The U.S. Department of Homeland Security (DHS) is soliciting proposals for its State, Local, Tribal and Territorial (SLTT) Security Operations Center (SOC) Information Sharing and Analysis Center (ISAC) Program.
Donor Name: Department of Homeland Security
State: All States
County: All Counties
Type of Grant: Grant
Deadline: 08/01/2023
Size of the Grant: $43,003,000
Grant Duration: 2 years
Details:
The purpose of this cooperative agreement is to expedite building an automated and streamlined capacity to share cyber threat information bidirectionally and collaboratively amongst the SLTT/Elections and CISA, as well as provide a mechanism for rapid adoption and methods to integrate with local activities in the SLTT environment that improve cyber security awareness and equip stakeholders to act in response to prioritized cyber threat information shared within the threat intelligence platform. Furthermore, this agreement will expand implementation of cyber managed services (e.g., National Prevention Pilot, EndPoint Detection and Response Pilot, Malicious Domain Blocking and Reporting, Cyber Incident Response, Albert, Managed Email Security), for SLTT and the Elections subsector, and in so doing will impact the capabilities to create a more robust cyber defense and information sharing environment for the entire SLTT sector.
This Notice of Funding Opportunity Announcement (NOFO) is intended to fill a gap by providing supplemental resources to enable innovation, broaden centralized access to cyber threat information and communications platforms, provide for workforce development, and enhance cyber readiness and resilience, all while connecting the cyber ecosystems of the SLTT communities. By providing funds, technical assistance, and access to federal resources, it is expected that the Recipient will be able to:
- Focus more of its business and resources on cyber threat information enrichment, scoring, and collaboration based on Indicators of Compromise (IOC)s derived from SLTT and its subsector infrastructure, ISAC information sources, open-source information, and external intelligence enrichment.
- Create a lower entry cost for SLTT/subsector organizations (including elections infrastructure) who need help in managing cyber defenses and risk.
- Expand the trusted SLTT/Elections subsector community) base that shares and collaborates on threat intelligence.
- Provide some level of free managed security services and cyber threat information sharing services to the SLTT sector and its subsectors.
Priorities
- CISA will leverage this Cooperative Agreement award to advance SLTT cybersecurity risk management and to help build a healthy and resilient SLTT cyber ecosystem via automated collective community action. Successful execution of this agreement will focus on expanding SLTT sector interrelationships within the community using rapid rollout technology to enhance cyber threat information exchange.
- The priority is to provide a connective platform among the SLTT cyber coordinators for collaborative threat intelligence sharing. This enhanced technical model relies upon trusted SLTT collaboration, elastic infrastructure, managed security services and robust analytic orchestration and informed risk information to give cyber coordinators decision advantage, improve situational awareness and provide enhanced cyber defense.
Funding Information
Available Funding for the NOFO: $43,003,000
Period of Performance
- Projected Period of Performance Start Date(s): 09/30/2023
- Projected Period of Performance End Date(s): 09/29/2025
Eligible Applicants
- For-profit organizations other than small businesses
- Small businesses
- Nonprofits with 501(c)(3) IRS status, other than institutions of higher education
Applicant Eligibility Criteria
- Entity needs to be performing some of the functions of a Cyber Information Sharing and Analysis Center.
- Entity must possess the capacity to mature and expand a functioning 24x7x365 SOC to enable an ISAC.
- Entity must be able to grow and unite stakeholder trust communities.
- Entity must be able to retain cybersecurity analytic staff, including those with TS/SCI clearance.
- Entity must be able to provide scalable access to cybersecurity information, tools, and best practices.
- Entity must be able to analyze huge amounts of information in real-time to identify trends and prioritize cyber information for actionable insights.
- Entity must be able to sustain a communications model that allows critical cybersecurity information to quickly be disseminated across SLTT.
- Entity must be capable of enabling reliable outcomes in managing cyber-relevant threat intelligence, with the benefit of improved customer resilience.
For more information, visit Grants.gov.