template for virus presentation

Unsupported browser

This site was designed for modern browsers and tested with Internet Explorer version 10 and later.

It may not look or work correctly on your browser.

15 Best Free Covid Coronavirus & Virus PowerPoint PPT Templates 2024

Whether you need to make a Covid-related or any other medical presentation, one thing is certain. It’s much faster to start with a coronavirus PowerPoint template than trying to do it from scratch.

Luckily, there are plenty of free and premium Covid and virus-themed PPT templates available online that you can use as a starting point.

The Best Source for COVID Coronavirus and Virus PowerPoint Templates (With Unlimited Use)

Envato Elements is the best place to find premium coronavirus, Covid, and virus PowerPoint templates with professional designs. Envato Elements is a subscription-based marketplace. It gives you access to thousands of creative assets — for a single monthly fee:

premium PowerPoint templates for all your presentation needs
stock photos and royalty-free music that you can use in your presentations
fonts, icons, and more to customize your presentation

Explore Virus PowerPoint Templates Now

Envato Elements gives you the best bang for your buck if you need PowerPoint templates and other design assets regularly. Unlike our premium templates, free PowerPoint designs often lack features and customization options.

Top 5 Premium Covid and Coronavirus PowerPoint Templates From Envato Elements for 2024

Before we show you the best free PowerPoint templates with virus themes, here are the top premium coronavirus PowerPoint templates from Envato Elements:

1. Delta Corona Virus PowerPoint Template

First, we've got the Delta Corona Virus PowerPoint template with a modern and clean design. This Covid slides template features 80+ slides. They've got all the necessary content ideas for you to create an engaging presentation.

The template also comes with handmade infographic elements. It was designed in HD resolution and comes in dark and light versions.

2. Covid-19 Virus - Medical PowerPoint Template

The Covid-19 is a medical PowerPoint template with more than 70 unique and modern slides. This Covid presentation template has a gorgeous duotone color scheme, but you can easily customize it to match your brand. You’ll also find unique mockup devices, image placeholders, infographic elements, and more. The template comes in widescreen resolution.

3. Covirus - Disease & Virus PowerPoint Template

Here’s a unique and trendy Covid and virus PowerPoint template that'll make creating your presentation a breeze. The template comes with 33 unique slides. You can customize colors, fonts, and even the slide layout to create the perfect presentation. You’ll also find image and media placeholders, vector-based icons, and mockup devices.

4. Secure Virus 19 Medical PowerPoint Template

This coronavirus PPT has twenty-five unique slides. It can help you deliver a comprehensive presentation. Finding the right color scheme for your business won't be a problem. Included are over ninety color schemes that are fully customizable.

You'll find much-needed infographics, vectors, and charts as well. Download this complete Covid PowerPoint template.

5. Covid Virus - Medical PowerPoint Template

This Covid presentation template gives you the power to create an eye-catching presentation. Included are forty-six slides that feature modern designs. Many graphics are included to help you deliver a compelling presentation to your audience. Free web fonts are included, and you can drag and drop in images of your choice to any slide.

The premium templates mentioned are some of the highest quality available. If you're on a budget, you may not be able to afford the premium templates. In this next section, we'll go over the top free PowerPoint templates virus.

15 Top Free Covid Coronavirus & Virus PowerPoint Templates to Download

Before looking for a free Covid PowerPoint template on the web, check Envato's free offerings first. Try out various premium template files (not always PowerPoint files) at no cost to you.

Here's the deal:

With that in mind, here are the best free coronavirus and virus PowerPoint templates that you can find and download online for your presentation:

1. Free Social Distance PowerPoint Template

With the help of this coronavirus PowerPoint template for free, you’ll have no problem explaining social distancing rules. The Covid PowerPoint template includes four pre-designed slides.

2. Medicine Health Care PowerPoint Templates

Try this medicine and healthcare PowerPoint template if you’re looking for a modern template. Use it to present all the necessary information about Coronavirus or any other medical emergency.

3. Medical Laboratory PowerPoint Templates

Here’s a free template virus that would be perfect for any type of virus research presentation. The template comes with individual slides as well as section covers. It includes 25 slides.

4. Coronavirus Pandemic PowerPoint Templates

Share important findings and information about Coronavirus or any other virus with this modern template. It comes with three master slides that you can customize.

5. Covid-19 Coronavirus PowerPoint Templates

This free Covid PowerPoint template has a dark green background with virus icons. Use it to quickly create a presentation. The template comes with three master slides designed in several resolutions.

6. Infection PowerPoint Templates

Use this fun infection PowerPoint template to create a presentation about virus research or to provide more information about a specific virus. The Coronavirus PPT includes three master slides that you can duplicate to create your presentation.

7. Free COVID-19 Vaccine PowerPoint Template

With the help of this free PowerPoint template with a virus theme, you can easily share all the information people need to know about Covid-19 vaccines. The Covid vaccine theme PowerPoint comes with four slides.

8. Free COVID-19 Presentation Template

Use this Covid presentation template to create a presentation that shares information about the virus and how to fight it. The template has four master slides that you can copy as many times as you need.

9. Free Covid PowerPoint Template

Here’s a minimal and simple COVID PowerPoint template. It features an image that shows the virus spreading all over the world. It also contains four master Covid PowerPoint slides that you can copy for your presentation.

10. Free COVID PowerPoint Background

Consider this free COVID PowerPoint background for your presentation. It features an image of a word game spelling out coronavirus, pandemic, and virus.

11. Medical Illustrated. Free PowerPoint Template & Google Slides Theme

Here’s another minimal and clean PowerPoint template. Use it for any type of medical presentation. The Covid presentation template comes with 25 slides.

12. Blue Medical. Free PowerPoint Template & Google Slides Theme

The blue color in this medical and virus PowerPoint template conveys professionalism. It comes with 25 covid PowerPoint slides.

13. Medical Virus. Free PowerPoint Template & Google Slides Theme

This coronavirus PowerPoint template for free can be used for sharing information about the virus and how to prevent the spread. The template comes with 25 slides that you can duplicate, re-order, and delete as you see fit.

14. Free COVID-19 Health System Capacity Curve PowerPoint

Use this free Covid-19 PowerPoint template to showcase the virus's effect on the health system capacity. The template includes several different slide variations.

15. Coronavirus PowerPoint Template

Use this coronavirus PowerPoint template for free to create informative presentations about coronavirus measures, treatments, and protection. It comes with several slides, including section cover and agenda slides.

How to Make a Coronavirus Presentation in PowerPoint

Covilabs - Covid Medical Powerpoint Template

1. Choose the Right Slides

Not all the slides in the template will work for your presentation. Go through each slide and pick the ones that pertain to your presentation. For the slides, you don't want to use, left-click the slide and choose Delete Slide .

2. Add In Your Content

Now it's time to add in your presentation's content. Have a document open with all the text you want to use for each slide. Then copy and paste the text to each slide.

Each slide has text placeholders. Double-click the placeholder text and select all the text. You can then paste in your text.

3. Add In Your Images

Next, we'll add in our images to make the presentation more visually appealing. Just like the text, there are also image placeholders. To add in your images, click the image icon on each slide. Your computer files pop up. Choose the image you want to add.

4. Add in Animations

To help add professional polish to your presentation, we'll add in animations. Choose the top menu header that says Animations . From there, choose the animation that you want to have on your slides. To see what each animation looks like, choose the Preview button on the far left side of the menu.

5. Proofread Your Presentation

Often this step is skipped. We get caught up in making our design look perfect and forget to proofread our presentation. Having grammatical errors and misspelled words is the quickest way to make your presentation look unprofessional. Take the time to go over every slide in your presentation before calling it done.

5 Quick Tips To Make Virus-Themed PPT Presentations in 2024

You’ve just seen the best free and premium coronavirus slideshow templates. Now, here are a few quarantine PowerPoint ideas that'll help you design a standout presentation:

1. Stand Out With Custom Icons and Illustrations

Custom icons and illustrations make your presentation more memorable. Not to mention, they'll make your presentation stand out. The Covid-19 PowerPoint template features modern custom vector graphics that you can use as inspiration.

2. Keep the Text to a Minimum

Don’t overwhelm your audience by adding a lot of text on your slides. This can cause them to read the slide before you’re done presenting it and they may become disengaged. Instead, keep the text to a minimum of one to three bullet points per slide.

3. Use a Professional Color Scheme

You don’t have to shy away from color in your presentation. Make sure that your color scheme is professional and doesn’t contain any clashing colors. You can draw inspiration from this modern Coronavirus Medical PowerPoint template from Envato Elements.

4. Use Charts for Complex Data and Statistics

If you've got a lot of complex data and statistics, consider using charts and infographic elements to represent them. This will make it easier for your audience to understand and absorb the information.

5. Customize the Slides With Your Photos

Using stock photos is a great way to make your presentation more memorable. But you can achieve an even better effect by including photos of you, your team, and your employees. A template like the Corona Virus PowerPoint Template has plenty of image placeholders for you to use.

Discover More Top PowerPoint Template Designs

If you want to see even more PowerPoint template examples or if you need to create a different type of presentation, look at the following template roundups:

Common PowerPoint Questions Answered (FAQ)

If you're creating a Coronavirus PPT presentation and you're not familiar with PowerPoint, you may have some questions. We've got you covered! Here are some common PowerPoint questions and their answers:

1. I'm New to PowerPoint, What Should I Know?

PowerPoint is a powerhouse presentation software. But learning just the basics of the software enables you to create a complete presentation. Check out our ultimate PowerPoint guide to learn these basics.

2. How Should I Design My Slides?

The visual hierarchy of the slides dictates the design. The arrangement of the elements on your page and how they're placed has the biggest effect on what your audience remembers. Your slide's colors, typography, and images used are major contributors to the design of your slides.

3. Can I Collaborate on One Presentation?

PowerPoint Online makes collaboration possible. This makes it easy to delegate separate tasks that need to be completed for the presentation. For an in-depth guide on how to collaborate as a team, view the article below.

4. What Colors Should I Use In My Coronavirus PPT?

The colors that work well are blue and red. Red helps highlight the urgency and danger of the virus and blue helps build trust with your audience. If your business has a set of brand colors, then you can use these colors as well.

5. Can I Print Out My Slides?

Yes, you can! Print out your slides may be necessary depending on where you're presenting. Check out the tutorial below for a complete guide on how to print out your slides.

Learn More About Making Great PowerPoint Presentations in 2024

The tips we shared above are only a small selection of what makes a great presentation. If you want to learn more about designing and writing great PowerPoint presentations , check out the tutorials below:

Create a Coronavirus Presentation Quickly With Templates

If you need to create a presentation about Coronavirus or any other type of medical presentation, there's no shortage of free PowerPoint templates with a virus theme to choose from. But, if you want to make your presentation look more unique, don’t forget to check out premium templates.

Stop by Envato Elements if you know you’ll be needing PowerPoint templates and other creative assets on the regular or if you've got multiple brands to promote.

Editorial Note: This post has been updated with contributions from Daniel Strongin . Daniel is a freelance instructor for Envato Tuts+.

Virus PowerPoint Template

Medical and Health , Popular , PowerPoint , Templates

The free Virus PowerPoint Template has a green background with a background image of an illustration of the random virus. It fits with the topic and makes it look very professional. Therefore, the template is suitable for presentations about the viruses, virus outbreaks, coronavirus, SARS, symptoms, transmission, prevention, etc. This template can be used by doctors, epidemiologists, students and other presenters. Finally, the template is perfect for presentations about the potential super virus pandemic. If you want to make a beautiful presentation with a professional look, this is the right PPT background for you. There are also similar medical templates that you can find in our Medical and Health Category . You can also find similar backgrounds by browsing through labels such as virus , pandemic .

How to Use Virus PPT Template and Background?

Now you can pick whether to easily add an interesting background to your current presentation or get our PowerPoint template. If you’re starting to make a new presentation, our PowerPoint templates are here to help. This template is designed to be really easy to use and will make your experience super smooth.

If you like this free medical PowerPoint template, you can share your thoughts by replying below this post. Do not forget to follow us on social networks where you can get links to exclusive stories and templates. Visit our Facebook , Twitter , Instagram and Pinterest profiles and stay tuned to the latest news and trends from the world of presenting.

Health , Pandemic , Public Health , Virus

Dinosaurus PowerPoint Template

Max verstappen powerpoint template, red bull f1 team powerpoint template, selena gomez powerpoint template, cleveland cavaliers powerpoint template, ronaldo powerpoint template.

Need your decks to shine but short on time? Let us handle all for you!

We create stunning presentations and templates that will captivate your audience.

Build slides 4x faster and save up to 10 hours per week!

Say goodbye to slide shame now with our premium presentation templates.

Researched by Consultants from Top-Tier Management Companies

AI PPT Maker

Powerpoint Templates

Icon Bundle

Kpi Dashboard

Professional

Business Plans

Swot Analysis

Gantt Chart

Business Proposal

Marketing Plan

Project Management

Business Case

Business Model

Cyber Security

Business PPT

Digital Marketing

Digital Transformation

Human Resources

Product Management

Artificial Intelligence

Company Profile

Acknowledgement PPT

PPT Presentation

Reports Brochures

One Page Pitch

Interview PPT

All Categories

Top 25 Virus PowerPoint Templates To Beat the Invisible Threat

Gunjan Gupta

Viruses are curious little creatures. These tiny tagalongs aren’t exactly living per se, but they are not inanimate either. They’ve replicated themselves into multiple forms both fatal and non-fatal in billions of years and continue to do so even today. These beings have a long trail of history attached to their evolution and perhaps even had a hand or a squishy-squashy protein coating- in helping them mutate and become ever so dangerous. So, much so that they have become a threat to human existence.

In the recent turn of events, where the global pandemic Corona virus popularly known as Covid-19 is on a rise bringing along a chain of untimely deaths and mourns throughout the world, it is necessary to have a much closer look at these tiny microbial compounds.

If you are also curious to know about these tiny, yet not-so-tiny beings, their origination, evolution, health effects, and more, well tag along.

The evolutionary history of viruses is a fascinating, yet debatable topic for virologists and cell biologists, because of their diverse nature. As such it is a constant struggle to classify these entities and relate their existence to the human tree of life. They may be genetic elements or previously living organisms evolving as parasites. Constant research is going on these topics.

So, to support the vision of virologists and help them with their never-ending search, SlideTeam professionals have designed a few virus PowerPoint templates that will resolve some of the basic queries about these “microbes”. Each of these templates are apt to unfold new facts about viruses, and their existence, endangering the lives of the only living species in the world- us HUMANS!

Virus Templates to Download and Use

We are well aware that viruses are diverse in nature and so is their biological composition. Some have RNA genomes while some are made up of DNA genomes. This template can be used to explain the structure as well as the replication strategies of these microbes. It can also be used to explain the dizzying array of functions and health effects of viruses on human health as well as the research conducted on it. Some interesting facts about coronavirus and its genetic mutation can be unfolded in this section and presented to get a better understanding of the origin of this virus. These may include the 10-time mutation study of the virus, posing the biggest threat to humanity. Let alone, various other studies and scientific evidence can be presented by healthcare professionals by utilizing this interesting layout that can be customized.

Template 2

Science is the be-all and end-all of our findings. With the outbreak of the world deadliest virus ‘Coronavirus’, creating havoc in the lives of billions of people, this is a classic template that can be used by researchers and scientists to present their interesting studies. The biological composition of various viruses and their origination can be outlined and presented. This template can also be used by healthcare professionals to explain some of the symptoms and ill effects of various viruses. Not all the viruses are deadliest and so information about its various types can be elaborated on in this template. It also comes in handy for biological students to present their research findings after careful analysis of viruses, thus helping them impress their teachers.

Virus Science PowerPoint Templates And PowerPoint Backgrounds 0211

Download Virus Science PowerPoint Templates

The Internet is flooded with false information about coronavirus and its outbreak. This template can be used by healthcare professionals to create awareness and stop the spreading of false rumors. It can also be used to present the recent worldwide stats of the infection as well as some safety measures that can be adopted by the masses to keep the spread in check. The science behind various viruses can be outlined in this template, to increase the overall understanding of the viewers. Nonetheless, it is an apt design for biomedical students to present their results, findings, and reviews on various viruses to advise medical practitioners.

Download Virus Science PowerPoint Templates And PowerPoint Background

Influenza is a major public health concern as it infects nearly 5-10% of the global population annually. Hence, there is a need to understand the molecular structure of this virus to reduce its strain on human health. Our professionally designed template can help you give a brief about how the virus multiples, infects, and how to combat infection, making it extremely useful for virologists and cell biologists. Additionally, it can be used to present researchers on few vaccines formulated to reduce the risk of influenza as well as the treatment prescribed. This design is fully adaptive to your needs so feel free to make any changes as you like depending upon your field of interest.

Download Structure Of The Influenza Virion Medical Images For PowerPoint

This template is ideal for a biology class to show and share important information on various viruses, their origin, infections caused by them, and others. The theme is formal and hence can be used to demonstrate any topic in science class and submit an assignment as well. Doctors, nurses and paramedical staff can also utilize this template to present the information on vaccine reactions which may happen to patients, thus creating awareness. A lot of studies conducted on viruses is also the topic this slide caters to. Additionally, such medical templates are apt for drug health lessons in ordinary schools, colleges, and medical universities. All of these characteristics make this a universally efficient template. Hence, any individual can download it to present his topic in a comprehensive manner.

Download Virus Microorganism Geographical PowerPoint Templates And PowerPoint Backgrounds

The outbreak of coronavirus throughout the world has become one of the most notorious events of the decade, if not the current century. We can say that we have welcomed a new decade with a catastrophe of death and mourning. Since, this pandemic is nothing short of deadly, taking away lakhs of lives, every bit of information helps a lot. This virus danger template can help you create awareness on this global pandemic. It is a virus and microorganisms based theme template to put everything topic related to the context. The control and prevention of this disease can be the pillars of your talking points after utilizing this presentation theme. Also, there is a consistency in the theme of this template and includes font size that can be easily viewed from a distance. Thus, making it an efficient design that can help you present great presentations on science, biology, virology, and other related fields.

