Grant Details

New and Updated | Grant Search

Tribal Cybersecurity Grant Program (TCGP) - FY 2023

Agency: U.S. Department of Homeland Security
CFDA: 97.137
Federal FON: DHS-23-GPD-137-00-02
Office: Federal Emergency Management Agency (FEMA) Grant Program Directorate (GPD)
Multipart Grant: No
Next Due: 01/10/2024 (Multiple)
Solicitation Date: 09/27/2023
   
Match Required: No
Actual Funds: $18,246,845 (Confirmed)
Summary:

The purpose of this program is to strengthen the cybersecurity practices and resilience of tribal governments. This program enables the funding agency to make targeted cybersecurity investments in tribal governments, thus improving the security of critical infrastructure and improving the resilience of the services tribal governments provide their communities.

Applicants are required to address Objective 1 of this program, which is to develop and establish appropriate governance structures, including by implementing or revising cybersecurity plans, to improve capabilities to respond to cybersecurity incidents and ensure continuity of operations. In addition to Objective 1, applicants may address the following objectives; however, they are not required:

  • Objective 2: understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation, and structured assessments
  • Objective 3: implement security protections commensurate with risk
  • Objective 4: ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility

Award recipients will be required to develop a cybersecurity plan, establish a cybersecurity planning committee to support development of the plan, and identify projects to implement using program funding. Cybersecurity plans must include the following activities:

  • An assessment of the capabilities of the tribal government relating to the 13 required cybersecurity plan elements listed on pages 68-70 of the NOFA file
  • Adopting key cybersecurity best practices and consulting the cybersecurity performance goals (CPGs) detailed online at www.cisa.gov/cross-sector-cybersecurity-performance-goals

Funding may be used for updating and implementing a cybersecurity plan. Allowable investments made in support of this goal must fall into the categories of planning, organization, equipment, training, or exercises (POETE), aligned to closing capability gaps or sustaining capabilities.

Last Updated: July 24, 2024

Eligibility Notes:

Eligible applicants are tribal governments.

Two or more eligible tribal governments may apply together as a tribal consortium and submit one application to address cybersecurity risks and threats to information systems within tribal jurisdictions. The multientity project submissions must be approved by each tribal jurisdiction's cybersecurity planning committees, and each of the multientity project submissions must be aligned with each tribal jurisdiction's respective cybersecurity plan.

Tribal governments with cybersecurity projects funded by the funding agency's Tribal Homeland Security Grant Program (THSGP), known in eCivis Grants Network as US7863, may be considered for funding through this program if their proposed project is not duplicative of their THSGP project.

Only one application may be submitted by each eligible tribal government, and no more than four investment justifications may be submitted with the application.

FY 2023 award recipients include:

  • Coyote Valley Band of Pomo Indians
  • Southern Ute Indian Tribe
  • Choctaw Nation of Oklahoma
  • Sokaogon Chippewa Community
  • Colusa Indian Community 

Refer to the Award file for additional information regarding FY 2023 award recipients.

Eligible Applicants:
Consortia
Native American Tribe
Application Notes:

Prior to submitting a full application, applicants must submit a mandatory initial application, which applicants are encouraged to submit at least seven days before the full application deadline.

Initial applications must be submitted online at www.ecivis.com/grants.gov.

Initial applications must include:

  • SF 424
  • Certification regarding lobbying

Applicants will be notified as to whether their initial applications have been approved and will be invited to submit full applications, which must be submitted by 5:00 p.m. ET on January 10, 2024.

Full applications must be submitted online at portal.fema.gov.

Full applications must include:

  • SF 424A and/or SF 424C (as applicable)
  • SF 424B and/or SF 424D (as applicable)
  • SF LLL
  • Indirect cost agreement or proposal (if applicable)
  • Investment justification template
  • Project worksheet
  • Cybersecurity plan or cybersecurity plan template (as applicable)

The following are required in order to submit an application:

  • Unique Entity Identifier (UEI) number
  • SAM (System for Award Management) registration

Applicants may obtain a UEI number and verify or renew SAM registration status at www.ecivis.com/sam.

Applications will be evaluated according to programmatic criteria, financial integrity criteria, and supplemental financial integrity criteria, as detailed on pages 28-30 of the NOFA file.

Refer to the NOFA file for additional application information.

