Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Must participate in the Nationwide Cybersecurity Review (NCSR) https://www.cisecurity.org/ms-isac/services/ncsr

    • It opens October through February.

    • All FY 2022 SLCGP subrecipients are required to complete the National Cybersecurity Review (NCSR) assessment each year of your grant performance period. 

    • An NCSR can be performed for a group of entities as long as we list all entities on the applicable form area. This means that if all our entities follow our same standards we can perform on NCSR for all SLCGP recipients.

    • PLEASE READ the specific NCSR Guidance here

      code

      :

      • Please

      • continue

      • to

      • submit

      • the

      • completion

      • certificates

      • to

      and
      •  and for

      • tracking

      • and

      • documentation

      • purposes,

      • and

      • we

      • the

      • suggested

      • due

      • date

      • is

      • December

      • 31,

      • 2024.

      Below are some important reminders for consideration around the NCSR participation timeline: Although MSP EMHSD has a suggested internal deadline of December 31, 2024, the assessment will remain open until February 28, 2025 for compliance purposes. Participants must register at the website
      •  

        Below are some important reminders for consideration around the NCSR participation timeline:

      • Although MSP EMHSD has a suggested internal deadline of December 31, 2024, the assessment will remain open until February 28, 2025 for compliance purposes.

      • Participants must register at the website https://www.cisecurity.org/ms-isac/services/ncsr/ .

      • Emailed

      • requests

      • for

      • registration

      • will

      • not

      • be

      • considered.

      • For

      • consistency

      • purposes,

      • MS-ISAC

      • will

      • not

      • be

      • able

      • to

      • change

      • the

      • name

      • of

      • an

      • organization

      • that

      • has

      • previously

      • participated.

      • A

      • participant

      • is

      • not

      • required

      • to

      • send

      • their

      • entire

      • assessment

      • and

      • responses

      • to

      • MSP-EMHSD,

      • as

      • their

      • NCSR

      • data

      • is

      • confidential.

      • IT

      • or

      • security

      • contacts

      • are

      • encouraged

      • to

      • complete

      • the

      • NCSR

      • rather

      • than

      • grant

      • managers

      • as

      • the

      • NCSR

      • is

      • an

      • IT

      • assessment.

      • An

      • NCSR

      • submission

      • can

      • cover

      • multiple

      • entities

      • who

      • receive

      • HSGP

      • funding.

      • Participants

      • should

      • enter

      • all

      • “Legal

      • Agency

      • Names”

      • within

      • the

      • appropriate

      • question

      • to

      • account

      • for

      • all

      • entities

      • covered

      • under

      • the

      • submission.

      • Once

      • the

      • 2024

      • NCSR

      • officially

      • closes,

      • the

      • aggregated

      • data

      • is

      • used

      • in

      • a

      • Summary

      • Report

      • that

      • is

      • designed

      • to

      • measure

      • the

      • gaps

      • and

      • capabilities

      • of

      • SLTT

      • governments’

      • cybersecurity

      • programs.

      • The

      • following

      • page

      • includes

      • additional

      • information

      • on

      • the

      • NCSR:

      For additional questions or assistance, please email
  • Must sign up for CISA Vulnerability Scanning Services and ALSO request interest in Web Application Scanning.

    • To: Vulnerability_Info <Vulnerability_Info@cisa.dhs.gov>
      Subject: Requesting Cyber Hygiene Services – SLCGP for (school district here)

      CISA,

      We as the <school district here> would like to request Cyber Hygiene and Web Application Scanning services as required by the SLCGP grant. We look forward to participating in this wonderful program.

    • Then fill out and submit these froms when they reply with a ticket for your request

      • FAQ on signup

        View file
        name1 - CyHy Vuln Scanning 2022.pdf

      • Cyber Hygiene scan Application:

        View file
        nameAcceptance Letter - Cyber Hygiene - SLTT_PS v5 .pdf

      • Cyber Assessment Form:

        View file
        nameCISA Cyber Hygeine Services and Web Application Scanning Fact Sheet.pdf

    • Web Application Scanning form Info

      • Fact Sheet:

        View file
        nameCISA Cyber Hygeine Services and Web Application Scanning Fact Sheet.pdf

      • Application:

        View file
        nameWebAppScanningApplication - WAS_AppA_SLTT.pdf

      • Sample report from Web App Scanning:

        View file
        nameSample WAS Report.pdf