Download Virus Danger Globe PowerPoint Templates And PowerPoint Backgrounds

This template is designed for HIV and Aids doctors, students, academicians, and other professionals looking for comprehensive designs to create presentations for their universities, hospitals, seminars, and several others. HIV and Aids is a very important topic for medical practitioners to get acquainted with. This template can help you showcase important information on Aids and the causes of its spread. This is also a great design for medics and professionals to convey their thoughts on the topic, thus helping them become better communicators.

HIV Medical PowerPoint Templates And PowerPoint Backgrounds

HIV Virus Medical PowerPoint Templates And PowerPoint Backgrounds

The mechanism of HIV entry to the host cell can be explained with this pre-designed template. This layout focuses on the design needs of medical professionals to give a descriptive view of the topic. It is apt for doctors, nurses, paramedics, researchers, academicians, and others working in the field of HIV Aids and its transmission. This content-ready template enables you to deliver great presentations revolving around the topic of HIV with minimum effort and maximum effect. Its simple to download layout requires only a few clicks to get you ready for your upcoming medical presentations. Hence, convey your thoughts and ideas on HIV with this template, that is subjected to numerous alterations, depending upon the requirements of the user.

Download HIV Attachment To Target T Cell Medical Images For PowerPoint

Classification and explanation of the nomenclature of viruses is a breeze with this template. It is specifically designed for paramedical staff to discuss their views on Hepatitis B and how it affects the liver of the infected patient. Since almost 1 million people die every year because of chronic hepatitis B infection which is preventable and treatable this template comes in very handy to present the important details and facts. Also, new perspectives on the life cycle of hepatitis B can be thoroughly explained in medical universities with this thoughtfully designed template. Since this template is versatile and flexible it is easily adaptable to all your needs and requirements. All you have to do is click on the download button and use it extensively.

Download Hepatitis B Virus Medical Images For PowerPoint

Template 10

This template can be used to explain the microscopic view and nomenclature of the Papillomavirus or HPV infection. It can also be used to understand its preventive measures, causes, and treatment making it an ideal fit for doctors to give a deeper understanding of the topic. Hospitals and medical universities can utilize this template to teach and train students and staff members. This slide acts as a very good teaching tool as the viewers are able to get a thorough understanding of health care issues, proposed safety measures, reasons for infections, and similar other topics. Additionally, the pre-designed layout of this template showing the entire structure of the virus makes it extremely easy to deliver great medical presentations with minimum effort.

Download Human Papilloma Virus Medical Images For PowerPoint

Template 11

This template can be used by doctors, medical universities, researchers, virologists, cell biologists, and others to present a thorough understanding of the structure of HIV and how it leads to a non-treatable infection. It showcases two types of infection latent and active and how the synthesis happens. Since this template is so descriptive designed using apt color scheme, it is efficient enough to grab this immediate attention of the viewer. You can either use this template in conjunction with your presentation or as a single entity as it is complete in itself.

Download Latent And Active Infection Of T Cell By HIV Medical Images For PowerPoint

Template 12

Adenovirus is ubiquitous viruses that cause various pediatric illnesses including common cold. They can also cause gastrointestinal, ophthalmologic, neurologic, and genitourinary symptoms. This template has especially been designed for paramedics and cell biologists to explain the basic structure of adenovirus and its prevention. While illness caused due to viruses have become quite common, having a thorough understanding of the illness is important. This template can be used in a discussion session needing to study the causes of viral growth, its production, and other aspects. Due to its attractive layout, it never fails to impress any audience.

Download Adenovirus Morphology Medical Images For PowerPoint

Template 13

This is yet another adenovirus template that is suitable to discuss the structure and movement of viruses in the human body. You can also explain the causes of its growth, infection and expansion with this template that is fully adaptable to one’s needs and requirements. Biological experiments and genetic engineering projects can also be presented using this template that is fully responsive.

Download Adenovirus Medical Images For PowerPoint

Template 14

Download this Leukemia template for your upcoming medical presentations. This template is specifically designed keeping in mind the needs of medical practitioners, healthcare professionals, and pathologists. So, you can easily edit it with your own content as this template uses royalty-free images. Apart from this, the template design can be used as a background of your presentation on leukemia, symptoms, causes, types, diagnosis, and treatment. Therefore grab this multifunctional PPT now to convey your information on leukemia cancer impressively.

Download Leukemia Science PowerPoint Templates And PowerPoint Backgrounds

Template 15

Another family of virus Hepatitis A can be influentially explained with this pre-designed template. Doctors, nurses, and other medical staff members can use it to create presentations for universities, hospitals, and other places depending upon their needs and requirements. It is also a good explanation tool for conferences and medical counseling sessions conducted in hospitals. The causes, vaccine reactions, side effects of the vaccine, diagnosis, treatment, and other aspects can be discussed efficiently with this neatly-designed template. The pre-designed elements of this template make your presentation work quick and a lot more convenient.

Download Hepatitis A Virus Medical Images For PowerPoint

Template 16

Showcase important information related to Herpes Simplex Virus using this slide. Explain its causes, risk factors, symptoms, vaccine, diagnosis, treatment, and other important aspects. Since this slide caters to the biology of viruses it will act as a great teaching tool in schools, medical universities, hospitals, and other places. Apart from this, it can be used by any medical practitioner and cell biologists depending upon what their project commands.

Download Herpes Simplex Virus Medical Images For PowerPoint

Template 17

This pre-made template can be used to present amazing presentations on topics like virology, immunization, vaccination, and others. This template specifically targets Respiratory Syncytial Virus hence it can be used to give a thorough explanation of this virus, its types, symptoms, diagnosis and other aspects making it highly useful for the medical practitioners.

Download Respiratory Syncytial Virus Medical Images For PowerPoint

Template 18

This presentation design is perfect for presenting strategies on the stop of growth and spreading of infection in humans. You can outline the entire structure of Measles and the infection caused by it using this template. Doctors can also use this template to educate their patients about Measles and prescribe an effective treatment for it. Nonetheless, the layout of this slide is designed professionally hence it is an ideal fir for medical students as well.

Download Measles Virus Medical Images For PowerPoint

Template 19

Such templates are great for providing health lessons on various viruses, their causes, symptoms, and the like. They can be used by medical professionals, biology teachers, medical universities, and others as a contribution to preventing infections from spreading by creating awareness. Since this template is pre-designed it will function as a great tool to present medical presentations.

Download Arena Virus Particle Structure Medical Images For PowerPoint

Template 20

Give a descriptive presentation on the highly contagious and deadly disease Smallpox using this slide. Showcase the structure of variola virus and its infection that leads to smallpox in humans. You can also present the history and evolution of this virus along with its treatment. Use it in conjunction with your medical presentation to create an impact. The high-resolution images used in each of the slides act as great teaching tools for educators, academicians, paramedical staff, and others.

Download Smallpox Virus Medical Images For PowerPoint

Template 21

Many infectious diseases are becoming fatal among human beings because of the overgrowth of viruses. One such virus is the rubella virus causing red rashes throughout the body. This template aims at giving an overview of rubella, its causes, symptoms, and others. Thus, making it a highly resourceful design for your medical presentations.

Download Rubella Virus Medical Images For PowerPoint

Template 22

We are bombarded with new infections every year some which are deadly and some which are not. This presentation aims at targeting a similar virus and its infections known as the RSV virus causing respiratory issues in children. The descriptive layout of this template makes it apt for presenting various medical presentations that are impressive and convince enough. These templates are specially designed to ease the work of the user by providing ready-made design and aesthetics.

Download RSV Virus Medical Images For PowerPoint

Template 23

Mimivirus questions our understanding that viruses are small as this the largest and most complex virus ever found. This template can be used by presenters to explain the evolution, discovery, and analysis of mimivirus both from the scientific and medical perspectives. It showcases the complex structure of mimivirus and its characteristics which defy the conventional definitions of life. Using this template will help you explain the mimivirus more descriptively, thus making it a great template for your presentations.

Download Mimi Virus Particle Structure Medical Images For PowerPoint

Template 24

This template shows the entire lifecycle of HIV and its replication, thus making it an outstanding explanation tool. This template is fully functional for doctors, medical universities, teachers, academicians, etc. looking to present important information on HIV and its infection. It is also a great tool to create awareness about this particular virus among the masses so that necessary steps can be taken to keep its spread in check. Apart from this biological experiment lab and genetic engineering projects can also use this template in whichever way they prefer.

Download Replication Cycle Of Human Immunodeficiency Virus HIV Medical Images For PowerPoint

Template 25

While the world is battling with a pandemic Coronavirus and its mutated offsprings, we have designed this template to help you present some safety measures that will help fight with this virus, eating up the entire human race slowly and gradually. This template can be used to present information about the virus and safety measures to keep its spread in check like using sanitizers, wearing masks, observing social distancing, washing hands, not touching nose and face, etc. You can also use this template as a background for your presentations related to viruses.

Download Fight With Virus Medical PowerPoint Templates And PowerPoint Backgrounds

Contemplating the origin of life is a fascinating topic for both scientists and the general public such as you and me. Understanding the evolutionary history of viruses and their life span can surely shed some light on this topic, which is what these 25 virus templates aim for.

Although there is no clear explanation of the origin of these viruses, these have been present for millions of years among us humans. So, even a little bit of information can make a world of difference here.

Download these templates to spark a sense of hope in these difficult and dark times where our lives and deaths are dependent on a VIRUS called Coronavirus or COVID 19.

10 Best Medical Google Slides Templates For Improving Lives
Increase The Cohesiveness Of Workplace With Our Top 20 Organizational Culture Presentation Templates for PowerPoint!!
Top 35 Change Management Templates To Transform Your Business WorkFlow
9 Beautiful Color Palettes for Designing Powerful PowerPoint Slides

Liked this blog? Please recommend us

Top 40 Medical, Healthcare Templates for Doctors and Nurses

Top 25 Drugs and Medicines PowerPoint Templates trusted by Medical Professionals

Top 30 Medical PowerPoint Slides for the Soldiers Fighting Against CoronaVirus!

Battling Coronavirus: Dumbledore’s Wise Message Guides Us in These Dark Times

The Complete COVID-19 PPT Presentation: Outbreak & Impact

This form is protected by reCAPTCHA - the Google Privacy Policy and Terms of Service apply.

--> Digital revolution powerpoint presentation slides

--> Sales funnel results presentation layouts

--> 3d men joinning circular jigsaw puzzles ppt graphics icons

--> Business Strategic Planning Template For Organizations Powerpoint Presentation Slides

--> Future plan powerpoint template slide

--> Project Management Team Powerpoint Presentation Slides

--> Brand marketing powerpoint presentation slides

--> Launching a new service powerpoint presentation with slides go to market

--> Agenda powerpoint slide show

--> Four key metrics donut chart with percentage

--> Engineering and technology ppt inspiration example introduction continuous process improvement

--> Meet our team representing in circular format

Free Virus Google Slides Themes And Powerpoint Templates

autumn and winter common infectious disease prevention knowledge education training Template For Google Slides And Powerpoint -page 0

Collections

Corona Presentation Templates

Coronavirus, omicron virus, lockdown, social distancing & vaccination. want to make powerful awareness presentations on these topics start with our creative & editable free corona virus powerpoint templates and google slides themes stay tuned with slide egg and stay healthy.

Free Corona PowerPoint Templates and Google Slides Themes: Inform, Engage, and Educate

Great design: Our templates look nice and are easy to use. We keep things simple because talking about COVID-19 can be complicated.
Colorful pictures: You can show data and info in a cool way with our colorful pictures. It makes things easier to understand.
You can change stuff: You can customize every slide to fit what you need. Change fonts, colors, and layouts easily.
No copyright problems: You don't need to worry about copyright issues. Our slides are ready to use without any legal problems.
Different sizes: We have different sizes for our slides, so you can pick the one that works best for you.
Try for free: You can try some of our slides for free before you decide if you want to buy them.
Basic Info: Learn about the virus, how it spreads, and what the symptoms are.
Washing Hands: Teach people how to wash their hands properly.
Vaccines: Encourage people to get vaccinated and talk about common worries.
Lockdowns: Explain why it's important to stay away from others and stay home.
Omicron Variant: Stay up to date with the latest news.
Clinical case studies: Learn from what's happening in the real world.
How to stay safe: Give tips on how to protect yourself and others.
Medical treatments: Talk about different ways to help people who are sick.
Doctors: Use them to teach patients, train your staff, or run health campaigns.
Teachers: Teach students about COVID-19 in an easy way.
Business People: Tell your employees and customers how to stay safe.
Community Groups: Get people to know more and act responsibly.

Become an expert with SlideEgg

How to make Prevention of corona virus PowerPoint

We're here to help you, what is the impact of corona on people.

The COVID-19 outbreak impacts all facets of the population, but those in social groupings who are most at risk suffer the most. Being in COVID has caused loneliness, fear, and anxiety.

What are Corona PowerPoint templates?

The Coronavirus PowerPoint Template includes topics and vocabulary associated with COVID. These PowerPoint backgrounds and illustrated slides of organic virus forms can be used to create presentations on COVID subjects, protocol training, and cleanliness.

Where can we use these Corona slides?

Coronavirus Slides can be used in private, public, and professional settings to safeguard everyone's lives.

How can I make Corona PPT Slides in a presentation?

To create service templates, use our pre-designed PowerPoint templates to create an outstanding service launch presentation. Add the information and deliver it to your audience with eye-catching images.

Who can use Corona PPT Templates?

Individuals who lead sessions describing the Corona tracing procedure, identifying the contact, and the standards for helping people can use these templates.

Why do we need to use Corona PowerPoint Slides?

Using these templates, the audience can pay close attention to the presenter and experience the journey along with them. Furthermore, the presenter's job is done once the presentation is over because a Corona PowerPoint deck makes an excellent post-meeting handout.

Where can I find Corona PPT Templates for free?

To create amazing presentations, you can explore and download free PowerPoint templates from various sources. Of which Slide Egg has the greatest. Look into it right now.

All Resource

PPT Templates

Single slides.

Pitch Deck 216 templates
Animation 341 templates
Vertical Report 316 templates
Business 814 templates
Finance 56 templates
Construction 46 templates
IT/Commerce 173 templates
Medical 64 templates
Education 45 templates
Lifestyle 402 templates
Pitch Decks 138 templates
Business 547 templates
Finance 20 templates
Construction 75 templates
IT/Commerce 73 templates
Medical 27 templates
Lifestyle 578 templates
Pitch Decks 140 templates
Business 469 templates
Finance 19 templates
Construction 64 templates
IT/Commerce 72 templates
Medical 29 templates
Education 39 templates
Lifestyle 490 templates
Cover 266 templates
Agenda 97 templates
Overview 216 templates
CEO 28 templates
Our Team 142 templates
Organization 48 templates
History 38 templates
Vision, Mission 109 templates
Problem, Solution 193 templates
Opportunity 154 templates
Business Model 158 templates
Product, Services 299 templates
Technology 65 templates
Market 155 templates
Prices 56 templates
Customers 55 templates
Competitor 113 templates
Business Process 151 templates
Analysis 222 templates
Strategy 120 templates
Marketing, Sales 61 templates
Profit, Loss 69 templates
Financials 247 templates
Timeline 122 templates
Proposal 40 templates
Contact Us 272 templates
Break Slides 16 templates
List 361 templates
Process 351 templates
Cycle 177 templates
Hierarchy 98 templates
Relationship 152 templates
Matrix 86 templates
Pyramid 67 templates
Tables 145 templates
Map 96 templates
Puzzles 163 templates
Graph 217 templates
Infographics 436 templates
SWOT 111 templates
Icon 418 templates
Theme Slides 138 templates
Mockup 42 templates
Column 315 templates
Line 199 templates
Pie 139 templates
Bar 179 templates
Area 130 templates
X Y,Scatter 16 templates
Stock 59 templates
Surface 3 templates
Doughnut 256 templates
Bubble 65 templates
Radar 83 templates
Free PPT Templates 2,101 templates
Free Keynote 2,017 templates
Free Google Slides 2,098 templates
Free Theme Slides 35 templates
Free Diagram 126 templates
Free Chart 49 templates
New Updates

Result for ' virus '

90 Templates are available.

Sort by Accuracy
Sort by Newest

virus Best PowerPoint Templates

Easy customization Highly editable presentation template. All images included Smart and innovative presentation slides Easy color change Data charts editable via Excel Drag & drop friendly

virus Pandemic Poster Layout Template Simple Templates Design

Easy to change colors Professional look presentation Color, size, shading etc. can be modified Modern layouts based on master slides Drag & drop image placeholders

Covid virus Customers Stories Deck

Customer Retention, Our Customers, Service for Consumer, Customer information, Target customer

Covid virus Core competency PowerPoint Design

Technology development, Technology, Product technology development plan, How To Use, Production process

Covid virus Contact Us PPT Background

Contacts, Thank you, Contact Us, Questions, Thanks

Covid virus Overview pitch deck design

Company Overview, About our Company, We Are, Company Services, Company Tagline

Covid virus Important Point Design

Better Solution, Solution to the Problem, Solution, Problem, Our Solution

Covid virus Milestones Templates

Thinking Process, Sales Expectations Steps, Management Process, Operational plan, Growth Plan

Covid virus Risk Management Presentation Deck

Strategy, Social Media Strategies, Business strategy, Strategic Plan, Technology Development Strategy

Covid virus Important Point PPT Slide Deck

What is the Problem, Problem Solution, Market Problem, Our Solution, How to Do

Covid virus Focus on Work Presentation Slide

Our Traction, Business opportunity, Create Our Unique, Traction, Business Core Values

Covid virus Comparison PPT Deck

Service Description, Reference Brands, What We do, Comparative Layout, Services

Covid virus Service Overview Single Layout

Service Introduction, What We offer, States of Product, Mock Up Project, Product Overview

Covid virus Project Flow Template

Business Schedule, Project progress schedule, Project Schedule, Task schedule, Timescale

Covid virus Market Distribution Templates

Covid virus Market Forecasts PPT Deck Design

Market Validation, Market, Market Expansion, Future Martket Insight, Target Market

Covid virus Types of Risks Templates

Management Analysis, Data Analysis, Comparative Market Analysis, Analysis, Comparative analysis

Professional Doctor Have Experience with virus es Deck Layout

Covid19, Retention Technology, Performance Highlights, Our Skills, Expertise, Technology development

The Age of Pandemic company profile template design

Built-in custom color palette Data charts (editable via Excel) Easy editable data driven charts (pie, bar, line) Smart and innovative presentation slides Drag & drop friendly

Corona Pandemic Theme Presentation Templates

Easy customization 100% fully editable Google slides Creative slides 100% vector (fully editable maps, infographic, icons) Free images and artwork

Free Slides

Slide Members

[email protected]

Information

Privacy Policy
Terms & Conditions

Recent Slides

13+ New Animation Powerpoint Templates Update
12+ Recently Powerpoint Templates & Google slides Update
16+ New Templates Update (PPT templates & Google slides)

Virus Template

Do you have accurate information about viruses? Do you know how they spread in the human organism? Well, you will find all your answers in our design. Which gives you a complete structure to learn, teach or share more information about their consequences and how to deal with them to prevent further discomfort. Do you want to see it? Well what are you waiting for, take this new virus template for PowerPoint and Google Slides and complement the image and content of your infectious microorganisms ppt presentations.

