Applications are now open for New York State’s combined FY2022 and FY2023 State and Local Cybersecurity Grant Program (SLCGP), which will provide Multi-Factor Authentication (MFA) tokens to eligible local government entities. The initiative, announced by Governor Kathy Hochul, is intended to reduce cyber risk and improve cyber resiliency across the state.
“From our bank accounts and social media to the critical infrastructure we rely on as a state, every facet of everyday life depends on a robust network of cybersecurity systems,” Governor Hochul said. “I’m investing in modern cyber infrastructure and tools so New York stays ahead of emerging threats and to ensure that every New Yorker feels secure in the systems they count on.”
The program uses more than $13.9 million in federal funding through the SLCGP, part of the Infrastructure Investment and Jobs Act of 2021. The funds will be used to expand access to cybersecurity tools for public sector entities in New York, allowing them to strengthen their defenses against increasing cyber threats.
New York will procure MFA tokens directly for eligible entities approved for shared services. The Office of Information Technology Services will handle distribution, training, and support related to these tokens.
Multi-Factor Authentication requires users to provide two or more verification factors before accessing resources, making it harder for unauthorized individuals to gain entry into government systems.
Colin Ahern, New York State Chief Cyber Officer, stated: “Multi-factor authentication is one of the strongest defenses we have against online threats. Government services are delivered increasingly by, with, and through computers and protecting them from damaging cyber attacks has never been more important. With these investments, New York State is helping to reduce cyber risks and protecting New Yorkers from dangerous cyber attacks.”
Jackie Bray, Commissioner of the Division of Homeland Security and Emergency Services, commented: “The safe and secure functioning of our economy, critical infrastructure, and government services depends on our ability to protect digital infrastructure and sensitive information. However, as global cyberattacks increase in both frequency and sophistication, fueled in part by the professionalization of the global cybercrime industry, we must raise the bar for what is necessary to successfully defend systems and networks. Cybersecurity attacks remain one of the most critical threats to our residents, businesses and infrastructure. New York State remains committed to mitigating these threats through policy, educational resources, and financial resources aimed at protecting our communities.”
Dru Rai, Chief Information Officer for New York State’s Office of Information Technology Services added: “Multi-Factor Authentication (MFA) is a critical tool in protecting government workers and the systems they operate from the impact of growing cyber threats… The $13.9 million in newly announced State and Local cybersecurity grant funding will assist public sector entities across New York in deploying essential cybersecurity tools…”
Senator Charles Schumer noted: “The threat of cyberattacks for our local governments has never been greater… I’m proud to deliver nearly $14 million in federal funding from my Bipartisan Infrastructure & Jobs Law… We need to use every tool at our disposal…” Senator Kirsten Gillibrand also highlighted: “Protecting critical services from cyberattacks is essential… I am grateful that these grants will strengthen our investment in cybersecurity…”
State Senator Shelley B. Mayer welcomed schools’ eligibility under this grant program as an important step toward supporting education system security needs as reliance on digital platforms grows.
Other officials—including Senator Kristen Gonzalez; Assemblymember Steve Otis; Stephen Acquario from NYS Association of Counties; Christopher A. Koetzle from Association of Towns; Barbara Van Epps from NYS Conference of Mayors; Kyle Belokopitsky from NYS PTA—expressed appreciation for increased support toward improving local governments’ abilities to address evolving cybersecurity challenges.
Under Governor Hochul’s leadership since 2023–2025 there have been several initiatives such as expanding shared service programs with new capabilities like endpoint detection/response (EDR) as well as attack surface management (ASM), introducing hospital-specific regulations regarding cybersecurity standards https://www.governor.ny.gov/news/governor-hochul-announces-nations-first-cybersecurity-regulations-hospitals-new-york-state , passing legislation requiring mandatory reporting on municipal-level incidents/ransom payments https://www.governor.ny.gov/news/governor-hochul-signs-legislation-strengthen-new-yorks-cybersecurity-protections-energy-grid , upgrading statutes governing digital protection statewide https://www.governor.ny.gov/news/governor-hochul-releases-nys-cybersecurity-strategy . These measures aim at strengthening both public- and private-sector preparedness against fast-evolving digital threats.