Match Required: No
Actual Funds: $18,246,845 (Confirmed)
Match Notes:

Matching funds are not required for this program.

Funding Notes:

A total of $18,246,845 is available to support awards through this program. To allow for applications to be evaluated from amongst applications from similarly populated tribes, this program uses an allocation methodology that establishes the following four categories based on overall population and divides the total funding available across them:

  • 8 tribes with a population of 100,000 or more: up to $8,109,709 is available
  • 33 tribes with a population of 10,000 to 99,999: up to $5,068,568 is available
  • 124 tribes with a population of 1,000 to 9,999: up to $3,041,141 is available
  • 392 tribes with a population of 1 to 999: up to $2,027,427 is available

The project period is 48 months and is expected to begin on March 1, 2024, and end on February 29, 2028. Extension requests will be granted only due to compelling legal, policy, or operational challenges.

Management and administrative (M&A) costs are limited to 5 percent of the total award amount.

Pre-award costs are allowable only with the prior written approval of the funding agency and as included in the award agreement.

Funds may not be used for:

  • Covered telecommunications equipment or services, as detailed on pages 25-26 of the NOFA file
  • Matching funds for other federal grants/cooperative agreements
  • Lobbying
  • Intervention in federal regulatory or adjudicatory proceedings
  • Suing the federal government or any other government entity
  • Spyware
  • Construction
  • Renovation
  • Paying a ransom
  • Recreational or social purposes

Refer to page 25 of the NOFA file for additional information regarding unallowable costs.

For FY 2023, a total of $18,246,845 was provided via 32 awards ranging from $17,850 to $3,009,214 through this program. Refer to the Award file for details.

Contacts:

(See Contact Notes)

Agency Address
Federal Emergency Management Agency
500 C Street, SW
Washington, D.C. 20472

Contact Notes:

Questions should be directed to the appropriate program contact listed on pages 41-42 of the NOFA file.

Initial applications must be submitted online at www.ecivis.com/grants.gov.

Full applications must be submitted online at portal.fema.gov.

The agency address provided is for reference purposes only.

Files:
NOFA File: US17581_NOFA_FY2023.pdf (797.8 Kb)
Guide File: US17581_Guide_FY2023.zip (1.4 Mb)
Application File: US17581_Application_FY2023.zip (180.2 Kb)
Award File: US17581_Award_FY2023.pdf (65.1 Kb)
File Notes:

The NOFA file contains the full solicitation for this program. The Guide folder contains detailed application instructions. The Application folder contains required forms for submission. The Award file contains information on FY 2023 award recipients.

July 24, 2024
Information regarding awards through this program has been released and attached as the Award file. A sample of award recipients has been added to the Eligibility section, and a brief summary of the awards has been added to the Financial section.

Grant Keywords
DHS, US DHS, USDHS, FEMA, GPD, SLCGP, Bipartisan Infrastructure Law, BIL, IIJA, Infrastructure Investment and Jobs Act, tribe, tribal, tribal government, Native American, American Indian, Indian, Native, Indigenous, conflict, emergency, cyber security, cybersecurity, security enhancement, critical infrastructure, community preparedness, early warning system, alert, information gathering, risk management, preparedness training, emergency response, intervention, incident management, information technology, IT, mitigate, mitigation, hacker, cyber attack, cyberattack, web security, internet security, virus, trojan, malware, ransomware, data, public data, public information system, internet, web, world wide web, cyber warfare, advanced, cutting edge, scientific frontier, technologies, technology, computer, connectivity, cyberspace, information science, network, networking, online, technological, cybersecurity awareness, cybersecurity professional, IT professional, employee development, employee training, professional development, professional training, staff development, staff training, intent hygiene, cyber hygiene, damage control, online attack, online warfare, data security, encryption, encrypted, data access, network access, cybersecurity plan, cybersecurity committee, cybersecurity posture, cybersecurity review, cybersecurity weakness, cybersecurity vulnerability, cyber risk, cybersecurity practice, cyber resilience, critical service, critical infrastructure resilience, government resilience, government continuity, cybersecurity incident, cybersecurity training, cybersecurity best practice, cybersecurity preparedness, Homeland Security Act
Grant Categories
Disaster Preparedness
Training & Vocational Services
Information Technology/Telecommunications
Domestic Preparedness/Homeland Security