Our virus template complies with offering you the best images, animations, vectors and backgrounds related to germs and microbes. You will also be able to modify, customize and change any attribute of its 36 slides online by just exporting them with one click to Canva. In short, this design has everything to make your bacteria presentation the best. Download this free digital material and start putting all your information right now.

Free Virus Template for PowerPoint and Google Slides

Main features

36 slides 100% editable
16:9 widescreen format suitable for all screens
High quality royalty-free images
Easy to edit layouts for presenting or printing
Included resources: charts, graphs, timelines and diagrams
More than 100 icons customizable in color and size
Main font: Calisto MT
Predominant color: Light blue

Download this template

Interested in more designs associated with human life? Then let us recommend our collection of Google Slides Themes and Health PowerPoint Templates. Here you will find a lot of digital material available for you to make your presentations or presentations more entertaining, understandable and dynamic.

We use cookies to improve the experience of everyone who browses our website. Cookies Policy

Accept Cookies

Coronavirus PowerPoint Templates

Search Keywords: Corona, Virus, China, Danger, Dangerous, Disease, Forbidden, Illegal, Illness, Infection, Information, Injection, Laboratory, Macro, Middle, No, Placard, Prohibited, Forbidden, Protection, Protection, Red, Research, Limited, Symbol, Signal, Silhouette, Propagation, Stop, Symbol, Syringe, Warning, Background, Illustration, Icon, Hospital, Human, Health, healthy, Help, Biology, concept, design, figure, graphic, image, life, shape, PowerPoint Templates, ppt, google slides

Coronavirus PowerPoint Templates: It includes 48 slides

Fully and easily editable (shape color, size, and text)
This template has a color theme and will automatically apply color when copied and pasted
It includes a customizable icon family with 135 different icons(Fully editable)
Drag and drop image placeholder
Easy editable data-driven charts (Editable via Excel)
Vector graphics 100% fully editable
Based on master slides
The aspect ratio of 16:9
All background images are included. But The pictures used for example in the image placeholder are not included (You can easily insert your images) => Example pictures copyright: pixabay.com
Our templates can be used for school classes, business purposes, and commercial purposes. But all images and graphics (shapes) in this template are produced by allppt.com. Redistribution of the template or the extraction graphics is completely prohibited .

I very like, Please send to me sir

Thank you. We’ll make a better template. MUSTAFA LUTFI 🙂

Enjoy your COVID life

Thank you. Donald Trump ?

cant download ur shit from ur shitty webshit

The link we checked is properly connected. We have confirmed that it is available for download. Click the “Click here to download this PPT template” button at the bottom of the page to download it.

Dear Trashes,

we have downloaded this template and it is amazing. Just a small tip. Do refrain from being rude and ungrateful. It is rather unfortunate blaming someone else for your own limitations, which seems to lie with the fact that you do not know your computer. Good job ALLPPT and thank you very much!

Dear, this is too rude, please mind your language. If you don’t know how to use your computer then don’t blame anyone else. you are getting free templates and you are complaining. hope you understand. thanks

Thank you. Deane 🙂

Dear Adminae,

You’re totally allowed to talk shit back to those who talk shit about your wonderful work. Thank you.

Thank you. Trash must be kept in a trash bin ?

it s a wonderful work you “trashes” you dont know how to download it’ s your problem so dont insult others because your own mistake is being ignorant

Thanks for defending for me. We’ll make a better template. sali ?

I can’t download Coronavirus PowerPoint Templates.

How to download??

why can’t download power point templates corona virus?

I am not able to download it

Why it is not downloading? As it is required for our work.

Not able to download the coronavirus PPT template. Does anyone know the trick?

hello, but why i can’t download it 🙁

Hi, the link is not working! Thanks!

How to download this template? Please. I need the presentation. The info regarding corona virus are all here.

i can’t download it

can’t download it. 🙁

thank but how can i download it

cant download

This template is not downloadable. After clicking “download,” it keeps taking you back to the All PPT homepage.

having same problem.

The template is not downloaded ??

Why the template can’t be download?

Thank you for fixing the problem. Now it’s downloadable :)) Nice presentation. Thumbs up

Thank you. We’ll make a better template. doktercinta 🙂

Thank you. We’ll make a better template. 🙂

why this template can’t be downloaded? please fix it immediately

back home page

Why can’t download???

It’s failing to download.thanks

We have confirmed that it is available for download. Click the “Click here to download this PPT template” button at the bottom of the page to download it.

Awesome! A lot of thanks for the hard work!

Thank you. We’ll make a better template. Winnie 🙂

Hey! Taiwan is not a part of China! The cover you use includes Taiwan in it. Actually, Taiwan has only less than 50 cases after outbreaks despite how close they are. This country controls the diseases very well.

Sorry. I admit that we lacked our confirmation. Please revise and use Taiwan on the map. We will delete Taiwan from the map as soon as possible and post it again.

Taiwan is a rebellious province of China. A visit to the British Museum will reveal a stone tablet inscribed with the termination of the Republic of China (ROC) (which is printed on passports issued to citizens of the Taiwan province) in 1948. Also, a search through the United Nations’ official documents confirms that there is no recognized country named “Taiwan”. Just for your information, and you are welcome 🙂 .

This template was first uploaded in February 2020. That was before the WHO officially changed the name of ‘Wuhan Pneumonia’ to ‘COVID-19’. I haven’t modified the previous upload, but you can use a different enough template. We did not create templates for attacks or prejudices against any particular region or country. It’s just a template showing the dangers of a virus outbreak at the time. Sorry for the inconvenience.

First of all, Thanks for sharing amazing PPT resources. But please be ware that the aim of your power point it to help people raise their awareness and know more about how to preventing the virus. I am a Chinese and all my friends from China all feel extremely offended when we see the map and national flag on the front page and middle in your template. It’s racist and Chinese are victims too… lots of them lost their families and friends. Lots of them volunteered to work overload to help each other. China is not a political symbol. We are real human beings like everyone else in your country. I guess you guys don’t want to educate your students or kids to hate instead of to help and support each other in this special situation. Of course you can ignore me if you are a Trump supporter:)

This template was first uploaded in February, when it was called ‘Wuhan Pneumonia’. After WHO changed its official name to ‘COVID-19’, ‘COVID-19 Testing Centers PowerPoint Templates’ was remade and uploaded further. We do not support President Trump, and we create templates in a neutral position. We didn’t think about racism, we didn’t think of China as a perpetrator. It’s just a template showing that it was a virus originating in China at that time. We apologize for the inconvenience.

First of all, Thanks for sharing amazing PPT resources. But please be ware that the aim of your power point it to help people raise their awareness and know more about how to preventing the virus. I am a Chinese and all my friends from China all feel extremely offended when we see the map and national flag on the front page and middle in your template. It’s racist and very ignorant. Chinese are victims too… lots of them lost their families and friends. Lots of them volunteered to work overload to help each other. I hope people can understand that China is not a political symbol. As Chinese we are real human beings like everyone else in your country. I guess you guys don’t want to educate your students or kids to hate instead of to help and support each other in this special situation. Of course you can ignore me if you are a Trump supporter:)

Thanks for sharing with us amazing PPT templates. As a Chinese I feel offended and hurt seeing you put the map of China on the front page. My other friends felt the same way as i do. Chinese people are victims too. Are you a Trump supporter? Or do you think you want to educate kids to hate Chinese? I don’t see the reason why you choose this offensive pages…

This ppt makes me feel so sick. Using Chinese national flags many times for a global crisis implies your prejudice on this country. Do not say u r in a neutral position, coz you action tells us you are not. Standing on the opposite side with Donald Trump does not mean you are a good one as well.

This template was first uploaded in February under the name’Wuhan pneumonia’. WHO changed the official name to’COVID-19′ and uploaded 2 templates with world maps. You haven’t edited the previous upload, but you can use a sufficiently different template. We are not racist and have no prejudices against China. It’s just a template showing that it was a virus from China at the time. Sorry for any inconvenience.

area attack is a dangerous thoughts, it makes you missing nice things from outside, and ignore poor things from inside. so be smart, see what you see on yourown, and think independently, that will open a door in a fresh new world. good luck.

This template was first uploaded in February under the name’Wuhan pneumonia’. WHO changed the official name to’COVID-19′ and uploaded 2 templates with world maps. You haven’t edited the previous upload, but you can use a sufficiently different template. We have not created templates for attacks or prejudices against specific regions or countries. It is just a template that shows the dangers of virus outbreaks at the time. Sorry for any inconvenience.

Thank you. Yunus Akib ?

Here in Korea. Thank you so so much for these great artwork, It’ll be used in my school project and so on…I cant even guess about how much time the creator spent on this templates. Its literally BEAUTIFUL!

Thank you. We’ll make a better template. Ringaroungtherosie ?

Thank you. nasty ?

What a great PowerPoint design! love it!!!! thank you so much for your effort.

Thank you. We’ll make a better template. MAGA ?

We ask permission to use it, thank you very much!

If you can follow the contents of ‘https://www.free-powerpoint-templates-design.com/terms-of-use/’, you are permitted to use it. Thank you.

THESE TEMPLATES ARE COMPLETELY USELESS. I HAVE ALL OF YOUR INFORMATION AND WILL SEND OFFICERS TO ARREST YOU.

Thank you. It’s rewarding to be useful to you. So I’m running away to avoid getting caught by you.

https://www.free-powerpoint-templates-design.com/corona-virus-powerpoint-templates/

Thank you. Hasanuddin nuru ?

Couldn’t say no more, thanks for the work and revision of removing Taiwan for the China in the map.

We have been insulted and bullied by Chins for more than 20 yrs. Now seems like they are expanding their victim list.

Hope you a good day, and keep on going.

Best regards,.

Thank you. We’ll make a better template. Tung ?

Your description and slides intentionally label China as the origin of the virus while I have to tell you that whether China is the origin or not is still not confirmed, according to World Health Organization, which is still investigating. I highly doubt you are not only distributing the template but also spreading hate towards a certain country. That is horrible!

Hypocritical enough :-). If not “for attacks or prejudices against any particular region or country”, why did you include the national flag of one country into the specific event?

I have been exploring for a bit for any high-quality articles or weblog posts on this kind of space . Exploring in Yahoo I ultimately stumbled upon this site. Reading this info So i’m satisfied to show that I’ve an incredibly excellent uncanny feeling I came upon just what I needed. I such a lot undoubtedly will make sure to do not put out of your mind this site and provides it a look regularly.

Thank you. I will try to upload better templates. deshidrogenasa ?

Thanks for another excellent post. Where else could anybody get that kind of information in such an ideal way of writing? I’ve a presentation next week, and I am on the look for such information.

Thank you. I would be happy if it helped you. Hairstyles ?

Wow .. These is awesome. Thankyou so much for your masterpiece works !!!

Thank you. We’ll make a better template. Mass ?

THIS WEBSITE IS AMAZING

Thank you. We’ll make a better template. emrid1 🙂

very nice sharing, thank you very much

Thank you. We’ll make a better template. Sesli Kameralı Canli Sohbet 🙂

Excellent blog thanks…

Thank you. We’ll make a better template. Monu 🙂

This is such a disgraceful and deliberately stigmatizing powerpoint design, reflecting poorly on the designer’s mindset and understanding of the world, and calling into question your company’s sustainability. Shame on you. You really don’t have to showcase your limited perspective with a clownish design while hoping to influence others by it. 🙂

How do you know that the novel coronavirus originated in China? Isn’t it in the United States? I solemnly and severely inform and request you to stop slandering China! Please remove this PPT template!

This template was first uploaded in February 2020. That was before the WHO officially changed the name of ‘Wuhan Pneumonia’ to ‘COVID-19’. I haven’t modified the previous upload, but you can use a different template. We did not create templates for attacks or prejudices against any particular region or country. It’s just a template showing the dangers of a virus outbreak at the time. Sorry for the inconvenience.

Recommended Knowledge

> PowerPoint Tutorial
> Google Slides Official Website
> Google Drive Blog
> Free High Quality Images

5-split-pie-chart-PowerPoint-Diagram-list-image

Got any suggestions?

We want to hear from you! Send us a message and help improve Slidesgo

welcome back

88 templates

weekly planner

54 templates

meet the teacher

31 templates

first day of school

68 templates

177 templates

Infectious Disease

It seems that you like this template, infectious disease presentation, free google slides theme, powerpoint template, and canva presentation template.

Any disease caused by bacteria or viruses invading our body tissues are called infectious diseases. As always, every single bit of information that you can share about this topic to the medical community is welcome. With this template, you'll get a dark-colored design with some irregular shapes that have gradients. There are some layouts that you could use in your presentation, for example, to talk about risk factors, prevention or treatment.

Features of this template

100% editable and easy to modify
28 different slides to impress your audience
Contains easy-to-edit graphics such as graphs, maps, tables, timelines and mockups
Includes 500+ icons and Flaticon’s extension for customizing your slides
Designed to be used in Google Slides, Canva, and Microsoft PowerPoint
16:9 widescreen format suitable for all types of screens
Includes information about fonts, colors, and credits of the free resources used

How can I use the template?

Am I free to use the templates?

How to attribute?

Attribution required If you are a free user, you must attribute Slidesgo by keeping the slide where the credits appear. How to attribute?

Register for free and start downloading now

How to Add, Duplicate, Move, Delete or Hide Slides in Google Slides

How to Change Layouts in PowerPoint

How to Change the Slide Size in Google Slides

Premium template

Unlock this template and gain unlimited access

Infectious Disease Epidemiology - Master of Science in Epidemiology presentation template

10 Top Executive Summary Templates for Visually Impressive Presentations

An executive summary is a snapshot of a long document, such as a report, proposal, or a business plan. It highlights the key points and important information, such as objectives, problems, opportunities, key findings, recommendations, etc.

These summaries are specifically meant for CEOs, senior executives, and investors. As these professionals are indulged in overseeing the day-to-day operations of the business, they usually don’t have much time to go through long documents. In such a scenario, a well-written executive summary can grab their attention quickly and convince them to read the entire document.

The length of an executive summary depends on the complexity of your plan, project, or proposal. These concise documents seem easy to create, but actually, it is a time-consuming task which requires lots of considerations, as you won’t want to miss the opportunity to impress the clients/investors.

If you are a startup owner, business development manager, or project head and want to visualize the executive summary in a captivating manner but have no idea what to include and how to design it, you are at the right place. In this article, we have provided a list of pre-designed Executive Summary PowerPoint and Google Slides templates that will take away all your presentation creation worries, making your work a lot easier. Let’s take a look!

1. Executive Summary

This editable template with vibrant colors, eye-pleasing visuals, and subtle animation effects will transform your executive summary into a memorable visual masterpiece. Using it, you can showcase an overview of your company, target customers, operating plan, marketing plan, revenue, milestones, accomplishments, etc., enabling senior executives to make timely decisions.

2. Project Executive Summary

Beautified with captivating color patterns, readable fonts, and self-explanatory icons, this template is an ideal choice for project managers to present project scope, goals, milestones, assumptions, risks, start and end dates, and other highlights. By visualizing key information about the project using this deck, you can keep your team aligned and managers informed.

3. Business Plan Executive Summary

Using this gripping template, you can showcase a comprehensive overview of your business plan while being concise. Ideal for business development managers and market analysts, this visual resource can be used to depict market challenges, opportunities, trends, and competition. In addition, you can present your company’s strengths, capabilities, and technological expertise to capitalize on emerging opportunities.

4. One Page Executive Summary

Provide insights into your company’s background, competitive advantage, USP, product categories, process, team, and more in a visually impressive manner to your clients, partners, and other stakeholders leveraging this deck. This template will let you give a bird’s eye view of all the crucial details required to get management approval and secure funds.

5. Customer Journey Executive Summary

This professionally designed template features self-explanatory icons and high-definition graphics of pie charts and timelines to help you showcase your customers’ interactions and experiences with your brand’s products or services. You can present a number of customers, a global customer base, customer testimonials, etc., to build trust among potential customers in your offerings.

6. Startup Executive Summary

If you are looking for a creative template to deliver an outstanding presentation about your startup and convince investors to invest in it, count on this deck. It lets you visualize your business model, target market and size, startup costs and revenues, competitive analysis, investment size and ROI, etc., in a crisp and concise manner without overwhelming the audience.

7. Business Proposal Executive Summary

Download this template if you want to present a synopsis of your new business idea or business expansion plan to potential clients or investors in an attention-grabbing way. You can visualize your big vision, objective, approach, and what core challenges you want to solve through your product or service. Moreover, you can showcase the estimated budget and return on investment.

8. Business Growth Executive Summary

This template, packed with beautiful graphics, colors, and layouts, is perfect for presenting your business’s achievements, growth, milestones, and success like never before. With this deck, you can show the comparison of the last and current year’s revenue and profit, key growth areas, and increase in sales over the years. You can also highlight the organic and inorganic growth drivers.

9. Executive Briefing

Visualize your company’s overview, value proposition, problem statement, competencies, financial projections, and key findings about the target market impressively without loading your slides with too much content. The use of multiple colors and high-resolution icons makes each piece of your information stand out.

10. Business Executive Summary

Business executives can use this template to deliver a fantastic presentation on the occasion of the company’s foundation day or annual general meeting. With this set of slides, you can depict your organization’s accreditations and certifications, key clients, capabilities, financial highlights, and more in a brief and compressed yet engaging and understanding manner.

