Municipal Cybersecurity Awareness Grant Program

The Office of Municipal and School Technology (OMST) administers this program to improve cybersecurity posture through end-user training, evaluation, and simulated phishing campaigns. Please review the program eligibility details and application instructions below.

Local government agencies apply to participate in the grant program through a competitive application process each fall. Program costs are covered by the Executive Office of Technology Services and Security. OMST monitors participation and provides ongoing support via office hours, our SharePoint site, and the CyberAwarenessGrant@mass.gov email. Organizations have full access to content, tools, user management, and reports to help engage their users.

Table of Contents

What is the program?

The Executive Office of Technology Services and Security's (EOTSS) Office of Municipal and School Technology procures and manages the Municipal Cybersecurity Awareness Grant Program (MCAGP) – making the program free to participating organizations. Our program improves overall cybersecurity posture through end-user training and simulated phishing campaigns.

Information about the program learning paths:

We’ve built on the success of our newly designed 2024 program to better serve participating organizations for 2025. Each awareness learning path delivers training and monthly simulated phishing campaigns.

There are four Learning Paths. Local government agencies must choose one or more; please be thoughtful about the most effective path(s) for your organization. The Education Path is only open to public schools wishing to enroll users to earn Professional Development Points (PDPs), though public schools may choose any of the other paths if they do not wish to earn PDPs.

  • Traditional: This learning path includes multiple short modules, no longer than 6 minutes each. 
  • Advanced: This learning path also includes multiple modules but is intended for a subset of your users that have a solid foundation of cybersecurity awareness. The local coordinator may enroll user(s) in this path enabling them to test out of modules. 
  • Comprehensive: This learning path offers longer, more in-depth modules intended for newer employees or those who may require additional training to gain a foundational understanding of cybersecurity awareness. The local coordinator may enroll user(s) in this path at their discretion.
  • Education: This learning path was designed with the public school sector in mind. This path includes training in a variety of formats (modules, games, videos, assessments, and independent reading) for a total of 10 hours and users will earn 10 Professional Development Points (PDPs)

A free Home Course will be made available to each 2025 MCAGP participating organization, which they may share with friends and family. Cybersecurity affects everyone -- the Home Course is a module that covers a variety of cybersecurity topics, offering cybersecurity training outside of the workplace.

Why use the program?

According to recent reports (IBM's Cost of a Data Breach Report 2024), "phishing and stolen or compromised credentials are the 2 most prevalent attack vectors. Both also ranked among the top 4 costliest incident types."

Cybersecurity awareness training will help ensure your employees know the latest techniques cyber criminals are using, how to identify phishing emails, and their role in keeping your organization safe from cyber attacks. Cybersecurity is everyone's responsibility.

We encourage you to watch a short video to hear why our cybersecurity training is important.

Who is eligible?

The 2025 MCAGP is open to local government agencies in the Commonwealth of Massachusetts:

  • Cities/Towns
  • Public school districts
  • Municipal libraries
  • Police departments and fire departments
  • Planning commissions
  • Municipally-run utility departments, airports, and housing authorities
  • Massachusetts Public Pension Systems (PERAC)

Employees in municipal functions that have a government network-specific domain are eligible to participate. 

OMST will award grants to municipal/local government agencies that demonstrate commitment from leadership for full engagement from their organization. Each awarded grant recipient must designate a local coordinator who will be responsible for administering this program. The local coordinator will have an obligation to spend approximately two hours per week to successfully improve cybersecurity awareness for every enrolled user.

Where can I learn more?

Informational sessions will be held to provide more details on the MCAGP and to answer any questions. Please find details and links to register below.

  • Tuesday, November 19, 10-11 AM: Register here
  • Tuesday, December 17, 10-11 AM: Register here

Should you have any further questions about the program, please click below to check out our Frequently Asked Questions (FAQ) or you can email us at CyberAwarenessGrant@mass.gov

How to apply

Organizations are encouraged to apply through a competitive application process which opens during October, Massachusetts Cybersecurity Awareness Month. Program costs are covered by EOTSS. OMST partners with organizations that are awarded the MCAGP by monitoring each organizations program, conducting regular communication with the designated Local Coordinator(s), and holding Office Hours

Applications will be reviewed on a rolling basis until all licenses have been awarded.

Next steps

Local government agencies are accepted into the grant program on a rolling basis after the application period opens. Applications will be reviewed on a rolling basis until all licenses have been awarded.

Review Process

The staff at the Executive Office of Technology Services and Security will review applications based on factors such as: 

  • A commitment to communicate and partner with EOTSS to better understand the importance of cybersecurity at the local level
  • A willingness to assign and support the Local Coordinator in their oversight of the program
  • An assurance that an email is assigned from your organizational domain for each user

Contact   for Municipal Cybersecurity Awareness Grant Program

Fax

(617) 626-4411

Address

McCormack Building - Main Office
1 Ashburton Place, 8th Floor, Boston, MA 02108

Help Us Improve Mass.gov  with your feedback

Please do not include personal or contact information.
Feedback