The Schools and Libraries Cybersecurity Pilot Program will provide up to $200 million to selected participants over a three-year term to purchase a wide variety of cybersecurity services and equipment.
Modeled after the FCC’s Connected Care Pilot, the Pilot Program will evaluate the effectiveness of using Universal Service funding to support cybersecurity services and equipment to protect school and library broadband networks and data in order to determine whether to fund them on a permanent basis.
Who Is Eligible to Apply to Participate in the Pilot Program?
Schools, libraries and consortia of schools and libraries (e.g., regional or statewide groups of schools or libraries that jointly apply for the Pilot Program) that meet the E-Rate program’s eligibility requirements may apply to participate in the Pilot Program. A Program applicant need not be a current or former E-Rate program applicant in order to be eligible to apply for the Pilot.
What Services and Equipment are Eligible for Reimbursement?
Pilot Program participants will be eligible to seek reimbursement for a wide variety of cybersecurity services and equipment, subject to an overall cap. Eligible services and equipment include: Advanced/Next Generation Firewalls; Endpoint Protection; Identity Protection and Authentication; and Monitoring, Detection, and Response. See a complete list of eligible services and equipment.
What is the Process for Applying to Participate in the Pilot Program?
Interested schools, libraries and consortia of schools and libraries can apply to participate in the Pilot Program through a two-part process. The FCC expects to initiate this process by opening a Pilot Program application window this Fall.
In Part One of the application, applicants will be required to provide general information about the schools and libraries seeking support, including applicants’ experience with cybersecurity matters; whether they expect to implement cybersecurity recommended best practices; and their current or expected use of free or low-cost federal resources.
Applicants will also be required to provide information about the proposed Pilot project, including a description of the goals and objectives to be achieved; the services and equipment to be purchased (and associated costs); and the cybersecurity risks the proposed Pilot project will prevent or address.
If selected to participate in the Pilot Program, participants will be required to provide more detailed information about their cybersecurity experiences. For example, in Part Two of the application, participants will be required to provide information regarding their current cybersecurity posture, including how the school or library is currently managing and addressing cybersecurity risks through prevention and mitigation tactics; history of cyber threats and attacks (within a year of the date of the application); current cybersecurity training policies and procedures; and cybersecurity challenges faced.
How Will Pilot Program Participants Be Selected?
To facilitate the inclusion of a diverse set of Pilot projects and to target Pilot funds to the populations most in need of cybersecurity support, the FCC will award support to a combination of large and small and urban and rural schools, libraries, and consortia, with an emphasis on funding proposed Pilot projects that include low-income and Tribal applicants.
What Can Schools or Libraries Expect after Applying?
Applicants selected to participate in the Pilot Program will be announced by Public Notice. The Public Notice will provide additional information regarding next steps, including the process for soliciting bids and procuring desired cybersecurity services and equipment. After participants complete a competitive bidding process, they will submit requests for services and, upon approval, they will receive a Funding Commitment Decision Letter (FCDL) approving or denying their funding requests.
Once an FCDL is issued and the delivery of services has started, participants and service providers may submit requests for reimbursement from the Pilot Program. If necessary, participants can request reimbursement and request certain changes to their funding requests from the Universal Service Administrative Company (USAC), the Pilot Program administrator.
What is the Commission Doing to Protect Against Waste, Fraud, and Abuse in the Pilot?
As with all Universal Service Fund recipients, Pilot participants will be subject to competitive bidding, document retention, and audit requirements. Pilot participants are also prohibited from soliciting or accepting gifts from service providers that are seeking to participate in the Pilot Program. Bad actors may be subject to denials of funding, cancellation of funding commitments, and/or recoupment of past disbursements; suspension or debarment; civil, criminal, or administrative penalties; and fines, forfeitures or imprisonment.
FCC References
- FCC Opens Cybersecurity Pilot Program Application Window (Sept. 17, 2024)
- FCC Announces Application Filing Window for Cybersecurity Pilot (Sept. 4, 2024)
- FCC Adopts $200M Cybersecurity Pilot Program | Report and Order | News Release (June 6, 2024)
- FCC Proposes Schools and Libraries Cybersecurity Pilot Program | Notice of Proposed Rulemaking | News Release (Nov. 13, 2023)