So, this is our top list of pre-designed executive summary presentation templates. Download all the templates that fulfill the needs and match the themes of your next presentations. Edit them to fine-tune them as per your company’s branding guidelines. And voilà! You are up for presenting your information with excellence.

Leave a Response Cancel reply

Save my name, email, and website in this browser for the next time I comment.

Please enter an answer in digits: seventeen − 9 =

Ashish Arora

14 Visually Awesome 30 60 90 Day Plan Templates You Must Not Miss to Download

Customer Journey Presentation: Tips to Ace It

A Detailed Guide to Craft the Most Stunning Customer Journey Presentation

A Complete Guide to Writing a Clear and Concise Problem Statement

Unleash the Power of Agile Communication in the Fast-Changing Digital Realm

Free COVID-19 PowerPoint Templates

Free COVID-19 Vaccine PowerPoint Template

Free COVID-19 Vaccine PowerPoint Template is a health and medicine design for the presentations regarding the development of vaccines for COVID-19. The cover slide is featuring an image of a vaccine bottle filled with the vaccine content. It is depicting the vaccine is ready to be applied to the public. Vaccination of coronavirus has started …

Free COVID-19 PowerPoint templates and slide designs that can be used to prepare presentations on Corona Virus topics. This includes presentations on COVID symptoms, review of Pandemics during the last 300 years, how to be safe with COVID or to make infographics on Corona Virus.

Free Social Distance PowerPoint Template

Free Masks PowerPoint Template

Free Stay Home PowerPoint Template

Free Stay Home Stay Safe PowerPoint Template

Free Vaccine Development PowerPoint Template

Free COVID Cruise Ship Travel PowerPoint Template

Coronavirus PowerPoint Template

Free COVID-19 Presentation Template

We will send you our curated collections to your email weekly. No spam, promise!

Home Blog Design How to Create a Successful Brand Presentation (Tips + Templates)

How to Create a Successful Brand Presentation (Tips + Templates)

A well-crafted presentation can distinguish between securing a deal and losing a potential client. Depending on your industry, competition can be fierce when presenting ideas, strategies, and results in the most impactful format while working with a professional aesthetic. On this behalf, a branded presentation goes beyond a mere collection of slides; it visually represents a company’s identity and values.

This article will guide you in the concept of branded presentations, differentiating them from brand identity in presentations and exploring the essential elements to secure their maximum potential. Additionally, we provide a list of ready-made PowerPoint templates to make your design job easier.

Table of Contents

What is a Branded Presentation?

What is the difference between brand presentation and brand identity presentation, elements of a brand presentation, how to create a brand presentation slide by slide, tips for creating an effective branded presentation, recommended brand presentation powerpoint templates, final words.

A branded presentation is a customized set of PowerPoint slides that reflect a company’s unique design style and visual identity. This means that the presentation includes specific elements that are consistent with the company’s branding guidelines. These elements often encompass the company’s logo, brand colors, fonts, photography style, and other graphical elements that are part of the company’s visual identity.

Branded presentations are required tools for an efficient communication plan in any business or organization, considering both internal and external communications. By incorporating the visual elements that define the brand, these presentations help maintain a cohesive brand image, reinforcing brand awareness.

Although brand presentation and brand identity presentations are terms used interchangeably, there are considerable differences between them as they are used in their respective contexts.

Brand Presentation

A brand presentation communicates various business-related information, such as project updates, sales reports, marketing strategies, and more. It is tailored to fit the specific message and audience of the presentation while ensuring that all visual elements adhere to the company’s branding guidelines. The focus is on the presentation’s content, with the branding elements providing a consistent and professional backdrop.

Brand Identity Presentation

On the other hand, a brand identity presentation is specifically designed to introduce and explain the elements of a company’s brand identity. This type of presentation is often used during brand rollouts, rebranding efforts, or to onboard new employees and partners. It provides a comprehensive overview of the brand’s visual and verbal identity, including the logo (read our article on logo presentation for more insights), color palette, typography , imagery, tone of voice, and brand values . The goal is to educate and align all stakeholders on the brand’s look and feel, ensuring consistency across all touchpoints.

Bonus tip: Check our guide on color theory to learn how to create harmonic color palettes for your brand identity presentation.

The following elements must be included in any brand deck.

The company’s logo should be prominently displayed on each slide. There are multiple methods to accomplish that: a footer, a watermark logo, a small logo at the top-right corner of the slide, etc.

Using a logo in a slide deck helps to immediately associate the presentation with a company or organization.

Brand Colors

When creating the slides, the use of the company’s color palette must be considered to maintain a consistent aesthetic and integrate the logo as a natural element.

Presenters can use different color schemes if the logo is monochromatic or harmonious palettes in case we count with a pre-established color selection. To create a unified look, these colors should be used for backgrounds, text, and graphical elements.

Have you ever heard the phrase “less is more”? Certainly, this applies to the use of fonts in your presentation slides. A branding presentation must work with the same typefaces selected for the logo or with options defined at the brand identity stage.

As a general rule, never use more than three different typefaces or more than three font weights in the same slide deck.

Imagery Style

One aspect that defines a professional brand aesthetic is to count with images or photos in the same style across slides. If you work with photos, then stick to similar editing settings. If you opt for illustrations, then continue using illustrations across the branded slides.

Another example is mixing black-and-white images with fully colored images. As a rule, you should use the same color scheme across your images.

Graphical Elements

Icons, graphs, patterns, charts, shapes, and any other graphical element. On this behalf, you can find fine examples of what to include in these categories:

Brand Strategy PowerPoint templates
Brand Awareness templates
Brand Management templates

While primarily visual, the tone of voice in any text or spoken elements should also reflect the brand’s personality and values. Avoid unnecessary jargon and changes between active and passive voice.

Creating a branded presentation is fairly easy once you master the steps. The core structure remains the same, but the body slides can be changed depending on the requirements of your presentation.

Title Slide

This slide sets the tone for the entire presentation. In a few words, it’s your introduction card.

The company logo should be prominently displayed but in a subtle way so it doesn’t compete with the text. The presentation title must use the brand’s font and color scheme, including a subtitle with a lighter font weight version of the brand’s font. Format the date and presenter’s name so that it can be easy to edit if the slide deck has to be repurposed.

Agenda Slide

The agenda slide serves to outline the main points to be covered in the presentation, hence giving the audience a clear understanding of what to expect. You can use the brand’s accent colors to highlight each point of the talk or creative PPT icons to bring attention.

Introduction Slide

Like any other presentation, you need to introduce the purpose and context. A branded presentation would take into account the imagery style, color palette, typefaces, and logo placement.

Body Slides

Depending on the kind of presentation you’re building, the structure of the slides will vary. Since consistent logo placement is a must in branded presentations, in our experience, it’s best to stick with the top-right corner or footer as a potential position for it. If you opt for the latter, be sure to place the logo at the opposite corner of the slide number indicator. Keep in mind you don’t have to add the logo to all slides, as that’s overwhelming for the viewer.

Charts and graphs have to bear the same color palette designated for the brand identity or directly contrasting colors in case we work with a monochromatic scheme. One useful concept to master is the brand essence wheel , as it can help us curate which content is relevant for our presentation, depending on the context.

Conclusion Slide

When defining how to end a presentation , presenters summarize the core concepts disclosed in the presentation and use call-to-actions to elicit a response from the audience. The text should be kept concise and focused, using the brand’s accent colors for the call to action button or graphics.

Tip #1 – Start with a Template

Working with professionally-designed PowerPoint templates cuts down the branded slides creation process by over 200%. Not only do you not have to worry about color pairing or font pairing choices, but you also ensure that a consistent look is going to be used across all slides in your deck. In case you don’t find a template that bears the same colors as your branding, you can easily customize it in both PowerPoint or Google Slides.

Tip #2 – Leverage Social Proof

Incorporate testimonials, client logos, and case studies that reflect your brand’s credibility. This is of particular interest in scenarios like business pitches or sales presentations, where your reputation is the one key factor that can make or break a deal.

Tip #3 – Incorporate Motion Graphics

Not all presentations have to bear a boring, old-school 2D look. Using branded motion graphics or animations is a great method to engage your audience and explain complex concepts in a more dynamic format.

Tip #4 – Negative Space is Your Friend

Don’t overload slides with tons of content to show how much you know about a topic. A presenter who mastered the art of communication is well aware that less is more, so learn how to effectively use negative space to make the slides look clean. Focus on emphasizing key content rather than populating slides on the go.

Tip #5 – About Your Backgrounds

Use simple, branded backgrounds to focus the attention on the content, not the graphics. Gradient effects can be used as long as they remain subtle.

Tip #6 – Test for Accessibility

A point to take into account, especially for company-wide presentations, is to check for high-contrast colors, readable fonts, and alt text for images. Considering accessibility for your presentations is a must these days if you care about your attendees and the experience they get out of your content.

Tip #7 – Logo Placement

Unlike what most people think, your logo doesn’t need to be shown on every single slide. In fact, that’s a bad practice as you overcrowd the slides with content. It’s a very different scenario if we talk about academic presentations where the slides may be repurposed for educational content – thus, your branding is important in terms of intellectual property. Once again, for most cases, placing your logo every 3-4 slides is good and plenty.

1. Operational Planning Branded Presentation PPT Template

Technology and Innovation Template Slide

This slide deck contains all that’s required to create accurate report presentations on logistics, processes, management, HR, and more. This animated brand presentation template counts with a cohesive aesthetic and carefully thought logo placement to meet the requirements of each slide. Check it out!

Use This Template

2. Branded Corporate Event Planning PowerPoint Template

Managing Attendees PowerPoint Slide - Corporate Planning PPT Template

Ideal for HR professionals, event planners, managers, and anyone who has to organize a corporate event. We count with multiple tools for decision-making processes in event management, such as event goals, dos and don’ts for venue location selection, event marketing strategies, and the list goes on. A creative color palette with a nice logo placement distributed across 15 slides.

3. Minimalistic Black & White Brand Presentation Template

Whenever you need to create a formal, clean-looking brand presentation in a monochromatic palette, this is the option to check. Nine slides with a clear structure that doesn’t overwhelm the viewer are perfect for introducing a company, presenting a series of facts, or for in-company meetings. A ‘Thank You’ slide with contact information and social media icons is also included.

4. Branded Corporate Expense Management PPT Template

Intended for training financial professionals in the art of tracking the movements, budget, and overall expenses of any corporation, this slide deck manages an analogous color palette and pre-established placeholder areas for logo placement. The balance between colors ensures an appropriate contrast and an excellent readability experience.

5. Company Profile Branded Presentation Template

If you’re looking for a slide deck packed with tools to deliver a company profile presentation, but also considering branding requirements, see no further. This is the option to go in terms of ease of editing, graphics quality, and resources offered. 18 slides to check and customize now.

Coming up with a branded presentation is not a complex process. Presenters can use multiple tools available online to come up with professional-quality results, like presentation templates, font pairing tools, branding guideline documents, and the list goes on. It’s important to highlight the brand in the subtle details, like color selection, rather than overloading slides with badly sized logos or repeated branding elements (i.e., website address). Keep it simple and iterate to achieve your desired result.

Like this article? Please share

Brand, Brand Consistency Filed under Design

Filed under Business • April 22nd, 2024

An Introductory Guide to Brand Management For Business Leaders

Did you know that displaying consistent branding across different sales platforms can increase revenue by up to 33%? That’s a good pocket of growth. But it’s hard to tap into without a systemized approach. Enter brand management. What is Brand Management? Brand management is a multi-facet process of presenting and supervising the promotion of a […]

Filed under Design • October 29th, 2023

The Language of Branding: How to Present Your Brand Identity

Companies sometimes face the chance of performing a brand identity redesign process. If that’s the case, we invite you to discover how to do it and how to present your new design to stakeholders

Filed under Business • June 11th, 2022

How to Set Up a Winning Customer Success Program

The customer success movement is getting stronger year over year. In 2019, 83% of Customer Success teams increased in size. This year, even more organizations plan to invest in new customer success management programs to ramp up their service levels. But what does customer success mean? We explore it in this article.

Environment
Science & Technology
Business & Industry
Health & Public Welfare
Topics (CFR Indexing Terms)
Public Inspection
Presidential Documents
Document Search
Advanced Document Search
Public Inspection Search
Reader Aids Home
Office of the Federal Register Announcements
Using FederalRegister.Gov
Understanding the Federal Register
Recent Site Updates
Federal Register & CFR Statistics
Videos & Tutorials
Developer Resources
Government Policy and OFR Procedures
Congressional Review
My Clipboard
My Comments
My Subscriptions
Sign In / Sign Up
Site Feedback
Search the Federal Register

The Federal Register

The daily journal of the united states government.

Legal Status

This site displays a prototype of a “Web 2.0” version of the daily Federal Register. It is not an official legal edition of the Federal Register, and does not replace the official print version or the official electronic version on GPO’s govinfo.gov.

The documents posted on this site are XML renditions of published Federal Register documents. Each document posted on the site includes a link to the corresponding official PDF file on govinfo.gov. This prototype edition of the daily Federal Register on FederalRegister.gov will remain an unofficial informational resource until the Administrative Committee of the Federal Register (ACFR) issues a regulation granting it official legal status. For complete information about, and access to, our official publications and services, go to About the Federal Register on NARA's archives.gov.

The OFR/GPO partnership is committed to presenting accurate and reliable regulatory information on FederalRegister.gov with the objective of establishing the XML-based Federal Register as an ACFR-sanctioned publication in the future. While every effort has been made to ensure that the material on FederalRegister.gov is accurately displayed, consistent with the official SGML-based PDF version on govinfo.gov, those relying on it for legal research should verify their results against an official edition of the Federal Register. Until the ACFR grants it official status, the XML rendition of the daily Federal Register on FederalRegister.gov does not provide legal notice to the public or judicial notice to the courts.

Schools and Libraries Cybersecurity Pilot Program

A Rule by the Federal Communications Commission on 07/30/2024

Document Details

Information about this document as published in the Federal Register .

Document Statistics

Published document.

This document has been published in the Federal Register . Use the PDF linked in the document sidebar for the official electronic format.

Enhanced Content - Table of Contents

This table of contents is a navigational tool, processed from the headings within the legal text of Federal Register documents. This repetition of headings to form internal navigation links has no substantive legal effect.

FOR FURTHER INFORMATION CONTACT:

Supplementary information:, i. introduction, ii. discussion, iii. procedural matters, iv. ordering clauses, list of subjects in 47 cfr part 54, final rules, part 54—universal service, subpart t—schools and libraries cybersecurity pilot program, enhanced content - submit public comment.

This feature is not available for this document.

Enhanced Content - Read Public Comments

Enhanced content - sharing.

Email this document to a friend

Enhanced Content - Document Print View

Print this document

Enhanced Content - Document Tools

These tools are designed to help you understand the official document better and aid in comparing the online edition to the print edition.

These markup elements allow the user to see how the document follows the Document Drafting Handbook that agencies use to create their documents. These can be useful for better understanding how a document is structured but are not part of the published document itself.

Enhanced Content - Developer Tools

This document is available in the following developer friendly formats:.

JSON: Normalized attributes and metadata
XML: Original full text XML
MODS: Government Publishing Office metadata

More information and documentation can be found in our developer tools pages .

Official Content

View printed version (PDF)

This PDF is the current document as it appeared on Public Inspection on 07/29/2024 at 8:45 am. It was viewed 0 times while on Public Inspection.

If you are using public inspection listings for legal research, you should verify the contents of the documents against a final, official edition of the Federal Register. Only official editions of the Federal Register provide legal notice of publication to the public and judicial notice to the courts under 44 U.S.C. 1503 & 1507 . Learn more here .

Federal Communications Commission.

Final rule.

In this document, the Federal Communications Commission (Commission or FCC) stablishes the Schools and Libraries Cybersecurity Pilot Program (Pilot or Pilot Program). The Pilot Program will enable the Commission to evaluate the impact that using Universal Service Fund (USF or Fund) support for eligible cybersecurity services and equipment will have on protecting school and library broadband networks and data. In so doing, the Commission seeks to address the apparent needs of schools and libraries for additional support for cybersecurity services and equipment, while evaluating the impact that providing that support would have on the USF.

Effective August 29, 2024, except for amendatory instruction 3 (adding §§ 54.2004, 54.2005, and 54.2006) and amendatory instruction 4 (adding § 54.2008), which are delayed indefinitely. The Commission will publish a document in the Federal Register announcing the effective date for those sections.

Kristin Berkland [email protected] in the Telecommunications Access Policy Division, Wireline Competition Bureau, 202-418-7400 or TTY: 202-418-0484. Requests for accommodations should be made as soon as possible in order to allow the agency to satisfy such requests whenever possible. Send an email to [email protected] or call the Consumer and Governmental Affairs Bureau at (202) 418-0530.

This is a synopsis of the Commission's Schools and Libraries Cybersecurity Pilot Program, Report and Order (Order), in WC Docket No. 23-234; FCC 24-63, adopted June 6, 2024, and released June 11, 2024. The full text of this document is available at the following internet address: https://www.fcc.gov/document/fcc-adopts-200m-cybersecurity-pilot-program-schools-libraries-0 .

1. As broadband connectivity and internet access have become essential for K-12 students and adults alike, the security and safety of that access has likewise become paramount. Whether for online learning, job searching, or connecting with peers and the community, high-speed broadband is critical to educational, professional, and personal success in the modern world. Although broadband connectivity and internet access can simplify and enhance the education and daily lives of K-12 students, school staff, and library patrons, they can also be used by malicious actors to steal personal information, compromise online accounts, and cause online personal harm or embarrassment. In response to the growing importance of cybersecurity to broadband connectivity and internet access for K-12 schools and libraries, and in light of the increase in cyberattacks to disrupt or disable these critical networks, the Commission adopts a three-year pilot program within the USF to provide up to $200 million to support cybersecurity services and equipment for eligible schools and libraries.

