Menu
2022 Session

Budget Amendments - HB30 (Floor Approved)

View Budget Item
View Budget Item amendments

State and Local Cybersecurity Program

Item 93 #1h

Item 93 #1h

First Year - FY2023 Second Year - FY2024
Administration
Virginia Information Technologies Agency FY2023 $2,139,640 FY2024 $2,781,532 GF
FY2023 $12,837,837 FY2024 $8,558,559 NGF

Language
Page 79, line 42, strike "$52,932,842" and insert "$67,910,319".
Page 79, line 42, strike "$54,623,639" and insert "$65,963,730".

Page 81, after line 6, insert:

"F.1. Out of the amounts provided in this item, $2,139,640 the first year and $2,781,532 the second year from the general fund to serve as the state match for the $12,837,837 the first year and $8,558,559 the second year in nongeneral federal appropriation provided in this Item for Virginia to participate in the State and Local Cybersecurity Improvement Act subtitle of the Infrastructure Investment and Jobs Act of 2021, P.L. 117-58. The Virginia Information Technologies Agency (the agency) shall take the necessary steps to obtain and use the cybersecurity grant funding that is available to Virginia under this program. The amounts provided herein are intended to serve as the full program match and appropriation for stated grant availability in federal fiscal years 2022 through 2025.

2. In accordance with the federal grant requirements, the agency shall establish, and identify candidates for appointment by the Governor to a planning committee that includes members from (i) state government; counties, cities, and towns; institutions of public education and health within Virginia; and (ii) suburban, rural, and high-population jurisdictions. No less than half of the members shall have substantial professional experience in cybersecurity or information technology. The Chief Information Officer of the Commonwealth, or the Chief Information Security Officer as designee, shall be the chair of the planning committee. Staffing for the planning committee shall be provided by the agency. In addition, the agency shall: (i) develop a cybersecurity plan, present such plan to the planning committee for approval, and submit such plan to the appropriate federal officials in compliance with the federal program requirements; (ii) propose priorities for grant funding for the planning committee's consideration and approval, in establishing priorities, the committee shall consider the needs of local school divisions; (iii) approve, manage, and allocate grant funding once received, ensuring that the grants fit within the priorities approved by the planning committee; and (iv) report on program's activities to the House Appropriations Committee and the Senate Finance and Appropriations Committee by October 1 of each year of the program. To the extent permitted by federal grant guidelines, the agency may retain a portion of the federal grant funding to reimburse actual costs incurred in providing support and administration of the provisions of this paragraph."



Explanation

(This amendment provides $2,139,640 the first year and $2,781,532 the second year from the general fund and $12,837,837 the first year and $8,558,559 the second year in nongeneral federal fund appropriation for Virginia to participate in the State and Local Cybersecurity Improvement Act authorized by the Infrastructure Investment and Jobs Act of 2021. In accordance with the federal program, state funds are required in a progressive match ratio to qualify for a total of $21.4 million in federal funds. In accordance with the federal program requirements, 80 percent of funding received must be directed to local governments to assist with developing and/or strengthening cybersecurity programs. The general fund provided by this amendment is intended to serve as state match for the federal funding, and both the general and nongeneral appropriations provided herein are intended to cover federal fiscal years 2022 through 2025 for which this program is established. Language provisions of this amendment direct the Virginia Information Technologies Agency (VITA) to serve as staff for the program and to perform all duties as required by the federal grant program, to include guide the Governor's selection of a planning committee, the development and submission of a requisite cybersecurity plan to the federal Department of Homeland Security, and other reporting and administrative duties as are required by the federal grant program. Finally, the language directs the planning committee in its' determination of priorities for grant funding, to consider needs of local school divisions. A companion amendment to House Bill 29 provides the language to initially establish the planning committee and perform other duties as required by the program to ensure Virginia is eligible to receive the grant funds in a timely fashion.)