,000,000

Number of Awards

33

Matching Requirement

Yes - Verification required

Additional Details

Agencies may request $40,000 for IRP development or $30,000 for a TTX. Funds must be used with approved vendors listed in COMMBUYS. State match will be provided by the Commonwealth but must be used by June 30, 2026, or agencies must self-fund the match.

Eligibility

Eligible Applicants

State governments

Additional Requirements

Only Massachusetts state agencies are eligible. This includes independent or quasi-public agencies, district attorney offices, and sheriff departments. Municipalities, nonprofits, and private vendors are not eligible. Only one application per agency is permitted, and the agency's CEO must sign the application.

Geographic Eligibility

All

Expert Tips

Register early for UEI and SAM, budget must enhance agency services, use only approved vendors

Key Dates

Application Opens

August 27, 2025

Application Closes

October 1, 2025

Contact Information

Grantor

Sarah E Cook

Subscribe to view contact details

Newsletter Required
Categories
Safety
Disaster Prevention and Relief
Science and Technology

Subscribe to access grant documents