2. The Pilot Program is a critical next step to evaluate whether, and to what extent, the Commission should leverage the USF to support the cybersecurity needs of schools and libraries. By proceeding via a short-term Pilot Program, the Commission can gather key data on the types of cybersecurity services and equipment that K-12 schools and libraries need to protect their broadband networks and securely connect students, school staff, and library patrons to advanced communications that are integral to education. The Pilot Program will evaluate whether supporting cybersecurity services and equipment with universal service funds advances the key universal service principles of providing quality internet and broadband services to K-12 schools and libraries at just, reasonable, and affordable rates; and ensuring schools' and libraries' access to advanced telecommunications. Importantly, the Pilot Program will also enable the Commission to better estimate the costs of supporting cybersecurity services and equipment via the USF, which will help inform future decisions on how to best utilize the USF to support the connectivity and network security needs of K-12 schools and libraries. Data and information collected through this Pilot Program may also aid in the considerations of broader efforts across the government to help schools and libraries address their cybersecurity concerns. In this regard, the Commission notes that other Federal partners, including the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Department of Education (Education Department), have jurisdiction and deep expertise on cybersecurity matters, and the Commission expects continued interagency coordination will enable us to leverage their knowledge and resources to explore how the Commission can contribute to addressing the cybersecurity needs of K-12 schools and libraries.

3. Eligible schools and libraries will be able to request and receive support through the Pilot Program to purchase a wide range of qualifying cybersecurity services and equipment that best suit their particular needs. To ensure that the Commission is able to select a large number of participants for the Pilot Program, it adopts per-student and per-library budgets, subject to a minimum funding floor, as well as an overall funding cap. Additionally, the Commission expects to select a diverse cross-section of schools, libraries, and consortia to participate in the Pilot Program, with a focus on selecting applicants with the greatest need. By selecting a participant pool that reflects large, small, urban, rural, and Tribal schools and libraries, the Commission expects to gain a better understanding about the cybersecurity needs of a wide range of schools and libraries.

4. In adopting this Pilot Program, the Commission is also mindful of the E-Rate program's longstanding goal of promoting connectivity, as well as its obligation to be a mindful and prudent steward of the Commission's limited universal service funds. To that end, the Commission must balance its actions in this proceeding against competing priorities, bearing in mind that the universal service funds are obtained through assessments collected from telecommunications carriers that are typically passed on to and paid for by U.S. consumers. The Commission acknowledges that, as a limited-term Pilot Program, only a subset of K-12 schools and libraries will likely be selected and receive support to defray their cybersecurity-related costs. And, with a $200 million budget, the Pilot Program will not be able to fund all of the cybersecurity-related needs of the selected Pilot participants. The Commission notes that the estimated costs for all types of cybersecurity services may exceed the funding available for this Pilot Program, and it further notes that the Pilot participants will not receive 100% reimbursement, as they will be required to pay their non-discount share of the costs of the Start Printed Page 61283 eligible services and equipment. Within this framework, the Commission finds that the Pilot Program will serve a vital role in informing the Commission, and the broader Federal Government, as to the most pressing cybersecurity needs of K-12 schools and libraries, and the associated costs, which will enable the Commission and other stakeholders to best address these needs on a long-term basis.

5. In the Order, the Commission establishes a three-year Pilot Program to evaluate whether supporting cybersecurity services and equipment with universal service support could advance the key universal service principles of providing quality internet access and broadband services to K-12 schools and libraries at just, reasonable, and affordable rates; and ensuring schools' and libraries' access to advanced telecommunications as provided by Congress in the Telecommunications Act of 1996 (1996 Act). Specifically, the Commission first adopts a three-year Pilot timeframe and $200 million cap to support cybersecurity services and equipment, including advanced firewalls, for eligible schools and libraries, and consortia of eligible schools and libraries, using the Connected Care Pilot Program as a model. Second, the Commission establishes per-student and per-library budgets to specify the amount of funding that Pilot participants can receive and ensure funding can be widely disbursed. Next, the Commission confirms that all eligible schools and libraries, including those that do not currently participate in the E-Rate program, are eligible to apply to participate in the Pilot Program. The Commission then adopts a Pilot eligible services list that specifies the cybersecurity services and equipment that will be eligible for Pilot funding, and an application process that mirrors the E-Rate program and through which it can select a broad pool of participants. In addition, the Commission establishes Pilot Program rules and procedures for all phases of the Pilot, including competitive bidding, requesting funding, and invoicing/reimbursement. These Pilot rules and procedures draw on its experience administering the E-Rate and Emergency Connectivity Fund (ECF) programs and will promote efficient program administration and reduce burdens on Pilot participants. The Commission also appoints an Administrator of the Pilot and adopt program integrity protections, including document retention and production, gift, certification, audit, and suspension and debarment rules, consistent with its responsibility to be a careful steward of the limited USF dollars. The Commission then adopts Pilot performance goals and data reporting requirements to help us assess the costs and benefits of using the limited universal service funds to support the cybersecurity needs of K-12 schools and libraries, and establish appeal and waiver request rules to provide recourse for parties aggrieved by decisions of the Pilot Program Administrator. Lastly, the Commission concludes that the Commission has legal authority to establish a Pilot Program that provides USF support for cybersecurity services and equipment to eligible schools and libraries and that the requirements of the Children's internet Protection Act (CIPA) are triggered by the purchase of eligible services or equipment through the Pilot.

6. Pilot Program Timeframe. The Commission first adopts a Pilot Program duration of three years. In the Cybersecurity Notice of Proposed Rulemaking (NPRM), 88 FR 90141 , December 29, 2023, the Commission sought comment on its proposed three-year term for the Pilot Program. The Commission sought comment specifically to understand whether (i) the proposed length of the program would be sufficient to provide the Commission with data to evaluate how effective the Pilot funding is in protecting K-12 schools and libraries, and their broadband networks and data, from cybersecurity threats and attacks; (ii) if it would be feasible to shorten the Pilot without compromising the integrity of the data collected; and (iii) if it should provide additional time for participants to prepare for the Pilot or for the Commission to evaluate the data at the conclusion of the Pilot.

7. While several commenters support the proposed Pilot duration of three years, many advocated for a shortened Pilot duration of either one year or eighteen months. Commenters supporting a shorter Pilot timeframe offered four main reasons for doing so. First, commenters argued that a three-year Pilot would render the data collected on cybersecurity services and equipment used to combat cybersecurity threats and attacks obsolete by the conclusion of the Pilot Program. Second, commenters advocated that a shorter program would allow the Commission to evaluate Pilot data in time to align with the next E-Rate category two budget cycle ( i.e., funding years (FY) 2026 through FY 2030). Third, commenters argued for a shorter duration on the grounds that applicants who were not selected to participate in the Pilot would be required to wait over three years to potentially receive funding to combat cybersecurity threats and attacks. Finally, commenters recommended a shorter Pilot term or, alternatively, a higher cap, in order to increase the number and diversity of participants.

8. A three-year Pilot Program will give the Commission the time to evaluate whether universal service support should be used to fund cybersecurity services and equipment on a permanent basis and the Commission adopts a program duration of three years for the Pilot. In establishing the Connected Care Pilot Program, the Commission concluded that a three-year pilot program was “reasonable and [would] allow the Commission to obtain sufficient, meaningful data from the selected pilot projects” and the Commission finds the same reasoning applies here. As a responsible steward of the limited USF, the Commission is obliged to carefully evaluate any actions that would expand demands on the Fund. This is particularly important where, as here, the Commission is exploring whether to make funding available to support services and equipment not previously covered, and where other resources may be available. Given record estimates regarding what it could cost to fund a complete suite of cybersecurity services and equipment, the Commission thinks it is imperative to carefully consider the potential benefits—and burdens—before deciding whether to move forward with such funding on a wider scale or permanent basis. The Commission believes that a three-year term will enable us to gather the necessary information.

9. The Commission recognizes there is a tradeoff between learning more from the Pilot and moving quickly to potentially expand support to protect K-12 schools' and libraries' broadband networks and data from cybersecurity threats and attacks. While some commenters suggested setting a one-year to eighteen-month term, in part to align with the next category two budget cycle, the Commission declines to do so. A shorter term would hamper the Commission's ability to evaluate the use of universal service funds to fund cybersecurity equipment and services, particularly given the expected lead time for schools and libraries to implement a cybersecurity solution and unknowns around the evolving threat of potential cybersecurity attacks. Moreover, the Commission notes that it would be challenging to align the conclusion of the Pilot with the next category two budget cycle in any event, given the time needed to evaluate Start Printed Page 61284 lessons learned from the Pilot and the proceedings needed to implement any permanent funding stream for cybersecurity services and equipment. Additionally, the Commission disagrees with commenters that a three-year term would render any potential solutions or analysis obsolete. Given the flexibility the Commission provides to Pilot participants to select and modify the cybersecurity services and equipment they choose over the three-year period, the Commission expects that participants will be able to quickly adapt to changes in cybersecurity threats or attacks, or the availability of new cybersecurity solutions. Additionally, given the reporting requirements adopted herein, the Commission expects to keep pace with lessons learned from the Pilot as data is provided which, in turn, will help facilitate its analysis and determination of next steps. Finally, the Commission disagrees with commenters who suggest it shorten the Pilot term or allocate additional funding in order to fund a greater or wider array of participants. The Commission believes the $200 million cap will allow it to provide sufficient support to a wide cross-section of Pilot participants; thus, the benefits to retaining the proposed three-year time frame are greater than the benefits of a shorter duration.

10. Pilot Program Cap. The Commission also adopts a Pilot Program funding cap of $200 million over three years for the Pilot Program. In the Cybersecurity NPRM, the Commission sought comment on whether (i) a cap of $200 million would be sufficient to obtain meaningful data about how this funding would help to protect schools' and libraries' broadband networks and data and improve their ability to address K-12 cyber risks; (ii) if a lower cap would be sufficient for these purposes ( e.g., $100 million); and (iii) how the total Pilot Program cap should be distributed over the three-year funding period in a way that accounts for participants' spending needs while ensuring predictable funding over the three-year term.

11. Several commenters agree that the proposed $200 million funding cap is sufficient to fund a wide range of Pilot participants over a three-year period. Others suggested a higher amount in order to provide funding to a larger number of Pilot participants. Having reviewed the record in its entirety, the Commission adopts the proposed $200 million funding cap for the Pilot Program. For its goal of obtaining meaningful information on how this Pilot could help protect schools' and libraries' broadband networks and data, and improve their ability to address K-12 schools' and libraries' cybersecurity risks, as discussed in the Order, the Commission believes the proposed cap of $200 million over three years will be sufficient.

12. To provide funding for the Pilot, and to minimize the impact on the contribution factor, the Commission will assign unused E-Rate funds from prior funding years to cover the full $200 million cap. In 2023, the Wireline Competition Bureau (Bureau) found that unused funds from prior funding years were available for use in funding year 2023 and directed the USF Administrator, the Universal Service Administrative Company (USAC), to fully fund year 2023 demand, and to reserve an additional $190 million of carry forward funds for future use. Similarly, in 2024, the Bureau directed USAC to reserve $10 million of the available $500 million of carry forward funds for future use. With the Order, the Commission assigns that $200 million of carry forward funding to offset the collection requirements for the Pilot, thereby reducing any potential increase on the contribution factor. In the Cybersecurity NPRM, the Commission sought comment on other approaches that could be used to fund the Pilot, aside from directing USAC to separately collect the needed funds. No commenter addressed these approaches. Making use of carry forward funding in this way is consistent with its responsibility to be a careful steward of the USF, while at the same time allowing the Commission to respond to the need for additional cybersecurity funding for K-12 schools and libraries. This approach is consistent with how the E-Rate and other USF programs are administered.

13. The Commission next adopts fixed per-student and per-library budgets to determine the amount of funding that participants may receive during the Pilot. In the Cybersecurity NPRM, the Commission sought comment on how to evaluate funding requests and whether to establish a maximum amount of funding that an individual participant could receive. Among other things, the Commission sought comment on whether providing a larger amount of funding to a smaller number of participants, or a smaller amount of funding to a greater number of participants, would best enable us to assess the use of the USF for cybersecurity services and equipment. In particular, the Commission sought comment on whether it should establish a per-student budget, with a corresponding budget for libraries, as well as the data sources and cost information that would be appropriate to use in evaluating funding requests. Additionally, the Commission sought comment on whether it should require Pilot participants to contribute a portion of the eligible costs of cybersecurity services and equipment in order to receive funding. The Commission further proposed to apply a participant's category two discount rate to calculate the non-discounted share of costs for the Pilot Program, but also sought comment on requiring participants to instead contribute a fixed percentage of the costs of the cybersecurity services and equipment purchased. Finally, the Commission sought comment on whether a participant should receive its funding commitment in equal installments, or whether there may be reasons why a Pilot participant may need access to a greater amount earlier during the three-year term.

14. A 2021 cost study submitted jointly by Funds For Learning, LLC (FFL), the Consortium for School Networking (CoSN), and others estimated it would cost approximately $13.60 per student annually to support advanced or next-generation firewall services, $16.20 per student annually to support endpoint security and protection, and $14.50 per student annually to support additional, advanced cybersecurity services and equipment. Rubrik, Inc. (Rubrik), in its comments, stated it would be reasonable to establish a funding maximum for individual entities of $1 million to $2 million. Based on its review of the cost estimates submitted by commenters, and consistent with its goal to provide funding to a wide variety of participants, as discussed in the Order, the Commission adopts fixed budgets to determine the amount of funding that a Pilot participant can receive. While these budgets, including associated maximums and floors, are specified in terms of annualized dollar amounts, participants' expenses are capped based on the full three-year duration of the Pilot and not on an annual basis. Thus, Pilot participants may request reimbursement for expenses as they are incurred even if it means that the amount of funding disbursed to a participant in a given year of the program exceeds their annual budget, so long as the total amount disbursed to a participant over the three-year term does not exceed three times that annual budget. In establishing these budgets, which account for the estimated costs of different types of advanced cybersecurity solutions, the Commission expects to provide a meaningful benefit to a substantial number of schools, libraries, and consortia. In Start Printed Page 61285 implementing this approach, the Commission declines to award support based on a percentage of a participant's category one or category two budget, as suggested by some commenters. The Commission finds that a more tailored approach, grounded in the estimated cost of implementing specific types of cybersecurity solutions, would best achieve its goals in a targeted and cost-effective manner. Furthermore, the Commission notes that because it does not limit Pilot participation to current E-Rate applicants, it would be difficult to implement an approach based on category one or category two budgets. When implementing these budgets, the Commission will categorize Pilot applicants and consider their funding needs in combination with their applicant type, as discussed in greater detail below.

15. Schools and School Districts. Schools and school districts will be eligible to receive up to $13.60 per student, annually, on a pre-discount basis, to purchase eligible cybersecurity services and equipment over the three-year Pilot duration. The Commission finds that a pre-discount annual budget of $13.60 per student strikes an appropriate balance between supporting the various types of cybersecurity services and equipment needed to protect school networks and data, and its desire to provide funding to as many schools and school districts as possible in the limited-term Pilot Program. Additionally, the Commission notes that this per-student annual budget is sufficient to support the majority of the total annual costs related to any one of the three types of security measures FFL and CoSN identified in their cost estimate, and is also consistent with the Commission's analysis in the First 2014 E-Rate Order, 80 FR 167 , January 5, 2015, that established per-student budgets for category two equipment and services.

16. The Commission recognizes that for many schools a pre-discount annual budget of $13.60 will not, by itself, be sufficient to fund all of the school's cybersecurity needs to achieve a fully mature cybersecurity posture, as doing so would typically require a school to implement multiple categories of technical solutions, often in a specific priority order. Given the limited Pilot funding available, its approach instead ensures that each participating school will receive funding to prioritize implementation of solutions within one major technological category requested by commenters, enabling the school to make meaningful progress toward its own cybersecurity goals and providing flexibility for schools with differing cybersecurity strengths and vulnerabilities. The Commission finds that this approach ensures that each participant can make meaningful, incremental progress towards its own cybersecurity goals, and best positions the Commission to assess the benefits that accrue from funding individual cybersecurity solutions, consistent with a core objective of the Pilot. The Commission also finds that this approach represents a strategic and cost-effective way to spend the limited Pilot funds in the context of considering future changes to the E-Rate program, as it creates incentives for each school to select the most impactful incremental solutions available to it in view of the school's specific cybersecurity vulnerabilities and strengths.

17. Schools and school districts selected for the Pilot Program will be eligible to receive, at a minimum, $15,000 in annual support, on a pre-discount basis, over the three-year Pilot duration. The Commission establishes this funding floor to ensure that even the smallest schools and school districts can receive support sufficient to purchase a variety of cybersecurity services and equipment. The Commission sets the annual funding floor at $15,000, pre-discount, because it aligns with the annual cost estimate submitted by FFL and CoSN, which found that that the approximate per-site annual cost for advanced firewalls is $15,994. The Commission notes that a pre-discount $13.60 per-student budget equates to approximately 1,100 students in a school or school district receiving $15,000 in support. As a result, schools and school districts with 1,100 students or fewer will be eligible to receive the pre-discount $15,000 annual funding floor. The Commission also establishes an annual budget maximum of $1.5 million, pre-discount, which equates to approximately 110,000 students, using the pre-discount $13.60 per-student budget. As a result, schools and school districts with more than 1,100 students, and up to approximately 110,000 students, will calculate their budget using the pre-discount $13.60 per-student multiplier. Schools and school districts with more than 110,000 students will be subject to the annual budget maximum of $1.5 million, over the three-year Pilot duration. The Commission finds that a $1.5 million annual maximum reflects the greater purchasing power of larger schools, school districts, and consortia, and the associated reduction in the cost-per-student amount. Additionally, the Commission establishes the annual budget maximum to best ensure that Pilot funds are able to support cybersecurity services and equipment for as many participants as possible, and also to ensure that a disproportionate amount of funding is not awarded to any one participant.

18. Libraries and Library Systems. Rather than adopt a per-user budget, as the Commission has for schools and school districts, or a budget based on library square footage as it does for category two E-Rate funding requests, it adopts a budget that provides a set amount of funding per library to purchase cybersecurity services and equipment. In particular, the Commission establishes a pre-discount annual budget of $15,000 per library up to 11 libraries/sites, consistent with its analysis regarding the per-site funding amount needed to support advanced firewalls. Library systems with more than 11 libraries/sites will be eligible for support up to $175,000 annually, pre-discount, which approximately reflects the cost of providing advanced firewalls to an entity with between 10 and 24 locations. The Commission believes using a per-site methodology and funding caps for calculating library budgets is more appropriate than using library square footage, as it does for E-Rate category two funding requests, because costs for cybersecurity services and equipment do not scale with square footage in the same way as they do for building internal Wi-Fi networks. The Commission also finds that the pre-discount budgets established for libraries and library systems are generally consistent with how funding is allocated in the E-Rate program to cover the majority of the cost of supported services and equipment, and strike a balance between funding a baseline amount needed to procure cybersecurity services and equipment, and ensuring that the Pilot Program is able to support as many participants as possible.

