About the Municipal Cybersecurity Awareness Grant Program

The Executive Office of Technology Services and Security's (EOTSS) Office of Municipal and School Technology procures and manages the Municipal Cybersecurity Awareness Grant Program (MCAGP) – making the program free to participating organizations. Our program improves overall cybersecurity posture through end-user training.

Information about the program learning paths:

We’ve modified the awareness learning path offerings for 2024 to better serve participating organizations. Each awareness learning path delivers training and monthly threat simulations (phishing campaigns).

There are four Learning Paths. Local government agencies may choose one or more; please be thoughtful about the most effective path(s) for your organization. The Education Path is only open to public schools wishing to enroll users to earn Professional Development Points (PDPs).

• Traditional: This learning path runs from January through December and includes multiple short modules, no longer than 6 minutes each. 
• Advanced: This learning path runs from January through December and also includes multiple short modules but is intended for a subset of your users that have a solid foundation of cybersecurity awareness training. The local coordinator may enroll user(s) in this path enabling them to test out of modules. The content in the Advanced Learning Path may not be the same as the content in the Traditional Learning Path. 
• Comprehensive: This learning path runs from January through December and offers longer, more in-depth modules intended for newer employees or those who may require additional training to gain a foundational understanding of cybersecurity awareness. The local coordinator may enroll user(s) in this path at their discretion.
• Education: This learning path was designed with the public school sector in mind. This path includes in-depth modules for a total of 10 hours and users will earn 10 Professional Development Points (PDPs). 

A free Home Course will be made available to each 2024 MCAGP participating organization, which they may share with friends and family. Cybersecurity affects everyone -- the Home Course is a module that covers a variety of cybersecurity topics, offering cybersecurity training outside of the workplace.

Why use the program?

According to recent reports (2023 Verizon Data Breach Investigation Report), 74% of all breaches include the human element, with people being involved either via error, privilege misuse, social engineering or use of stolen credentials.

Cybersecurity awareness training will help ensure your employees know the latest techniques cyber criminals are using, how to identify phishing emails, and their role in keeping your organization safe from cyber attacks. Cybersecurity is everyone's responsibility.

We encourage you to watch a short video to hear what organizations are saying about our cybersecurity training.

The 2024 MCAGP is open to local government agencies in the Commonwealth of Massachusetts:

• Municipalities
• Public school districts
• Municipal libraries
• Police departments and fire departments
• Planning commissions
• Municipally-run utility departments, airports, and housing authorities
• Massachusetts Public Pension Systems (PERAC)

Employees in municipal functions that have a government network-specific domain are eligible to participate. 

OMST will award grants to municipal/local government agencies that demonstrate commitment from leadership for full engagement from their organization. Each awarded grant recipient must designate a local coordinator who will be responsible for administering this program. The local coordinator will have an obligation to spend approximately two hours per week to successfully improve cybersecurity awareness for every enrolled user.

We have completed all of our informational sessions at this time, but you may request access to the recording by emailing us at cyberawarenessgrant@mass.gov. 

Should you have any further questions about the program, please click below to check out our Frequently Asked Questions (FAQ) or you can email us at cyberawarenessgrant@mass.gov.

Organizations are encouraged to apply through a competitive application process which opens during October, Massachusetts Cybersecurity Awareness Month. Program costs are covered by EOTSS. OMST partners with organizations that are awarded the MCAGP by monitoring each organizations program, conducting regular communication with the designated Local Coordinator(s), and holding Office Hours

We are no longer accepting applications at this time. If you have any questions, please email us at cyberawarenessgrant@mass.gov.

Local government agencies are accepted into the grant program on a rolling basis after the application period opens. The application period will close when all available seats are taken or January 10, whichever occurs first.

Review Process

The staff at the Executive Office of Technology Services and Security will review applications based on factors such as: 

• A commitment to communicate and partner with EOTSS to better understand the importance of cybersecurity at the local level
• A willingness to assign and support the Local Coordinator in their oversight of the program
• An assurance that an email is assigned from your organizational domain for each user