$18.2 Million Funding Available for Tribal Government Cybersecurity

The Tribal Cybersecurity Grant Program (TCGP) is accepting applications through January 10, making $18.2 million in federal grant funding available to eligible tribes to reduce cyber risk.

Tribal nations across the country are often a lucrative target for attackers due to their operations of both government entities and gaming enterprises. Recent ransomware attacks show the urgent need for tribal nations to strengthen their cybersecurity posture and reduce risk. At the same time, many tribal governments do not have the resources, knowledge or budget to adequately protect their networks from compromise.

To help alleviate this issue, funding is now available through the Tribal Cybersecurity Grant Program (TCGP) to help tribal nations reduce cyber risk and implement cybersecurity solutions. This program is a component of the State and Local Cybersecurity Grant Program (SLCGP) established by the Infrastructure Investment and Jobs Act (IIJA) in 2021.

TCGP program objectives

TCGP has four key objectives:

1. Develop and establish appropriate governance structures, including by implementing or revising cybersecurity plans, to improve capabilities to respond to cybersecurity incidents and ensure continuity of operations.
2. Understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation and structured assessments.
3. Implement security protections commensurate with risk.
4. Ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility.

Tribal governments must address how they will meet program objective 1 in their FY 2023 application. Objectives 2, 3 and 4 are eligible, but are not required to be addressed in their FY 2023 applications.

Eligibility requirements, available funds and how to apply

Eligible tribal governments: All 574 federally recognized tribal governments are eligible to apply. A full list can be found here.

Funding available: $18.2 million in combined fiscal years (FY) 2022 and 2023 funding is currently available. Additional funding will become available in FY 2024 and FY 2025.

Competitive tier-based funding: Tribal governments will be divided into four tiers based on their overall population. Only tribes within the same tier will compete for funding. For more information review the Fact Sheet.

Specifics on the application: Now that the application period is open to receive funding, eligible tribes must:

• Submit an initial application through the portal at: www.grants.gov
• Submit a final application through the Non-Disaster (ND) Grants System by January 10, 2024
• Applications must include:
  • A cybersecurity planning committee list
  • A cybersecurity plan that meets the 13 requirements in the TCGP NOFO (pp. 68-70)
  • Charter

How Tenable One helps tribes meet TCGP requirements

To apply for funding tribes must submit a 13 point cybersecurity plan that shows how funding will be used to address cybersecurity needs and reduce cyber risk. The cybersecurity plan must align to the TCGP objectives mentioned above.

Tenable is uniquely positioned to help tribes reduce cyber risk through the Tenable One Exposure Management Platform. In fact, Tenable One helps tribes meet all of the 13 cybersecurity plan requirements, including critical capabilities such as continuous vulnerability management, prioritization and critical infrastructure protection.

Going beyond traditional IT, Tenable One analyzes cloud instances, web applications, critical infrastructure environments, identity access and privilege solutions such as Active Directory, and more — including highly dynamic IT assets like mobile devices, virtual machines and containers.

Once the complete attack surface is understood, the Tenable One platform applies a proactive risk-based approach to managing exposure, allowing tribes to continuously evaluate their cybersecurity posture and risk. With visibility into all assets and vulnerabilities across their attack surface, tribes can focus efforts to prevent likely attacks and accurately communicate cyber risk to support optimal agency performance.

Using Tenable One, tribes are able to meet all four TCGP program objectives. For more information on how Tenable helps tribes achieve objective number 2 (assess and evaluate systems and capabilities) read this blog.

Learn more

• Download the white paper: Meeting TCGP Cybersecurity Plan Requirements with Tenable Technologies
• Review the guidance: CISA TCGP Information Page, TCGP Fact Sheet, TCGP FAQ's
• View the TCGP NOFO: FY 23 Notice of Funding Opportunity