19. Consortia. Consortia participants comprised of eligible schools and libraries will be eligible to receive funding based on student count (using the annual pre-discount $13.60 per student multiplier and $1.5 million, pre-discount, annual cap) and the number of library sites (using the pre-discount $15,000 per library annual budget up to 11 libraries/sites and the $175,000, pre-discount, annual cap). Consortia that are solely comprised of schools will be subject to the pre-discount annual $1.5 million budget maximum applicable to schools. Consortia that are solely comprised of libraries will be subject to the pre-discount $175,000 annual budget maximum for library systems. Consortia comprised of both eligible Start Printed Page 61286 schools and libraries will be subject to the pre-discount $1.5 million annual budget maximum applicable to schools. The Commission finds these budget maximums are an important mechanism to ensure that Pilot funding is widely disbursed. The Commission will also require each consortium to select a consortium leader.

20. Non-discount Share of Costs. The Commission will require participants to contribute a portion of the costs of the cybersecurity services and equipment they seek to purchase with Pilot Program support, similar to the non-discount share that E-Rate applicants are required to contribute to the cost of their eligible services and equipment. The Commission agrees with the Dallas Independent School District that requiring participants to contribute some portion of the costs of eligible services and equipment, as it has in E-Rate, will be “successful in aligning the interests of applicants to minimizing waste, fraud, and abuse.” In the Cybersecurity NPRM, the Commission proposed using a participant's category two discount rate to determine the portion of costs a participant will be required to contribute. The Commission establishes in the Order, instead, that participants will use their category one discount rate to determine the non-discount share of costs. Thus, participants with the students with the greatest need will be eligible for support for 90 percent of their costs, and will be required to contribute 10 percent of the cost of eligible cybersecurity services and equipment purchased with Pilot funds. By using the category one discount rate, the program's neediest schools and libraries will have greater flexibility in selecting eligible services and equipment, thus supporting its goal to evaluate the benefits of supporting advanced firewalls and cybersecurity services using the USF. Furthermore, the category one discount rate is appropriate, as Pilot funds will be used to enhance the protection of the broadband networks, including those funded from the E-Rate program's category one. The Commission finds that this approach is preferable to establishing a uniform contribution percentage like the one adopted for the Connected Care Pilot Program because it equitably accounts for the relative need of the participant. Moreover, most, if not all, Pilot applicants and participants—including large state or regional consortia—are already familiar with the use of discount rates in the E-Rate program.

21. Disbursement of Support. The Commission will permit Pilot participants to request reimbursement as expenses are incurred, even if it means that a greater amount of funding is disbursed earlier in the three-year Pilot term than is specified by its annual budgets, so long as the overall disbursement to a participant over the course of the three-year Pilot term does not exceed three times the annual budget. In doing so, the Commission acknowledges that some participants may face greater up-front costs for the services and equipment needed to implement their cybersecurity plans, whereas others may have ongoing recurring costs, or some combination of both. The Commission agrees with Cisco that it should not adopt a “static” funding approach, as well as with Palo Alto Networks, Inc. that a flexible approach would “ensure a stronger runway for the deployment and configuration of eligible solutions and products under the Pilot.” However, the Commission declines to adopt the recommendation of Advanced Technology Academic Research Center Cybersecurity Higher Education and Workforce Development Working Group that it abandon its traditional reimbursement structure to provide “seed” money at the outset of the Pilot. The reimbursement process the Commission adopts here is consistent with the reimbursement processes used in the E-Rate and other universal service programs and, combined with the requirement that Pilot participants contribute some amount of their own money towards the cost of eligible services and equipment, serves as an important backstop for safeguarding the integrity of the Pilot Program. Moreover, while the Commission is mindful of the importance of establishing a predictable cap that minimizes the contribution burden on consumers, it expects that the limited nature of the Pilot cap relative to the overall size of the Fund, as well as its planned use of the reserved $200 million in carry forward funding, will minimize any burden to the overall Fund for any given quarter.

22. Pilot Benefits will Exceed Costs. The Commission expects the benefits of the Pilot Program to exceed the costs. As a threshold matter, the Commission notes that program participation by applicants, participants, and service providers is voluntary, and it expects that Pilot participants will carefully weigh the benefits, costs, and burdens of participation to ensure that the benefits outweigh their costs. The Pilot will also enable us to evaluate the estimated economic benefits of using universal service support for cybersecurity services and equipment, compared to its cost to the Fund. In this regard, the Commission notes that, according to the Federal Bureau of Investigation's internet Crime Complaint Center, the U.S. population, including U.S. territory residents, incurred an estimated $10.9 billion in losses from cybercrime in 2023. Based on a 2023 U.S. population of 335 million, this equates to a per-capita loss of about $32.50 per person from cybercrime. The Pilot Program caps support at a pre-discount, annual level of $13.60 per student for most schools and school districts. If the Pilot can reduce the annual monetary cost of cyberattacks on participating K-12 schools by at least 42 percent, the expected economic benefits of increased cybersecurity would exceed the per-student funding costs. The Commission expects that there may be additional benefits that cannot be easily quantified, such as a reduction in learning downtime caused by cyberattacks, reputational benefits from increased trust in school and library systems, increased digital and cybersecurity literacy among students and school staff, and the safeguarding of intellectual property. Despite these benefits, the Commission is also concerned about the overall cost to the Fund if it were to provide cybersecurity funding to all E-Rate participants, which CoSN estimates could cost the Fund $2.389 billion annually. This limited Pilot Program will therefore enable the Commission to evaluate the benefits of using universal service funding to fund cybersecurity services and equipment against the costs before deciding whether to support it on a permanent basis.

23. The Commission next make eligibility for participation in the Pilot Program open to all eligible schools and libraries, including those that do not currently participate in the E-Rate program. In the Cybersecurity NPRM, the Commission sought comment on the types of entities that should be eligible to participate in the Pilot Program. The Commission observed that a wide array of entities participate in the E-Rate program, and sought comment on how to ensure that the Pilot likewise has a diverse participant pool. Specifically, the Commission asked whether: (i) eligibility should be limited to schools and libraries currently participating in the E-Rate program; (ii) eligibility should be expanded to include schools and libraries that do not currently participate in the E-Rate program; or (iii) eligibility should include any entity that qualifies for funding through the E-Rate program. The Commission proposed to adopt the same definitions for schools and libraries as used in the E-Rate Start Printed Page 61287 program, when determining the eligibility of Pilot participants.

24. Commenters generally supported leveraging the E-Rate program rules to determine the types of entities that should be eligible to participate in the Pilot Program, with at least a few encouraging the Commission to limit eligibility to existing E-Rate applicants. For example, The Internet & Television Association (NCTA) argued that limiting eligibility to existing E-Rate participants was appropriate “since [Pilot] cybersecurity services will be integrated with the connectivity being purchased pursuant to the E-Rate program.” Several commenters urged the Commission to make consortia eligible, consistent with the E-Rate program. These commenters noted that consortia “can provide valuable services at scale,” which would allow the Commission to “stretch the limited proposed Pilot funding and increase the impact to more students and schools.” Others suggested that it expand eligibility to include local and other government entities and Educational Service Agencies (ESAs).

25. The Commission has determined that it will permit all eligible schools and libraries, including those that do not currently participate in the E-Rate program, to apply to participate in the Pilot. The Commission adopts the definitions of elementary school, secondary school, library, and library consortium contained in Final Rules section of the Order, which mirror the definitions that it uses for the E-Rate program. In taking these steps, the Commission declines to adopt suggestions from commenters that it limit Pilot eligibility to only those schools and libraries that currently participate in the E-Rate program. The Commission observes that all schools and libraries currently face increased cybersecurity threats and attacks regardless of whether they receive E-Rate funding and opening the Pilot Program to all eligible schools and libraries will allow us to gather data from the widest range of eligible participants. While the Commission appreciates the concern raised by NCTA and others that the Pilot should focus on protecting E-Rate-funded networks, it believes that, on balance, opening the Pilot Program to a wider pool of participants would best ensure that it has sufficient data to evaluate the impact of universal service support on the purchase of cybersecurity services and equipment both now and in the future. Given the large percentage of eligible schools that participate in the E-Rate program, the Commission anticipates that the overwhelming majority of Pilot participants will also be E-Rate participants.

26. Consistent with the Commission E-Rate rules, it further clarifies that it will also permit eligible schools and libraries that apply as a consortium to participate in the Pilot Program. The Commission agrees with commenters that consortia have buying power that can help bring down costs and that including consortia in the Pilot would allow larger, better-resourced schools and libraries to partner with smaller, less technically savvy participants. Given the limited funding for the Pilot Program and the Commission's objective to select as many participants as possible, it will allow a school or library to apply and participate only once in the Pilot Program, either individually or as part of a consortium. The Commission declines to extend eligibility to local and other governmental entities, including ESAs, or other entities that are not an eligible school or library as defined in § 54.2000 of the Commission's rules adopted. However, non-eligible entities, including local, state, and Tribal governmental entities, and other not-for-profit organizations may serve as a consortium leader for a consortium participant in the Pilot, but as in the Rural Health Care, E-Rate, and Connected Care Pilot programs, will be ineligible to receive Pilot benefits, discounts, and funding, and therefore must pass through the benefits, discounts, and support to the eligible school and library consortium members. While the Commission recognizes that local governmental entities may provide economies of scale or cybersecurity expertise that would benefit schools and libraries, the E-Rate and Rural Health Care programs direct USF support to schools, libraries, and health care providers, pursuant to sections 254(c)(3) and 254(h) of the Communications Act of 1934, as amended (the Act). As its legal authority for the Pilot stems from the same source, the Commission declines to expand Pilot eligibility to include governmental and other entities that would be ineligible under the E-Rate or Rural Health Care programs; however, it recognizes the expertise and value of these entities by allowing them to serve as ineligible consortium leaders that pass through the benefits, discounts, and support from the Pilot Program to their eligible school and library consortium members. The Commission directs the Bureau and USAC to provide additional training and guidance on creating a Pilot consortium and serving as a consortium leader in the Pilot. The Commission also directs the Bureau and USAC to establish measures to prevent eligible schools and libraries from receiving duplicative Pilot support as individual Pilot participants and as Pilot consortium members.

27. The Commission adopts a Pilot Eligible Services List (P-ESL) which specifies eligible cybersecurity services and equipment for the Pilot. In the Cybersecurity NPRM, the Commission sought comment on the “equipment and services . . . that should be made eligible to participants in the Pilot” and on whether it should specify eligible services and equipment using “general criteria” or a “list of specific technologies.” Based on the record, the Commission adopts a flexible approach for the P-ESL as it deems services and/or equipment eligible if they “constitute a protection designed to improve or enhance the cybersecurity of a K-12 school, library, or consortia.” At the same time, the Commission provides applicants with specificity and clarity in practical terms in the P-ESL, as it enumerates as eligible, in a non-limiting manner, four general categories of technology raised by commenters as effective in combatting cyber threats, namely, (i) advanced/next-generation firewalls; (ii) endpoint protection; (iii) identity protection and authentication; and (iv) monitoring, detection, and response. Moreover, for each of these categories, the Commission provides a non-exhaustive list of examples of eligible services and equipment in the P-ESL. Through the list of examples, the Commission confirms that the wide range of services and equipment it had proposed for inclusion in the Cybersecurity NPRM, or that commenters had otherwise requested, are eligible. The Commission designates the eligible services and equipment for the duration of the Pilot through the P-ESL. The Commission also delegates authority to the Bureau, as needed, to clarify and make technical changes to the P-ESL consistent with the standards it established herein, to promote efficient program administration and account for technological evolution.

28. The Commission agrees with commenters who opine that Pilot participants should have flexibility to determine which solutions best serve their needs by basing eligibility on broader considerations, rather than a specific and potentially rigid set of pre-authorized components. Its approach is consistent with Rubrik's view that it “provide general guidance for applicants, but not lock them into specific technology products.” Its approach also includes as eligible the advanced or next-generation firewalls, Start Printed Page 61288 endpoint security and protection, and other advanced security services and equipment identified by E-Rate stakeholders, including FFL and CoSN. At the same time, by enumerating four non-limiting categories of eligible technology, the Commission finds that its approach also meets the recommendations of commenters that it “establish general categories of eligible offerings” without “specify[ing] the precise technologies or solutions that must be relied upon” and allow “[p]ilot participants to select any product and/or services that fall into any of the eligible categories.” Its approach also ensures that most, if not all, of the cybersecurity services and equipment needed to implement recommendations from the CISA K-12 Cybersecurity Report, the Education Department K-12 Digital Infrastructure Briefs, and other Federal resources and guides are eligible while still allowing Pilot participants significant flexibility to determine the extent to which any of these specific measures would be most cost-effective for them to implement. While the Commission declines to make these or other Federal recommendations the sole basis for determining eligibility for the purposes of the Pilot, it strongly encourages all participants to consider these Federal recommendations, particularly those that can be implemented at little or no cost, as part of their assessment of which services and equipment to request to be funded through the Pilot. The Commission directs the Bureau to identify these Federal recommendations, and it directs the Bureau and USAC to facilitate access to these recommendations by including information related to them on relevant program websites and in training materials that each entity makes available to Pilot participants. The Commission further directs the Bureau and USAC to periodically update the information provided on their respective websites and in the training materials to reflect relevant updates to the recommendations that may issue during the duration of the Pilot.

29. The Commission finds that specifying eligibility based on broader considerations is appropriate in the context of a Pilot that aims to study the effectiveness of a wide variety of technological solutions. The Commission further finds that its approach, in which it declines to attempt to exhaustively list every possible technological category or eligible service or piece of equipment within a category, is reasonable and reflects the rapidly-changing nature of the technical solutions available to address cybersecurity threats and attacks. Its approach also ensures that services or equipment are not deemed ineligible merely because the service provider or equipment-maker uses a label or term to describe it that is not specifically enumerated in the P-ESL. To provide participants with further flexibility, and in view of a lack of consensus around the terminology used to describe similar cyber solutions, the Commission makes eligible both the specific services and equipment identified in the P-ESL, as well as ones that have “substantially similar features or their equivalents.” The Commission also makes eligible security updates and patches, which will help to ensure that participants are protected even as threat vectors evolve over the course of the Pilot. The Commission finds that this will help to ensure that the services and equipment funded through the Pilot do not reach their end of useful life prematurely, thus avoiding waste in the Pilot Program. Finally, consistent with the flexible approach the Commission adopts, it clarifies that applicants are permitted to seek funding for multi-year licenses for eligible recurring services that are longer than three years, however, only services delivered within the Pilot Program period can be reimbursed using Pilot funds. Similarly, the costs of eligible services that will be incurred during the Pilot Program period are eligible, subject to compliance with procurement requirements and limitations on duplicative funding, even if prior years' costs were paid with another funding source.

30. The Commission further finds its approach strikes a reasonable balance between specifying basic limits on the scope of eligible services and equipment, which reflects the limited funding available for the Pilot and the need to safeguard Pilot funds from being used on components unrelated to Pilot objectives, while providing participants with clarity and significant flexibility to address their unique cybersecurity threat profiles, which they are ultimately in the best position to assess. Moreover, its enumeration of four key categories of technology, and specific services and equipment within each area, ensures that USAC will be positioned to expediently conduct program integrity and service reviews and quickly issue funding decisions for the eligible Pilot Program services and equipment.

31. The Commission clarifies that its inclusion of a given technological category, equipment, or service in the P-ESL and/or any subsequent determination by the Bureau that a specific piece of equipment or service is eligible in the Pilot Program, is not an endorsement by the Commission, the Bureau, or USAC that the equipment or service is sufficiently cost- or technologically-effective for its intended purpose ( e.g., in preventing a breach, a loss of data, or other harm). Rather, the Commission expects participants to select equipment and services from among those that are eligible based on their own assessments of cost-effectiveness in addressing their specific needs. Accordingly, a participant may not rely on eligibility determinations made by the Commission or the Bureau in the Pilot as a defense or safe harbor should it experience a cyber incident, including a breach, a data loss, or other harm. Moreover, the Commission clarifies that the services and equipment listed in the P-ESL are eligible only when they are used on or as a part of a participant's school or library broadband network that directly furthers its educational mission. The Commission finds this clarification appropriate to ensure that it can satisfy the statutory purpose of the E-Rate program, as well as its goal of measuring the costs associated with cybersecurity services and equipment. The Commission also declines to limit eligible services and equipment for the Pilot to those that are used on E-Rate-funded broadband networks only. The Commission finds this step reasonable given that Pilot participants are not limited solely to current applicants in the E-Rate program.

32. In the Cybersecurity NPRM, the Commission sought comment on whether to make advanced and next-generation firewalls eligible for the Pilot and, if so, how to define the scope of these terms. The Commission adopts this proposal to enable Pilot participants to protect their networks from outside cyber attackers by blocking malicious or unnecessary network traffic. For purposes of the Pilot, the Commission defines an “advanced” or “next-generation” firewall as “equipment, services, or a combination of equipment and services that limits access between networks, excluding basic firewall services and components that are currently funded through the E-Rate program.” This definition is reflected in the P-ESL.

33. The Commission agrees with the vast majority of commenters that advanced or next-generation firewalls are a logical starting point and an important tool to include in the Pilot as it studies the potential use of universal service funding to protect eligible schools and libraries from cybersecurity threats and attacks. The Commission Start Printed Page 61289 also agrees that making these tools eligible in the Pilot will provide the Commission with a stronger understanding of the technical benefits and cost implications of potentially funding these tools in the broader E-Rate program. While no commenter directly opposed the view that advanced and next-generation firewalls could meaningfully improve security postures, a few commenters opined that the associated funding could be used more effectively in other ways, including to fund training of “staff and end-users.” The Commission disagrees with these commenters and find that funding advanced and next-generation firewalls is justified in light of the Commission's previous findings establishing the value of these technologies, and it finds it reasonable to extend Pilot funding to these tools rather than to fund, e.g., training more broadly than described further below or the less-vetted alternatives raised by commenters. The Commission further finds that the funding of specific advanced firewall technologies will provide more quantifiable and tractable benefits compared with funding broad cybersecurity training programs, based on undetermined materials and methods.

