My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Item 18 - Adopt Resolution for FY 2021 Emergency Management Performance Grant
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2022
>
08/16/2022 Regular
>
Item 18 - Adopt Resolution for FY 2021 Emergency Management Performance Grant
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
12/18/2024 8:26:35 AM
Creation date
12/18/2024 8:19:33 AM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Police
Item #
18
Date
8/16/2022
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
264
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
<br /> <br /> PSGP Appendix | February 2021 Page G-8 <br />gathers existing international standards and practices to help organizations understand, communicate, and <br />manage their cyber risks. For organizations that do not know where to start with developing a <br />cybersecurity program, the Framework provides initial guidance. For organizations with more advanced <br />practices, the Framework offers a way to improve their programs, such as better communication with <br />their leadership and suppliers about management of cyber risks. <br /> <br />The Cybersecurity and Infrastructure Security Agency’s (CISA) Critical Infrastructure Cyber Community <br />C³ Voluntary Program also provides resources to critical infrastructure owners and operators to assist in <br />adoption of the Framework and managing cyber risks. Additional information on the Critical <br />Infrastructure Cyber Community C³ Voluntary Program can be found at www.cisa.gov/ccubedvp. DHS’s <br />Enhanced Cybersecurity Services (ECS) program is an example of a resource that assists in protecting <br />U.S.-based public and private entities and combines key elements of capabilities under the “Detect” and <br />“Protect” functions to deliver an impactful solution relative to the outcomes of the Cybersecurity <br />Framework. Specifically, ECS offers intrusion prevention and analysis services that help U.S.-based <br />companies and SLTT governments defend their computer systems against unauthorized access, <br />exploitation, and data exfiltration. ECS works by sourcing timely, actionable cyber threat indicators from <br />sensitive and classified Government Furnished Information (GFI). DHS then shares those indicators with <br />accredited Commercial Service Providers (CSPs). Those CSPs in turn use the indicators to block certain <br />types of malicious traffic from entering a company’s networks. Groups interested in subscribing to ECS <br />must contract directly with a CSP in order to receive services. Please visit http://www.cisa.gov/enhanced- <br />cybersecurity-services for a current list of ECS CSP points of contact. <br /> <br />“Hub and spoke” cybersecurity projects are allowable under PSGP for cybersecurity projects that span <br />multiple port area facilities. Hub and spoke cybersecurity projects may affect a parent organization’s <br />multiple eligible entities in multiple port areas. Such projects may be submitted within a primary Port <br />Area for the project implementation. For example, an applicant in the Port of Houston may submit a hub <br />and spoke project within the Houston/Galveston port area which includes system hardening throughout <br />the organization’s facilities in Houston, Port Lavaca and Corpus Christi. Proportionally, costs associated <br />with entities or subcomponents that are not covered under an AMSP and are not instrumental to <br />enhancing maritime security must not be included in the detailed budget worksheet or investment <br />justification and thereby prorating the cost of the project only to those facilities that are covered by the <br />AMSP. Following the example noted above, the applicant may not include costs associated with <br />cybersecurity of their non-maritime facilities, such as a non-MTSA regulated facility located in San <br />Antonio. Hub and spoke projects are limited only to the enhancement of maritime security as outlined in <br />this section and may not include non-maritime systems or facilities. Please clearly identify hub and spoke <br />projects as such within your IJ and consult your COTP to verify project applicability to enhancing <br />maritime security. <br /> <br />Cybersecurity projects should address risks to the marine transportation system and/or Transportation <br />Security Incidents (TSIs) outlined in the applicable AMSP or priorities prescribed under applicable <br />FSP or VSP, as mandated under the MTSA or the PRMPs. At the port level, examples of cybersecurity <br />projects include but are not limited to projects that enhance the cybersecurity of access control, <br />sensors, security cameras, badge/ID readers, ICS/SCADA systems, process monitors and controls (such <br />as those that monitor flow rates, valve positions, tank levels, etc.), security/safety of the ship-to-port-to- <br />facility-to-intermodal interface, and systems that control vital cargo machinery at the ship/shore <br />interface (such as cranes, manifolds, loading arms, etc.), and passenger/vehicle/cargo security <br />screening equipment. <br /> <br />Vulnerability assessments are generally not funded under PSGP. However, considering the evolving <br />malicious cyber activity, the relative novelty of cybersecurity as a priority within the program, and the <br />need to adopt best practices included in the voluntary Cybersecurity Framework, vulnerability
The URL can be used to link to this page
Your browser does not support the video tag.