September 11, 2024 By Mark Stone 4 min read

The Department of Homeland Security (DHS) has awarded $18.2 million in grants through the Tribal Cybersecurity Grant Program to boost cybersecurity defenses among Native American Indian Tribes. The program takes a big step in addressing the unique digital threats faced by tribal communities — a dedicated effort to improve cybersecurity infrastructure across these regions.

The $18.2 million grant is just one component of DHS’s broader strategy to enhance national cybersecurity. Administered by the Federal Emergency Management Agency (FEMA) in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), the goal of the Tribal Cybersecurity Grant Program is to provide tribes with the necessary tools to assess cybersecurity risks, implement effective solutions and strengthen their overall cyber defenses.

Distributing $18.2 million: Expectations and guidelines

The grant monies come with specific expectations and guidelines for any tribe receiving the grants, which include:

Conduct risk assessments: Identify and assess potential cybersecurity threats and vulnerabilities for risks within networks and infrastructure.

Implement cybersecurity solutions: Use the funds to deploy advanced cybersecurity technologies and solutions tailored to specific needs and operations.

Enhance cyber defenses: Improve cybersecurity postures by developing robust defense mechanisms against cyber threats.

Training and awareness: Invest in cybersecurity training and awareness programs to educate tribal members and IT staff about best practices, emerging threats and basic security principles.

When tribal communities adhere to these guidelines, they are in a better position to build a more resilient cybersecurity framework and protect their digital assets and critical data from malicious actors or any internal misconfigurations.

A historical perspective on federal policy

While this $18.2 million grant is a milestone for the country, it’s important to look back at the historical context of federal support for Native American tribes.

Throughout the 19th and 20th centuries, the federal government’s policies swung between assimilation and support — an inconsistency that created a turbulent relationship between Native Americans and the federal government.

Many initiatives and policies aimed at supporting Native American communities were underfunded, which hindered the effectiveness of programs initiated by the Bureau of Indian Affairs (BIA) and other federal entities.

Continuous lack of adequate financial support from the federal government hampered efforts to improve conditions on reservations, including education and health services.

This background is important to understand the complexities and challenges in the relationship between Native Americans and the federal government, particularly in the context of funding and support. Federal investments in tribal nations have been sporadic and frankly insufficient to meet the growing technological needs, which has understandably created long-lasting impacts on Native American communities.

In recent years, however, there has been a tangible shift towards more substantial and targeted funding.

Recent federal efforts in cybersecurity

American Rescue Plan

One notable example of recent federal investment is the American Rescue Plan, which provided $32 billion to support tribal governments. The White House press release describes this plan as the “largest single financial assistance investment to tribal governments in history, which includes investments towards expanding healthcare, access to temporary housing, assistance and supportive services to survivors of domestic and dating violence, as well as supplemental funding for the StrongHearts Native Helpline, and additional funding for services for sexual assault survivors.” It also included funding for IT and cybersecurity to demonstrate the federal government’s commitment to enhancing tribal infrastructure.

$400 million was allocated to the USDA’s ReConnect program, which was created to deploy broadband to unserved areas, particularly tribal regions. The initiative aims to bridge the digital divide and ensure tribal communities have access to high-speed internet, which is crucial for a robust cybersecurity posture.

Biden administration’s efforts

The Biden administration has put forth a concerted effort to address the unique challenges faced by tribal communities. The administration’s budget proposals have consistently included provisions for improving IT infrastructure and cybersecurity among Native American tribes. The investments reflect a broader recognition of the importance of digital security in protecting tribal sovereignty and providing equal access to technological resources.

Past federal efforts in cybersecurity

Obama administration

During the Obama administration, the focus on cybersecurity began to gain traction. Initiatives such as the National Cybersecurity Protection System (NCPS) were established to provide federal support to various sectors, including tribal governments. While these programs were not exclusively geared to tribal nations, they laid the groundwork for future efforts to include tribal nations in national cybersecurity strategies.

Trump administration

In 2017, the Trump administration signed Executive Order 13800, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” which focused on modernizing federal IT infrastructure and collaborating with state, local and private sector partners to secure critical infrastructure. While the order didn’t directly address tribal cybersecurity efforts, it was a step in the right direction toward the Tribal Security Grant Program.

Building blocks for success

To ensure the program succeeds, consistent monitoring of the implementation and impact of the grants is key. Regular assessments, great communication and feedback loops can help identify areas for improvement to ensure that the funds are being used effectively. Most importantly, building partnerships and relationships between tribal governments, federal agencies and private sector entities will go a long way toward improving the overall cybersecurity landscape.

Federal support for tribal cybersecurity is critical, but it must also come with technical assistance and resources to help tribes navigate the complex cybersecurity landscape. By building on the foundation established by the Tribal Cybersecurity Grant Program, the federal government can continue to support the digital sovereignty and security of Native American tribes.

The DHS’s $18.2 million grant to Native American tribes is a big step towards enhancing tribal cybersecurity. But by examining the historical context of federal support and the evolving landscape of IT and cybersecurity investments, it’s clear that this grant is very important as a milestone and a launching point for future efforts. As tribal communities continue to navigate the complexities of an evolving threat landscape, consistent and continual federal support is crucial.

Ultimately, this program, rooted in a collaborative approach between FEMA and CISA, will hopefully provide the necessary tools and resources to strengthen tribal cyber defenses.

More from News

CISA warns about credential access in FY23 risk & vulnerability assessment

3 min read - CISA released its Fiscal Year 2023 (FY23) Risk and Vulnerability Assessments (RVA) Analysis, providing a crucial look into the tactics and techniques threat actors employed to compromise critical infrastructure. The report is part of the agency’s ongoing effort to improve national cybersecurity through assessments of vulnerabilities in key sectors. Meanwhile, IBM’s X-Force Threat Intelligence Index 2024 has identified credential access as one of the most significant risks to organizations. Both reports shed light on the persistent and growing threat of…

CISA launches portal to simplify cyber incident reporting

2 min read - Information sharing just got more efficient. In August, the Cybersecurity and Infrastructure Security Agency (CISA) launched the CISA Services Portal. “The new CISA Services Portal improves the reporting process and offers more features for our voluntary reporters. We ask organizations reporting an incident to provide information on the impacted entity, contact information, description of the incident, technical indications and steps taken,” a CISA spokesperson said in an email statement. “Reported incidents enable CISA and our partners to help victims mitigate…

FYSA – Critical RCE Flaw in GNU-Linux Systems

2 min read - Summary The first of a series of blog posts has been published detailing a vulnerability in the Common Unix Printing System (CUPS), which purportedly allows attackers to gain remote access to UNIX-based systems. The vulnerability, which affects various UNIX-based operating systems, can be exploited by sending a specially crafted HTTP request to the CUPS service. Threat Topography Threat Type: Remote code execution vulnerability in CUPS service Industries Impacted: UNIX-based systems across various industries, including but not limited to, finance, healthcare,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today