34. However, the Commission does agree that funding some level of training will help to ensure that the Pilot-funded equipment and services are used effectively and for maximum benefit. Accordingly, it makes training eligible on terms similar to those in E-Rate, namely, when the training is included “as a part of installation services but only if it is basic instruction on the use of eligible equipment, directly associated with equipment installation, and is part of the contract or agreement for the equipment” and if it “occur[s] coincidently or within a reasonable time after installation.” The Commission finds that this approach balances the need to ensure that applicants have access to training that will enable them to effectively oversee, utilize, and supervise the use of the Pilot-funded equipment and services and prevent the limited Pilot funds from being disproportionately used for cybersecurity awareness training for staff and end-users, thereby, limiting the number of technical solutions that can be implemented and evaluated during the course of the Pilot. However, in contrast to the E-Rate program, it does not require that the training be provided “[o]n-site” to be eligible. The Commission finds it appropriate to fund off-site training as much of the equipment and services identified in the P-ESL are likely to be supplied or otherwise provided to a participant remotely. The Commission notes that there are numerous free cybersecurity training resources already available through its Federal Government partners. The Commission also expects, based on its years of experience directing USAC's administration of the E-Rate program, that vendors are likely to include basic training at no additional cost as part of their sale of the eligible equipment and services.

35. The Commission also clarifies that for the purposes of the Pilot Program eligibility rules that “advanced” and “next-generation” firewalls exclude services and/or equipment that are eligible in the E-Rate program. Participants are therefore required to cost allocate components or features that are eligible in E-Rate ( e.g., basic firewall components and features) when seeking reimbursement for their eligible equipment and services in the Pilot. Its approach reflects a definition of the term “firewall” endorsed by the National Institute of Standards and Technology (NIST) with a carve out for services and equipment that are already funded through the E-Rate program. The Commission finds it is appropriate to adopt a broad definition as this is consistent with its objective to determine the technological benefits and monetary costs associated with a wide and diverse range of tools for addressing cybersecurity threats and attacks. At the same time, the Commission finds it reasonable to exclude from its definition basic firewall services and equipment that are currently funded through the E-Rate program. The Commission finds that this approach ensures that Pilot funds are spent efficiently, i.e., only on services and equipment not already funded through other USF programs, and that this approach will thus maximize the amount of data and information collected on cybersecurity tools during the Pilot. The Commission further finds that its approach provides sufficient clarity to Pilot participants, and flexibility to request funding for advanced firewalls as they may continue to evolve over the course of the Pilot, while avoiding difficulties associated with attempting to exhaustively enumerate all relevant technological features. To further address commenter views, and as reflected in the P-ESL, the Commission confirms that most, if not all, of the relevant features that commenters endorse as “advanced” and “next-generation” firewall features, including intrusion detection and prevention, application-level inspection, anti-malware and anti-virus protection, virtual private network (VPN), Domain Name System (DNS) security, distributed denial-of-service (DDoS) protections, and content filtering technologies, are eligible for the Pilot.

36. The Commission declines to adopt the proposal of some commenters, made in this proceeding and in response to the Bureau's recent Public Notices related to the scope of the Funding Year 2024 E-Rate ESL, that it immediately makes advanced and/or next-generation firewalls eligible in the E-Rate program, even as it continues to study the benefits and costs of other services and equipment through the proposed Pilot. Making advanced and/or next-generation firewalls immediately eligible in the E-Rate program would run directly counter to its proposed purpose of the Pilot Program to, among other things, “measur[e] the costs associated with . . . advanced firewall services, and the amount of funding needed to adequately meet the demand for these services if extended to all E-Rate participants.” As similarly noted by the National Education Organizations (EdGroup), an aim of the Pilot is to further “demonstrate the need for and costs of cybersecurity measures such as advanced firewalls, and to gauge how districts would respond to available federal funding.” The Commission finds it reasonable, and consistent with its obligations to be a careful steward of the limited USF funds, to first study the costs and benefits of advanced and/or next-generation firewalls in the Pilot, before making any determination on whether and how to potentially make these services and equipment eligible through the E-Rate program.

37. Next, the Commission makes endpoint protection, including anti-virus, anti-malware, and anti-ransomware, services and equipment eligible in the Pilot so that participants can protect their networks from potential vulnerabilities introduced by desktops, laptops, mobile devices, and other end-user devices that connect to their networks. For the purposes of the Pilot, the Commission defines endpoint protection as “equipment, services, or a combination of equipment and services that implements safeguards to protect school- and library-owned end-user devices, including desktops, laptops, and mobile devices, against cybersecurity threats and attacks.” This definition is reflected in the P-ESL.

38. The Commission agrees with the many commenters who argue for the inclusion of the specific endpoint technologies that it makes eligible. The Commission also agrees with Start Printed Page 61290 commenters that providing funding for endpoint protection should be a priority in investigating ways to improve a school's or library's network security. The Commission finds that its approach is justified as school and library networks continue to evolve to include an ever increasing number of endpoint devices, including desktops, laptops, and mobile devices that serve as points of vulnerability. Moreover, the Commission finds that this approach provides funding to address the Center for internet Security's (CIS) observations that a large percentage of cyberattacks involve ransomware, malware, web application hacking, insider and privilege misuse, and target intrusions. No commenter objects to the Pilot funding endpoint protection. The Commission further finds that its definition of endpoint protection is reasonable as it largely reflects a definition endorsed by NIST, but allows for tools to be software- or non-software-based and emphasizes that, to be eligible, tools must defend against cyberattacks.

39. The Commission also makes identity protection and authentication tools eligible in the Pilot so that participants can prevent malicious actors from accessing and compromising their networks under the guise of being legitimate users. Such tools may include DNS/DNS-layer security, content blocking and filtering/URL filtering, multi-factor authentication (MFA)/phishing-resistant MFA, single sign-on (SSO), and event logging. For the purposes of the Pilot, the Commission defines identity protection and authentication as “equipment, services, or a combination of equipment and services that implements safeguards to protect a user's network identity from theft or misuse and/or provide assurance about the network identity of an entity interacting with a system.” This definition is reflected in the P-ESL.

40. The Commission agrees with the large number of commenters who argue for the inclusion of the specific identity protection and authentication technologies that it makes eligible. The Commission also agrees with commenters that deploying these tools will better ensure that unauthorized users will be unable to gain network access, unable to cause network damage if they do gain access, and/or provide an early warning to schools and libraries of unusual or anomalous behavior that could signal the presence of near and future cyber threats or attacks while they can still be effectively remediated. No commenter objects to the Pilot funding identity protection and authentication technologies. Moreover, the Commission finds that its definition of identity protection and authentication is reasonable as it largely reflects a definition of “identity authentication” endorsed by NIST, and also clarifies that protection involves protection from theft or misuse.

41. The Commission further makes network monitoring, detection, and response, including the use of security operations centers (SOCs) for managed cybersecurity services, eligible in the Pilot so that participants can promptly and reliably detect and neutralize malicious activities that would otherwise compromise their networks. For purposes of the Pilot, the Commission defines monitoring, detection, and response as “equipment, services, or a combination of equipment and services that monitor and/or detect threats to a network and that take responsive action to remediate or otherwise address those threats.” This definition is reflected in the P-ESL.

42. The Commission agrees with the large number of commenters who argue for the inclusion of the specific monitoring, detection, and response technologies that it makes eligible. The Commission also agrees with commenters who advocate for the inclusion of these services and equipment as an important approach to remediating cybersecurity threats and attacks, particularly given the limited resources of schools/libraries to hire or retain staff or other personnel to conduct these activities themselves. No commenter objects to the funding of network monitoring, detection, and response solutions.

43. The Commission imposes a number of limitations on eligibility to ensure the efficient and appropriate use of the limited Pilot funds, and to avoid duplicative funding, protect against waste, fraud, and abuse, and stretch the limited support available through the Pilot. First, the Commission makes ineligible for the Pilot funding any services, equipment, or associated cost that is already eligible through the E-Rate program. The Commission similarly makes ineligible for Pilot funding any service, equipment, or associated cost for which an applicant has already received full reimbursement, or plans to apply for full reimbursement, through any other USF or Federal, state, Tribal, or local government program through which reimbursement is sought. Participants may, however, use Pilot funding to support Pilot-eligible services and equipment that participants were previously paying for themselves, subject to its competitive bidding rules, as this will allow the Commission to evaluate the efficacy of using universal service funding to support cybersecurity services and equipment, while potentially freeing up funding for participants to use for other needs. The Commission finds that limiting eligibility in this manner ensures that the Commission maximizes the use of the limited Pilot funding by eliminating the provision of redundant or duplicative support for the same cybersecurity services and equipment funded through other sources. It will also maximize the data and information the Commission is able to collect on new services and equipment not already funded through E-Rate or other programs, thus efficiently using Pilot resources to best inform any potential Commission action based on the Pilot data. As is customary in E-Rate, the Commission requires Pilot participants to perform a cost allocation to remove from their funding requests costs associated with ineligible components or functions of an otherwise eligible equipment or service.

44. In the Cybersecurity NPRM, the Commission proposed to limit eligibility to “equipment that is network-based ( i.e., that excludes end-user devices, including, for example, tablets, smartphones, and laptops) and services that are network-based and/or locally installed on end-user devices, where the devices are owned or leased by the school or library,” and to equipment and services that are “designed to identify and/or remediate threats that could otherwise directly impair or disrupt a school's or library's network, including to threats from users accessing the network remotely.” The Commission adopts this proposal in the P-ESL with a clarification that “network-based” services include those that are cloud-based and server-based. In doing so, the Commission address concerns raised by some commenters by confirming that the term “network-based” solutions includes both cloud and server-based solutions. The Commission finds this clarification appropriate since both servers and cloud architectures are used in conjunction with a network.

45. In taking this action, the Commission disagrees with the view expressed by Clark County School District (CCSD) that limiting eligibility in the way it had proposed would “not go far enough in protecting end-users.” Contrary to CCSD's views, the Commission's consideration for eligibility specifically encompass “end-user devices, where the devices are owned or leased by the school or library.” The Commission also disagrees Start Printed Page 61291 with CTIA's view that eligibility should extend to end-user devices not owned or leased by the school or library since “leaving even one device exposed compromises an entire network.” While the Commission is sympathetic to this view on a technical level, it finds it administratively and financially impractical to expand eligibility to an even larger (and unknowable) number of additional devices that students, school staff, and library patrons may seek to connect to their networks over the duration of the Pilot Program. For purposes of the Pilot, the Commission therefore prioritize protection for ( i.e., limit eligibility to) devices that are the most essential to a school's or library's educational mission and likely to be used to convey traffic on the networks of these participants. The Commission's overall approach further addresses CTIA's concerns by making a wide range of network-based protections available to monitor, detect, and remediate potential threats introduced by an end-user device that does not qualify for funding under Pilot Program rules. Practically speaking, schools and libraries cannot as easily limit access to their networks by their leased and owned devices while still fulfilling their core educational mission. The Commission thus finds that its approach strikes a reasonable balance between affording protections to the devices most essential and likely to be used on a school's or library's network, reducing threats that may be posed by non-funded devices ( e.g., through its decision to make eligible network-level protection technologies) and effectively deploying the limited amount of Pilot funding to provide benefits to a diverse range of schools and libraries. Accordingly, for these reasons and those previously provided in the Cybersecurity NPRM, the Commission adopts its proposal as clarified.

46. To further protect the Pilot's limited funds, the Commission restricts eligibility in a number of ways. The Commission deems ineligible (i) staff salaries and labor costs for a participant's personnel and (ii) beneficiary and consulting services that are not related to the installation and configuration of the eligible equipment and services. This mirrors restrictions in the E-Rate program that have proven to be effective in conserving the limited USF funds. The Commission expects that this action will provide similar benefits in the context of the Pilot. The Commission similarly deems ineligible insurance costs and any costs associated with responding to specific ransom demands. The Commission finds that these restrictions are necessary to ensure that the limited Pilot funding is used for the evaluation of specific technologies, i.e., eligible cybersecurity services and equipment, so that it can gain maximum insight into the technical effectiveness of those offerings. The Commission finds it reasonable to exclude these enumerated uses from the Pilot, which has even more limited funding available as compared to the E-Rate program.

47. In the Cybersecurity NPRM, the Commission sought comment on “whether it should place restrictions on the manner or timing of a Pilot participant's purchase of security measures,” including whether “funding [should] be limited to a participant's one-time purchase of security measures or [if it] should . . . cover the on-going, recurring costs that a Pilot participant may incur, for example, in the form of continual service contracts or recurring updates to the procured security measures.” The Commission received only a few comments in response with commenters suggesting that any such restrictions should be minimally burdensome and avoid unnecessarily interfering with participants' attempts to obtain funding support. Accordingly, the Commission confirms that Pilot participants may request reimbursement for one-time purchases, as well as the recurring costs of eligible security measures. As discussed in this proceeding, Pilot participants will be permitted to request reimbursement as expenses are incurred, whether for one-time or recurring expenses, subject to the limitations regarding participants' budgets as well as funding commitments.

48. Supply Chain Restrictions. In the Cybersecurity NPRM, the Commission proposed to apply the Secure and Trusted Communications Networks Act of 2019 to Pilot participants by prohibiting these participants from using any funding obtained through the program to purchase, rent, lease, or otherwise obtain any of the services or equipment on the Commission's Covered List or to maintain any of the services or equipment on the Covered List that was previously purchased, rented, leased, or otherwise obtained. The Commission also sought comment on whether “there are any other restrictions or requirements that it should place on recipients of Pilot funds based on the Secure [and Trusted Communications] Networks Act and/or other . . . concerns related to supply chain security.” The Commission adopts its proposal to bar Pilot participants from using Pilot funding in ways prohibited by the Secure and Trusted Communications Networks Act and/or the Commission's rules, including §§ 54.9 and 54.10 of the Commission's rules, that implement the Secure and Trusted Communications Networks Act. Accordingly, Pilot participants are prohibited by § 54.9 of the Commission's rules from using funding made available through the Pilot to “purchase, obtain, maintain, improve, modify, or otherwise support any equipment or services produced or provided by any company posing a national security threat to the integrity of communications networks or the communications supply chain,” including Huawei Technologies Company and ZTE Corporation, and their parents, affiliates, and subsidiaries. Pilot participants are also prohibited by § 54.10 of the Commission's rules from using Pilot funding to “[p]urchase, rent, lease, or otherwise obtain any . . . communications equipment or service” or “[m]aintain any . . . communications equipment or service previously purchased, rented, leased, or otherwise obtained” that is included on the Commission's Covered List. The Commission notes that the entities, services, and equipment designated under these rules may evolve over time as the Commission's Public Safety and Homeland Security Bureau (PSHSB) revises its designations of covered companies and/or issues updates to the Covered List. It is the responsibility of Pilot participants to ensure they remain in compliance with the Secure and Trusted Communications Networks Act, and the Commission's related rules, if such revisions are made. The Commission finds that these actions will effectively ensure that potential risks and vulnerabilities in Pilot participants' communications networks are addressed in the manner intended and directed by Congress in the Secure and Trusted Communications Networks Act. Cisco generally supports this approach, and no commenter opposes it.

49. Application Process for Pilot Program. The Commission adopts application and selection processes for the Pilot Program patterned after the Connected Care Pilot Program, adopt several of the application, selection, and administrative proposals from the Cybersecurity NPRM, and designate USAC to be the Administrator of the Pilot Program. In the Cybersecurity NPRM, the Commission proposed to structure the Pilot Program in a manner similar to the Connected Care Pilot Program. In particular, the Commission proposed that schools, libraries, and consortia would apply to be Pilot participants and that those entities Start Printed Page 61292 selected to participate in the Pilot would be eligible to apply for funding for eligible cybersecurity services and equipment. The Commission also proposed that Pilot participants would receive a funding commitment and, after receipt of the commitment, would be eligible to receive cybersecurity services and equipment and submit requests for reimbursement for Pilot funding. The Commission further proposed that USAC be appointed the Administrator of the Pilot Program. Two commenters specifically expressed support for its proposal to structure the Pilot in a manner similar to the Connected Care Pilot Program. Only one commenter, the American Library Association (ALA), addressed its proposal that USAC be appointed the Administrator of the Pilot Program, agreeing that the application process and other aspects of the Pilot Program should be administered by USAC.

50. The Commission also proposed in the Cybersecurity NPRM that entities interested in participating in the Pilot be required to submit a Pilot Program Application (FCC Form 484) describing their proposed use of Pilot funds, including, but not limited to, the following information: (i) identification and contact information; (ii) cybersecurity posture and risk management practices; (iii) information on unauthorized access and cybersecurity incidents; (iv) the specific types of cybersecurity services and equipment to be purchased with Pilot funds; and (iv) how the entities plan to collect data and track their cybersecurity progress if selected as a Pilot participant. While there was minimal opposition to the collection of general information, the majority of commenters recommended against the collection of applicant-specific cybersecurity information. For example, some commenters recommended that the Commission refrain from seeking information about previous cyber threats, attacks, or incidents as part of the FCC Form 484 application. Still others recommended that applicants not be required to provide details regarding their cybersecurity postures, network environments, or current protection measures (or lack thereof). Several commenters recommended that the FCC Form 484 application process be minimally burdensome, and a few commenters recommended that it align with E-Rate tools and concepts that are familiar to E-Rate applicants wherever possible.

