Jenny Lent
Date: December 17, 2024
Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of the National Cyber Director (ONCD) published Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure which provides federal grant-awarding program managers and critical infrastructure owners and operators with tools to both effectively communicate cybersecurity needs and related actions to build cyber resilience into their projects.
The guide provides actions to build baseline cybersecurity best practices into grant-funded projects and develop long-term strategies to continuously address cybersecurity risk even after the award completes. CISA and ONCD sought to make this Playbook immediately actionable by grant programs by providing model language for inclusion in Notice of Funding Opportunities (NOFOs) and award terms and conditions. Specifically, this guidance contains:
Recommended actions to incorporate cybersecurity into grant programs throughout the grant management lifecycle.
Model language for grant program managers and sub-awarding organizations to incorporate into NOFOs and Terms & Conditions.
Templates for recipients to leverage when developing a Cyber Risk Assessment and Project Cybersecurity Plan.
Comprehensive list of cybersecurity resources available to support grant recipient project execution.
To reduce burden on the grant making agency and on the grant recipient, CISA and ONCD crafted the recommended approach to be maximally flexible for the recipient while providing a mechanism to support baseline cybersecurity best practice inclusion in infrastructure projects.
Federal grant program managers administrating grants, the state governments, or others sub-awarding grant program funds, and critical infrastructure owners and operators applying for federal grants are encouraged to review and incorporate this guidance. The playbook can be found here on CISA.gov.
MS-ISAC is pleased to announce that the recording of the presentations from the SOC Forum, held on December 18, 2024, is now accessible for viewing here.
Joe Lape
CISA
Cybersecurity Discussion
Statewide Cyber Security Insurance
Power School
Hosted vs On Prem
Set up geo fencing
Power School to reach out to affected schools
Potential Statewide Identity Theft - Aura