...
Must participate in the Nationwide Cybersecurity Review (NCSR) https://www.cisecurity.org/ms-isac/services/ncsr
It opens October through February.
All FY 2022 SLCGP subrecipients are required to complete the National Cybersecurity Review (NCSR) assessment each year of your grant performance period.
An NCSR can be performed for a group of entities as long as we list all entities on the applicable form area. This means that if all our entities follow our same standards we can perform on NCSR for all SLCGP recipients.
PLEASE READ the specific NCSR Guidance here
code:
Please
continue
to
submit
the
completion
certificates
to
and for
tracking
and
documentation
purposes,
and
we
the
suggested
due
date
is
December
31,
2024.
Below are some important reminders for consideration around the NCSR participation timeline:
Although MSP EMHSD has a suggested internal deadline of December 31, 2024, the assessment will remain open until February 28, 2025 for compliance purposes.
Participants must register at the website https://www.cisecurity.org/ms-isac/services/ncsr/ .
Emailed
requests
for
registration
will
not
be
considered.
For
consistency
purposes,
MS-ISAC
will
not
be
able
to
change
the
name
of
an
organization
that
has
previously
participated.
A
participant
is
not
required
to
send
their
entire
assessment
and
responses
to
MSP-EMHSD,
as
their
NCSR
data
is
confidential.
IT
or
security
contacts
are
encouraged
to
complete
the
NCSR
rather
than
grant
managers
as
the
NCSR
is
an
IT
assessment.
An
NCSR
submission
can
cover
multiple
entities
who
receive
HSGP
funding.
Participants
should
enter
all
“Legal
Agency
Names”
within
the
appropriate
question
to
account
for
all
entities
covered
under
the
submission.
Once
the
2024
NCSR
officially
closes,
the
aggregated
data
is
used
in
a
Summary
Report
that
is
designed
to
measure
the
gaps
and
capabilities
of
SLTT
governments’
cybersecurity
programs.
The
following
page
includes
additional
information
on
the
NCSR:
For additional questions or assistance, please email NCSR@cisecurity.org.
Must sign up for CISA Vulnerability Scanning Services and ALSO request interest in Web Application Scanning.
To: Vulnerability_Info <Vulnerability_Info@cisa.dhs.gov>
Subject: Requesting Cyber Hygiene Services – SLCGP for (school district here)CISA,
We as the <school district here> would like to request Cyber Hygiene and Web Application Scanning services as required by the SLCGP grant. We look forward to participating in this wonderful program.
Then fill out and submit these froms when they reply with a ticket for your request
FAQ on signup
View file name 1 - CyHy Vuln Scanning 2022.pdf Cyber Hygiene scan Application:
View file name Acceptance Letter - Cyber Hygiene - SLTT_PS v5 .pdf Cyber Assessment Form:
View file name CISA Cyber Hygeine Services and Web Application Scanning Fact Sheet.pdf
Web Application Scanning form Info
Fact Sheet:
View file name CISA Cyber Hygeine Services and Web Application Scanning Fact Sheet.pdf Application:
View file name WebAppScanningApplication - WAS_AppA_SLTT.pdf Sample report from Web App Scanning:
View file name Sample WAS Report.pdf