Official websites use .gov
A
.gov website belongs to an official government
organization in the United States.
Secure .gov websites use HTTPS
A
lock (
) or https:// means you’ve safely connected to
the .gov website. Share sensitive information only on official,
secure websites.
TCGP
97.156
The goal of the Tribal Cybersecurity Grant Program (TCGP) is to assist tribal governments with managing and reducing systemic cyber risk. This goal can be achieved over the course of the Period of Performance (POP) as applicants focus on their Cybersecurity Plans, priorities, projects, and implementation toward addressing the program objectives. Program Objectives for TCGP include: 1. Develop and establish appropriate governance structures, as well as plans, to improve capabilities to respond to cybersecurity incidents and ensure continuity of operations; 2. Tribal governments understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation, and structured assessments; 3. Implement security protections commensurate with risk (outcomes of Objectives 1 & 2); and 4. Ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility Performance Measures: • Percentage of tribes with CISA approved tribal Cybersecurity Plans • Percentage of tribes with Tribal Cybersecurity Planning Committees that meet the Homeland Security Act of 2002 and TCGP funding notice requirements • Percentage of tribes conducting annual table-top and full-scope exercises to test Cybersecurity Plans • Percent of the tribes’ TCGP budget allocated to exercises • Average dollar amount expended on exercise planning for Tribes • Percentage of tribes conducting an annual cyber risk assessment to identify cyber risk management gaps and areas for improvement • Percentage of tribes performing phishing training • Percentage of entities conducting awareness campaigns • Percent of tribes providing role-based cybersecurity awareness training to employees • Percentage of tribes adopting the Workforce Framework for Cybersecurity (NICE Framework) as evidenced by established workforce development and training plans • Percentage of tribes with capabilities to analyze network traffic and activities related to potential threats • Percentage of tribes implementing multi-factor authentication (MFA) for all remote access and privileged accounts • Percentage of tribes with programs to anticipate and discontinue use of end-of-life software and hardware • Percentage of tribes prohibiting the use of known/fixed/default passwords and credentials • Percentage of tribes operating under the “.gov” internet domain • Number of cybersecurity gaps or issues addressed annually by tribes
This chart shows obligations for the program by fiscal year. All data for this chart was provided by the
administering agency and sourced from SAM.gov, USASpending.gov, and Treasury.gov.
For more information on each of these data sources, please see the
About the data page.
Single Audit Applies (2 CFR Part 200 Subpart F):
For additional information on single audit requirements for this program, review the current Compliance Supplement.
OMB is working with the U.S. Government Accountability Office (GAO) and agency offices of inspectors general to include links to relevant oversight reports. This section will be updated once this information is made available.
