State and Local Cybersecurity Grant Program (SLCGP)

The State and Local Cybersecurity Grant Program (SLCGP) has introduced an unprecedented opportunity for governments below the federal level to apply whole-of-state cybersecurity models to meet the persistent cyber threats they face. Information on the grant program, which is administered by the US Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA), can be found at cisa.gov/cybergrants. FAQs are available at https://www.cisa.gov/cybergrants-faq and https://www.fema.gov/sites/default/files/documents/fema_slcgp-faq_112022.pdf.

One of the requirements of the grant program is a State Cybersecurity Plan. The MS- and EI-ISAC, the Center for Internet Security (CIS), and CISA are able to support numerous required elements of your State Cybersecurity Plans as follows. 

Manage, monitor, and track information systems, applications, and user accounts 

CISA Offerings

N/A

Open Source Offerings

Asset Inventory Tools:

  • Snipe-IT
  • OpenAudIT
  • Nmap
  • Zenmap

Identity Access Mgmt & MFA Tools:

  • Authentik
  • Ory
  • PrivacyIDEA

Best Practices

  • Asset inventory tool
  • Identity Access & Management solution
  • Multi-Factor Authentication (MFA)

Monitor, audit, and track network traffic and activity to/from information systems, applications, and user accounts

CIS | MS-ISAC

No-Cost Offerings

Fee-Based Offerings

CISA Offerings

N/A

Open Source Offerings

Network Monitoring Tools:

  • ELK stack
  • pfSense
  • Snort
  • Suricata
  • OpenNAC
  • PacketFence

Data Breach Detection & Response:

  • OpenDLP

Security Incident & Event Mgmt (SIEM) Tools:

  • SIEM Monster
  • AlienVault OSSIM
  • Google Rapid Response
  • Security Onion
  • WAZUH

Best Practices

  • Security Incident & Event Management
  • Consolidated log storage
  • Network segmentation

Enhance preparation, response, and resiliency of information systems, applications, and user accounts

CISA Offerings

Open Source Offerings

  • Open SCAP
  • RANCID
  • Zabbix
  • Hive/Cortex
  • SIFT Workstation

Best Practices

  • Secure builds
  • Monitoring
  • Disaster recovery site
  • Offline backups
  • Network segmentation
  • MFA

Implement continuous cybersecurity vulnerability assessments and threat mitigations prioritized by risk severity

CISA Offerings

  • Cyber Hygiene ("CyHy")
  • Known Exploited Vulnerability Catalog
  • National Cybersecurity and Communications Integration Center
  • Automated Indicator Sharing

Open Source Offerings

  • OpenVAS
  • MISP

Best Practices

  • Regular vulnerability scans focused on externally facing and critical systems
  • Regular patch and configuration management
  • Change control processes

Ensure adoption and use of best practices and methodologies to enhance cybersecurity, such as practices set forth in NIST cybersecurity framework; of cyber supply chain risk management best practices identified by NIST; and of knowledge bases of adversary tools and tactics

CISA Offerings

N/A

Open Source Offerings

Best Practices Frameworks & Resources:

  • NIST Cybersecurity Framework
  • MITRE ATT&CK
  • StateRAMP

Best Practices

N/A

Promote delivery of safe, recognizable, and trusted online services, including through use of the GOV domain

CIS | MS-ISAC

No-Cost Offerings

Fee-Based Offerings

  • Malicious Domain Blocking and Reporting Plus (MDBR+)

CISA Offerings

Open Source Offerings

N/A

Best Practices

  • DMARC/DKIM/SPF
  • DNSSEC
  • HTTPS
  • MFA and strong passwords

Ensure continuity of operations in the event of a cybersecurity incident, including by conducting exercises to practice responding to a cyber incident

CISA Offerings

Open Source Offerings

N/A

Best Practices

  • Establish and test incident response and disaster recovery policies and procedures

Use NIST NICE to identify and mitigate cyber workforce gaps, enhance cyber recruitment and retention, as well as improve knowledge, skills, and abilities through cyber training

CIS | MS-ISAC

No-Cost Offerings

Fee-Based Offerings

CISA Offerings

  • FedVTE
  • ICS-CERT Virtual Learning Portal

Open Source Offerings

N/A

Best Practices

  • Keep technical skills of your team sharp
  • Develop a “culture of learning and development”
  • Maintain high awareness of common attacks for all staff

Ensure continuity of communications and data networks in the event of an incident involving those communications or data networks

CISA Offerings

  • External Dependencies Management Assessment

Open Source Offerings

N/A

Best Practices

  • High availability solutions
  • Disaster recovery
  • Offline backups

Assess and mitigate cyber risks and threats to critical infrastructure and key resources

CISA Offerings

  • Cyber Resiliency Review
  • Cyber Infrastructure Survey

Open Source Offerings

  • Google’s GRR Rapid Response framework
  • Alien Vault OSSIM
  • SIFT Workstation
  • The Hive Project

Best Practices

N/A

Enhance capabilities to share cyber threat indicators and related information between the state/territory and local governments and/or DHS

CIS | MS-ISAC

No-Cost Offerings

Fee-Based Offerings

  • N/A

CISA Offerings

  • Malware Next Gen (MNG)
  • Automated Indicator Sharing (AIS)

Open Source Offerings

  • MISP
  • Hive/Cortex

Best Practices

  • Use community awareness and open sharing of threat

Leverage cybersecurity services offered by DHS

CIS | MS-ISAC

No-Cost Offerings

Fee-Based Offerings

  • N/A

CISA Offerings

  • Cyber Resource Hub

Open Source Offerings

  • N/A

Best Practices

  • N/A

Implement an IT and OT modernization cybersecurity review process that ensures alignment between IT and OT objectives

CIS | MS-ISAC

No-Cost Offerings

  • N/A

Fee-Based Offerings

  • N/A

CISA Offerings

  • ICS CERT recommended practices
  • ICS training
  • Cyber Security Evaluation Tool (CSET)

Open Source Offerings

  • Critical Infrastructure Protection Training from Idaho National Labs

Best Practices

  • N/A

Develop and coordinate strategies to address cyber risks and threats in consultation with local governments and, as applicable, neighboring states/territories, ISAC members, and neighboring countries

CISA Offerings

  • N/A

Open Source Offerings

  • Critical Infrastructure Protection Training from Idaho National Labs

Best Practices

  • N/A

Ensure adequate access to and participation in items covered by the grant by rural areas

CIS | MS-ISAC

No-Cost Offerings

  • N/A

Fee-Based Offerings

  • N/A

CISA Offerings

  • N/A

Open Source Offerings

  • N/A

Best Practices

  • N/A

Distribute funds, items, services, capabilities, and/or activities to local governments

CIS | MS-ISAC

No-Cost Offerings

  • N/A

Fee-Based Offerings

  • N/A

CISA Offerings

  • N/A

Open Source Offerings

  • N/A

Best Practices

  • N/A