My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Item 35 - FY 2022 Emergency Management Performance Grant
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2023
>
11/07/2023 Regular
>
Item 35 - FY 2022 Emergency Management Performance Grant
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
11/1/2023 1:48:15 PM
Creation date
11/1/2023 1:40:55 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Police
Item #
35
Date
11/7/2023
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
305
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
PSGP Program Appendix | 2023 Page G-9 <br />public and private entities and combines key elements of capabilities under the “Detect” and “Protect” <br />functions to deliver an impactful solution relative to the outcomes of the Cybersecurity Framework. <br />Specifically, ECS offers intrusion prevention and analysis services that help U.S.-based companies and <br />SLTT governments defend their computer systems against unauthorized access, exploitation, and data <br />exfiltration. ECS works by sourcing timely, actionable cyber threat indicators from sensitive and classified <br />Government Furnished Information (GFI). DHS then shares those indicators with accredited Commercial <br />Service Providers (CSPs). Those CSPs in turn use the indicators to block certain types of malicious traffic <br />from entering a company’s networks. Groups interested in subscribing to ECS must contract directly with a <br />CSP in order to receive services. Please visit http://www.cisa.gov/enhanced-cybersecurity-services-ecs for a <br />current list of ECS CSP points of contact. <br />“Hub and spoke” cybersecurity projects are allowable under PSGP for cybersecurity projects that span <br />multiple port area facilities. Hub and spoke cybersecurity projects may affect a parent organization’s <br />multiple eligible entities, and maritime security partners, in multiple port areas to provide a port-wide <br />benefit. Such projects may be submitted within a primary Port Area for the project implementation. For <br />example, an applicant in the Port of Houston may submit a hub and spoke project within the <br />Houston/Galveston port area which includes system hardening throughout the organization’s facilities in <br />Houston, Port Lavaca, and Corpus Christi. Proportionally, costs associated with entities or subcomponents <br />that are not covered under an AMSP and are not instrumental to enhancing maritime security must not be <br />included in the detailed budget worksheet or investment justification and thereby prorating the cost of the <br />project only to those facilities that are covered by the AMSP. Following the example noted above, the <br />applicant may not include costs associated with cybersecurity of their non-maritime facilities, such as a <br />non-MTSA regulated facility located in San Antonio. Hub and spoke projects are limited only to the <br />enhancement of maritime security as outlined in this section and may not include non-maritime systems or <br />facilities. Please clearly identify hub and spoke projects as such within your IJ and consult your COTP to <br />verify project applicability to enhancing maritime security. <br />Cybersecurity projects should address risks to the marine transportation system and/or Transportation <br />Security Incidents (TSIs) outlined in the applicable AMSP, or priorities prescribed under applicable FSP <br />or VSP, as mandated under the MTSA or the PRMPs. At the port level, examples of cybersecurity <br />projects include but are not limited to projects that enhance the cybersecurity of access control , sensors, <br />security cameras, badge/ID readers, ICS/SCADA systems, process monitors and controls (such as those <br />that monitor flow rates, valve positions, tank levels, etc.), security/safety of the ship-to-port-to-facility-to- <br />intermodal interface, and systems that control vital cargo machinery at the ship/shore interface (such as <br />cranes, manifolds, loading arms, etc.), and passenger/vehicle/cargo security screening equipment. <br />Vulnerability assessments are generally not funded under PSGP. However, considering the evolving <br />malicious cyber activity, the relative novelty of cybersecurity as a priority within the program, and the need <br />to adopt best practices included in the voluntary Cybersecurity Framework, vulnerability assessments may <br />be funded as contracted costs. Port-wide assessments are eligible and must demonstrate that the assessment <br />includes port area partners and are necessary to be completed as a single project to ensure a comprehensive <br />evaluation of port area cyber security vulnerabilities. Personnel costs (other than M&A) are not an <br />allowable expense for conducting these assessments. <br />CISA offers free resources to assist with initial assessments, please see https://www.cisa.gov/cyber- <br />resource-hub for additional information. Applicants are encouraged to utilize free resources prior to <br />requesting funds under this program. <br />Copies of completed cybersecurity assessments funded under PSGP that impact the maritime <br />transportation system, lead to a “transportation security incident” (as that term is defined under 46 <br />U.S.C. § 70101(6)), or are otherwise related to systems, personnel, and procedures addressed by the
The URL can be used to link to this page
Your browser does not support the video tag.