We've updated our website! Learn what's new.

Skip To Content

Apply for a Cybersecurity Grant

Home About Apply for a Cybersecurity Grant

Cybercriminals routinely attack the education sector, especially K-12 schools. Hackers consider schools tempting targets largely because they: 

  • Store birthdates, Social Security numbers, and other high-value, sensitive information about staff, students, and parents 
  • Often lack the budget they need to defend their networks 

The Fund’s new cybersecurity program helps our members purchase proven cybersecurity tools they might not otherwise be able to afford. 

How It Works 

The Fund will award up to $5,000 (but no more than half their overall Fund contribution) to eligible members. Funds will be available via an à la carte menu of items specifically selected to enhance overall organizational cybersecurity. 

Eligibility Requirements 

  1. Recipients must be in compliance with all state cybersecurity requirements
  2. Have a designated district cybersecurity coordinator 
  3. Have a district cybersecurity plan 
  4. Meet the annual cybersecurity awareness training requirement 
  5. Recipients must have active Data Privacy and Information Security (cyber) coverage with the Fund. 
  6. Along with cyber coverage, recipients must have at least two additional lines of coverage

Application 

The grant application is a simple web-based form. It should take roughly 10-15 minutes to complete. You will be able to select one of the above items as your desired grant award. 

If you want to invest in a cybersecurity resource not on the list, there is a field to describe the planned project in detail, and explain how it will enhance your organization’s overall cybersecurity. 

Apply for a Grant

Timeline 

The application window will run from Sept. 19-Nov. 21, 2022. After the window closes, evaluation of the applications will begin. 

Members will be notified of application status within 30 days of the close of the application window. 

Grant Options 

Professional Penetration Testing  

Penetration testing differs from vulnerability scanning/assessment in that it is offensive in nature. A vulnerability scan will indicate if there are unpatched known vulnerabilities or other network misconfigurations, while a penetration test will attempt to enter your network, and subsequently provide a report on weaknesses and recommend mitigation strategies. Undergoing a robust penetration test will enable districts to further develop their cybersecurity plan. 

Estimated cost 

$4,000 - $15,000

One-time Vulnerability Assessment 

A robust vulnerability assessment can help identify any misconfigurations or unpatched/un-updated holes in member networks. Identifying these and implementing an update/patching strategy meets several of the Texas Cybersecurity Framework security objectives as the district develops its cybersecurity plan. Understanding where your vulnerabilities are, and why they were allowed to remain, will improve district cybersecurity. 

Estimated cost 

$1,000 - $10,000

Multi-Factor Authentication (MFA) Hardware Dongles 

Microsoft reports that organizations with MFA are 99 percent less likely to be compromised. Still, many districts struggle with how to implement MFA, as well as the costs associated with implementation. Providing an easily configured, biometric MFA option for districts will ease the transition to an MFA-secured network environment. 

Estimated Cost with Possible Options

  • Network Administrators: $45-55/user
    • 25 administrators/priority users: $1,375
    • 50 administrators/priority users: $2,750
    • 75 administrators/priority users: $4,125 
  • Standard users: $25/user
    • 100 users: $2,500
    • 200 users: $5,000
    • 300 users: $7,500

Cloud Backup Subscription  

It is strongly recommended that districts have an effective backup option. In fact, backups are your best defense against costly ransomware attacks. Considering the wide availability of low-cost cloud solutions for organizational backups, there is no longer a reason for not being able to roll to backups.  

Estimated Cost with Possible Options

Monthly with some file type and size limitations

  • 400 GB: $11 ($115 annually)
  • 2 TB: $14 ($149 annually)
  • 5 TB: $29 ($320 annually) 

Annually with no file size type or size limitations and unlimited users:

  • 1 TB: $199
  • 2 TB: $399
  • 5 TB: $999

Code-protected and Encrypted USBs 

These USBs are protected with a numeric code. This code is typed in on buttons on the body of the USB. An administrator can reset the code if a user forgets it. Encrypted, code-protected USBs also make it easy to pass sensitive information among authorized users while controlling the risk of it falling into criminals' hands. If a USB is misplaced, nobody who finds it can access the data. 

Estimated Cost Per User

  • 32 GB: $100
  • 128 GB: $200

Subscription to Password Management Platform 

Password management systems are far more secure and efficient than handwritten sticky notes hidden under keyboards. You only need to create one strong passphrase to enter the system. From there, it will auto-generate a strong passcode for every system you have access to. 

Estimated Cost Per User

  • Monthly subscription of around $6 per person
  • Annual costs could look like:
    • 25 users: $1,800
    • 50 users: $3,600
    • 100 users: $7,200
    • 200 users: $14,400
    • 500 users: $36,000

Cybersecurity Awareness Training and Phishing Simulation  

Bundling cybersecurity awareness training with a simulated phishing campaign is a powerful way to target your training to users and topics your organization needs to focus on. 

Estimated Annual Cost

  • $20 per employee
  • For example:
    • 100 employees: $2,000
    • 250 employees: $5,000

Email Security Orchestration, Automation, and Response (SOAR platform)  

A Security Orchestration, Automation, and Response platform (SOAR) solution can help orchestrate your threat response and manage high volumes of malicious emails. This would include automatic prioritization of legitimate emails, machine learning, and enhanced quarantine utilities. 

 Estimated Annual Cost

  • 101-500 employees: $11 per seat
    • 100 employees: $1,100
    • 300 employees: $3,300
    • 500 employees: $5,500
  • 501-1,000 employees: $8 per seat
    • 600 employees: $4,800
    • 800 employees: $6,400
    • 1,000 employees: $8,000

Password Policy Enforcer 

Windows and other basic operating system-based network solutions often lack the ability to create new policies that reflect developing guidance on password strength. A password policy enforcer enables you to create new policies and requirements for user IDs and passwords, and ensures they are being adhered to by staff.  

Estimated Cost for Annual Subscription

  • 401-500 employees: $1,130
  • 500 employees: $595
  • 1,000 employees: $1,195
  • 2,000 employees: $1,545

Enterprise pricing available by inquiry

Consultant Audit of Email Security Appliance (ESA)/Firewall/Anti-Virus  

The power of utilities within email security appliances (ESAs), firewalls, and anti-virus systems is often underutilized due to improper configuration. Identifying and bringing in a security subject matter expert for these utilities to make sure they are in their best security form could be a game changer for districts that have left them operating in their out-of-the-box state. 

Estimated Cost Per System

  • One system: $1,500
  • Two systems: $3,000
  • Three systems: $4,500

Want to Invest in a Resource Not on the List?

If you want to invest in a cybersecurity resource not on the list, there is a field on the application to describe the planned project in detail and explain how it will enhance your organization’s overall cybersecurity. 

If you choose this option, keep in mind that any vendor employed to assist with your project must come from the approved vendor list of either the Texas Department of Information Resources (DIR) or the Cybersecurity and Infrastructure Security Agency