51. Finally, The Commission proposed in the Cybersecurity NPRM that applicants and participants submit their FCC Form 484 applications via an online platform designed and operated by USAC and inquired as to confidentiality or security concerns. The Commission also asked how it could best leverage its prior experience in other USF and congressionally-appropriated programs and sought comment on lessons learned. For administrative efficiency, the Commission further proposed that the Bureau select Pilot participants in consultation with the Office of Economics and Analytics (OEA), PSHSB, and the Office of the Managing Director (OMD), as needed. The Commission also proposed to delegate to the Bureau the authority to implement the proposed Pilot and direct USAC's administration of the program consistent with the Commission's rules and oversight. No commenter addressed the submission of the FCC Form 484 applications using an online platform designed and operated by USAC, though some expressed concerns about the confidentiality and security of cybersecurity data provided as part of the application process. Comments related to past experience and lessons learned focused on the requests for reimbursement and invoicing processes, are discussed in the Order. Many commenters supported the Commission's legal authority to conduct the Pilot Program, but did not address Bureau review of Pilot Program applications in consultation with OEA, PSHSB, and OMD, or the delegation of authority to the Bureau to implement the Pilot or direct USAC's administration of the Pilot.

52. Based on the record, the Commission adopts several of the proposals from the Cybersecurity NPRM. Specifically, the Commission adopts the application, selection, and administrative proposals, and it designates USAC to be the Administrator of the Pilot. In doing so, the Commission is mindful of the concerns expressed by commenters about the scope of information to be included in the FCC Form 484 application and agree that the initial application process would benefit from a decrease in the amount of cybersecurity-sensitive school and library data requested. To that end, the FCC Form 484 application will be split into two parts. The first part will collect a more general level of cybersecurity information about the applicant and its proposed Pilot project, and will use pre-populated data where possible, as well as a number of “yes/no” questions and questions with a predetermined set of responses ( i.e., multiselect questions with predefined answers). The second part will collect more detailed cybersecurity data and Pilot project information, but only from those who are selected as Pilot participants. The Commission will treat all cybersecurity-related information requested and provided in the FCC Form 484 as presumptively confidential, and will not make it routinely available for public inspection.

53. To be considered for the Pilot, an applicant must complete and submit part one of the FCC Form 484 application describing its proposed Pilot project and providing information to facilitate the evaluation and eventual selection of high-quality projects for inclusion in the Pilot. Specifically, the applicant must explain how its proposed project meets the considerations outlined below. In addition, the applicant must present a clear strategy for addressing the cybersecurity needs of its K-12 school(s) and/or library(ies) pursuant to its proposed Pilot project, and clearly articulate how the project will accomplish the applicant's cybersecurity objectives. The Commission anticipates that successful applicants will be able to demonstrate that they have a viable strategic plan for providing eligible cybersecurity services and equipment directly to the school(s) and/or library(ies) included in their proposed Pilot projects. Further, the Commission expects applications to be tailored to the unique circumstances of each applicant. USAC and/or the Bureau may disqualify from consideration for the Pilot those applications that provide a bare minimum of information or are generic or template in nature.

54. Part One Application Information. For the first part of the FCC Form 484 application, the Commission directs the Bureau and USAC to collect a general level of cybersecurity information from schools, libraries, and consortia that apply to participate in the Pilot Program. At a minimum, applications to participate in the Pilot Program must contain the following required information:

Names, entity numbers, FCC registration numbers, employer identification numbers, addresses, and telephone numbers for all schools, libraries, and consortium members that will participate in the proposed Pilot project, including the identity of the consortium leader for any proposals involving consortia.
Contact information for the individual(s) who will be responsible for the management and operation of the proposed Pilot project (name, title or Start Printed Page 61293 position, telephone number, mailing address, and email address).
Applicant number(s) and type(s) ( e.g., school; school district; library; library system; consortia; Tribal school or library (and Tribal affiliation)), if applicable; and current E-Rate participation status and discount percentage, if applicable.
A broad description of the proposed Pilot project, including, but not limited to, a description of the applicant's goals and objectives for the proposed Pilot project, a description of how Pilot funding will be used for the proposed project, and the cybersecurity risks the proposed Pilot project will prevent or address.
The cybersecurity equipment and services the applicant plans to request as part of its proposed project, the ability of the project to be self-sustaining once established, and whether the applicant has a cybersecurity officer or other senior-level staff member designated to be the cybersecurity officer for its Pilot project.
Whether the applicant has previous experience implementing cybersecurity protections or measures (answered on a yes/no basis), how many years of prior experience the applicant has (answered by choosing from a preset menu of time ranges ( e.g., 1 to 3 years)), whether the applicant has experienced a cybersecurity incident within a year of the date of its application (answered on a yes/no basis), and information about the applicant's participation or planned participation in cybersecurity collaboration and/or information-sharing groups.
Whether the applicant has implemented, or begun implementing, any Education Department or CISA best practices recommendations (answered on a yes/no basis), a description of any Education Department or CISA free or low-cost cybersecurity resources that an applicant currently utilizes or plans to utilize, or an explanation of what is preventing an applicant from utilizing these available resources.
An estimate of the total costs for the proposed Pilot project, information about how the applicant will cover the non-discount share of costs for the Pilot-eligible services, and information about other cybersecurity funding the applicant receives, or expects to receive, from other Federal, state, local, or Tribal programs or sources.
Whether any of the ineligible services and equipment the applicant will purchase with its own resources to support the eligible cybersecurity equipment and services it plans to purchase with Pilot funding will have any ancillary capabilities that will allow it to capture data on cybersecurity threats and attacks, any free or low-cost cybersecurity resources that the applicant will require service providers to include in their bids, and whether the applicant will require its selected service provider(s) to capture and measure cost-effectiveness and cyber awareness/readiness data.
A description of the applicant's proposed metrics for the Pilot project, how they align with the applicant's cybersecurity goals, how those metrics will be collected, and whether the applicant is prepared to share and report its cybersecurity metrics as part of the Pilot Program.

To facilitate the inclusion of a diverse set of Pilot projects and to target Pilot funds to the populations most in need of cybersecurity support, particularly those with minimal or no cybersecurity protections today, the Commission anticipates selecting projects from, and providing funding to, a combination of large and small and urban and rural schools, libraries, and consortia, with an emphasis on funding proposed Pilot projects that include low-income and Tribal applicants. Similarly, and addressing concerns expressed by ActZero, the Commission encourages participation in the Pilot by a broad range of service providers and note that the rules and requirements it adopts here do not discourage new companies from participating. Nor does it require service providers to have preexisting service provider identification numbers (SPIN) before submitting cybersecurity bids or previous E-Rate experience before participating in the Pilot.

55. When an applicant submits part one of its FCC Form 484 application, it will be required to certify, among other things, that it is authorized to submit the application and is responsible for the data being submitted; the data being submitted is true, accurate, and complete; if selected for the Pilot, it will comply with all rules and orders governing the program, including the competitive bidding rules and the requirement to pay the non-discount share of costs for Pilot-eligible services and equipment from eligible sources; all requested Pilot-funded eligible services and equipment will be used for their intended purposes; the schools, libraries, and consortia listed in the FCC Form 484 application are not already receiving, and do not expect to receive, other funding for the same cybersecurity services and equipment for which Pilot funding is being sought; it may be audited pursuant to its Pilot Program application and will retain any and all records related to its application for 10 years; and, if audited, it will produce those records at the request of the appropriate officials. The applicant must also certify that it understands that failure to comply with the Pilot Program rules and order(s) may result in the denial of funding, cancellation of funding commitments, and/or the recoupment of past funding disbursements. The Commission emphasizes that it is committed to protecting the integrity of the Pilot and ensuring that USF funds disbursed through the Pilot are used for eligible and appropriate purposes. In the event of a violation of Pilot Program rules or requirements, the Commission reserves the right to take appropriate actions, including, but not limited to, seeking recovery of funds or further enforcement action. Applicants who participate in the Pilot Program must also comply with all applicable Federal and state laws, including sections 502 and 503(b) of the Act, title 18 of the United States Code, and the Federal False Claims Act.

56. While the Commission understands the desire by some commenters to keep the initial application as streamlined as possible, in order to evaluate the proposed Pilot projects and select well-defined and sustainable projects, it is incumbent on us to require certain information at the application stage. Thus, the Commission disagrees with commenters who say that applicants will need to possess a prohibitive amount of knowledge during the application stage and will not be able to describe how they propose to use Pilot Program funds until after they have been selected as Pilot participants. Although an applicant may not know the precise cybersecurity services and equipment it would seek to fund with Pilot funding, it is unlikely that an applicant would apply to participate in the program without having some general cybersecurity goals or plans for using the funding, if selected as a participant. Additionally, the Order contains a list of Pilot-eligible services and equipment that will aid applicants as they begin formulating their proposed Pilot projects in advance of the opening of the FCC Form 484 application window. Applicants, therefore, should do their best to provide the requested information in the application, including information on estimated costs related to their proposed cybersecurity project.

57. Selection Process for Pilot Program. To select Pilot participants, the Commission directs the Bureau and USAC to use limited prerequisites and a broad and objective set of evaluation factors with an emphasis on funding low-income and Tribal entities, consistent with the E-Rate and Start Printed Page 61294 Connected Care Pilot programs. In the Cybersecurity NPRM, the Commission sought comment on how to evaluate and prioritize Pilot applications. In particular, the Commission sought comment on what prerequisites, if any, the Commission should adopt to select participants. For example, it asked whether the adoption of free and low-cost cybersecurity tools and resources should be required for an applicant to be selected as a Pilot participant; Pilot participants should be required to correct known security flaws and conduct routine back-ups; Pilot participants should be required to join cybersecurity information-sharing groups, such as MS-ISAC or K12 SIX; Pilot participants should be required to implement, or demonstrate their plans to implement, recommended best practices from organizations like the Education Department, CISA, and NIST; and Pilot participants should be required to take steps to improve their cybersecurity posture by designating an officer or senior staff member to be responsible for cybersecurity implementation, updates, and oversight. The Commission received mixed reactions to its proposed use of prerequisites to select Pilot participants. At least one commenter thought the Commission should not utilize prerequisites to determine Pilot participation. Commenters were split on the proposal to require the adoption of free and low-cost cybersecurity tools and resources for an applicant to be selected as a Pilot participant. No commenter spoke directly to whether Pilot participants should be required to correct known security flaws or conduct routine back-ups as part of the Pilot Program, though a small number of commenters discussed whether Pilot funding should be targeted to allow schools and libraries to implement some or all of the items contained in the CISA list of highest priority steps. Some commenters thought requiring Pilot participants to join cybersecurity information-sharing groups was too onerous, while others found such a requirement beneficial. Some commenters supported the requirement for Pilot participants to implement, or demonstrate plans to implement, recommended best practices from organizations like the Education Department, CISA, and NIST or recommended using the best practices to evaluate Pilot Program success, though at least one commenter expressed reservations about the Commission doing so. The State E-Rate Coordinators Alliance (SECA) proposed that the Commission “specify that completion or submission of an application for the free vulnerability assessment offered by CISA . . . [be] sufficient for meeting the assessment prerequisite as part of the Form 484 application process.” Clear Creek Amana CSD (Clear Creek), however, cautioned against relying on Federal resources outside of a limited incident response plan following the NIST frameworks. A few commenters supported the proposal that a school, library, or consortium should have implemented or begun implementing a cybersecurity framework or program to participate in the Pilot. However, others called for selection based on a holistic view of an applicant's cybersecurity expertise and risk. CIS stated that designating an officer or senior staff member to be responsible for cybersecurity implementation, updates, and oversight was an important step towards cyber maturity that should be achievable by Pilot participants. The Alliance for Digital Innovation (ADI) similarly recommended that the Commission make leadership commitment a requirement to participate in the Pilot Program, noting that “[s]enior leadership commitment plays a pivotal role in prioritizing cybersecurity within organizations.”

58. The Commission also asked questions about reliance on objective versus subjective factors and how such factors should be used to select Pilot participants. In terms of objective factors, it asked whether the selection of Pilot participants should be based on E-Rate category two discount rate levels, location ( e.g., urban vs. rural ), and/or participant size ( i.e., small vs. large ). The Commission also sought comment on whether certain of those factors are more or less important than others from a Pilot selection standpoint and requested the underlying rationale for such determinations. Commenters generally agreed that the Pilot should prioritize the neediest applicants or those applicants that qualify for the highest discount percentages in the E-Rate program. Commenters overwhelmingly supported the Commission's proposal to incorporate a diverse array of applicants in the Pilot, including both urban and rural and large and small participants. Many commenters advocated for the preferential selection of consortia and statewide, regional, and local government applications, noting that such applications allow schools and libraries to stretch their cybersecurity dollars and extend cybersecurity protections to a larger pool of recipients. Similarly, other commenters encouraged the Commission to enable school districts to work across district and community boundaries to participate in the Pilot Program.

59. For subjective Pilot selection factors, the Commission inquired as to whether the Pilot Program would benefit from including schools and libraries with advanced cybersecurity expertise only or whether cybersecurity expertise should not factor into Pilot participant selection at all. Relatedly, the Commission also sought comment on how it could ensure that schools and libraries that lack funding, expertise, or are otherwise under-resourced could meaningfully participate in the Pilot. The Commission asked commenters to address whether Pilot participants should be required to demonstrate that they have started to take actions to improve their cybersecurity posture. Conversely, the Commission also asked commenters whether a school or library should be required to provide a certification or other confirmation that, absent participation in the Pilot, it does not have the resources to start implementing CISA's K-12 cybersecurity recommendations. Commenters generally agreed that the Pilot would most benefit from including participants with a mix of cybersecurity expertise and varying cybersecurity postures. With respect to how to ensure that under-resourced schools and libraries are able to meaningfully participate in the Pilot, commenters suggested that the FCC and USAC conduct early and detailed Pilot Program outreach, including providing technical and other assistance to those applicants who are likely to need it most. No commenters addressed the proposal that a school or library be required to provide a certification or other confirmation that it does not have the resources to start implementing the CISA K-12 cybersecurity recommendations absent selection for the Pilot. CTIA recommended that applicants be required to disclose funding from non-Pilot sources and explain how Pilot Program funding would complement, but not duplicate, the applicant's existing cybersecurity tools and support.

60. Along these same lines, the Commission also asked whether participation in the Pilot should be limited to those schools and

libraries that have faced or are facing particular types of cybersecurity threats or attacks. In particular, it sought comment on the types of cybersecurity threats and attacks encountered by schools and libraries and how they should be evaluated, if at all, when selecting Pilot participants and similarly, whether an applicant's previous history of cybersecurity threats or attacks should be taken into consideration as part of the Pilot Program selection process. The Commission also asked what role, if any, cybersecurity risk, geographic or socioeconomic factors, staffing constraints or financial need, or technical challenges should play in Pilot participant selection. Commenters urged the Commission to forgo reliance on whether an applicant has faced or is facing a particular type of cybersecurity threat or attack, an applicant's previous history with cybersecurity threats or attacks, or the frequency with which an applicant has experienced a cybersecurity incident as drivers of Pilot participant selection. Commenters were generally supportive of selecting and prioritizing applicants who face geographic, socioeconomic, financial, and other challenges, or who serve low-income and under-resourced populations.

61. The Commission agrees with commenters who support using a broad and objective set of evaluation factors to select Pilot Program participants. After reviewing the record, the Commission concludes that the Pilot Program goals will best be served by directing funding to: (1) the neediest eligible schools, libraries, and consortia who will benefit most from cybersecurity funding ( i.e., those at the highest discount rate percentages); (2) as many eligible schools, libraries, and consortia as possible; (3) those schools, libraries, and consortia that include Tribal entities; and (4) a mix of large and small and urban and rural, schools, libraries, and consortia. Selecting Pilot participants in this manner is consistent with its standard practice in E-Rate of prioritizing funding for the most resource-constrained schools, libraries, and consortia and is logical to apply here. It also achieves its goal of ensuring that the Pilot contains a diverse cross-section of applicants with differing cybersecurity postures and experiences. The Commission directs the Bureau to weigh these considerations during the Pilot application review and participant selection processes.

62. The Commission has considered commenters' suggestions regarding the potential application factors and have determined that the considerations outlined will provide us with meaningful information with which it can select Pilot projects and participants. The Commission acknowledges that commenters suggested it weighs other considerations, but it believes that the considerations listed best enable it to select high-quality projects that will meet Pilot goals and target Pilot funding to the schools and libraries with the greatest need. Further, each of these considerations play an important part in helping us better understand the relationship of certain cybersecurity services and equipment to the overall cybersecurity health and posture of entities in varying contexts and with varying levels of cybersecurity expertise.

63. The Commission directs the Bureau and USAC to review the applications and select Pilot projects and participants based on applicants' responses, weighing the considerations listed, in combination with the applicants' category one discount rates. In selecting Pilot projects and participants, limited initial screening prerequisites should be employed, but the Bureau and USAC may exclude applications that are incomplete or do not meet Pilot Program eligibility standards. The Bureau and USAC should also work to ensure that, to the extent feasible and based on qualified applications, Pilot Program funding is not heavily concentrated in any particular state or region, and instead is distributed widely throughout the United States, including the District of Columbia and the U.S. territories, with an emphasis on funding proposed Pilot projects that include low-income and Tribal applicants. The Commission declines to require Pilot applicants or participants to join information-sharing organizations like MS-ISAC, though it highly encourages all applicants or participants to do so. In choosing participants for the Pilot, the Bureau and USAC should also consider the cost of the proposed Pilot project compared to the total Pilot Program cap. This does not mean that proposed Pilot projects should be evaluated based on their total project budgets, but, rather, the Bureau and USAC should seek to select an array of Pilot projects with varying costs that can all be funded within the Pilot Program's cap. In addition, the Bureau and USAC should seek to select an array of Pilot participants with differing levels of exposure to cybersecurity threats and attacks, and ensuring that the selected Pilot participants include schools and libraries that currently have limited cybersecurity protections. Although applicants' responses will be considered consistent with the considerations listed when evaluating proposed Pilot projects, the considerations are not determinative of whether a Pilot project will be selected because the Commission recognizes that each proposed Pilot project will have its own unique strengths and potential challenges. The Commission's goal is to ensure the selection of proposed Pilot projects that present a well-defined plan for meeting the cybersecurity needs of specific schools, libraries, or consortia, with a particular emphasis on resource-challenged and Tribal applicants and the three Pilot Program goals discussed in greater detail in the Order.

64. Prioritization. In the event that the number of FCC Form 484 applications received exceeds the number of projects that can be funded through the Pilot, the Commission directs the Bureau and USAC to prioritize the selection of Pilot participants by considering their funding needs in combination with the funding needs of the same type(s) of applicants. Under the rules for the Pilot, eligible schools and libraries may receive discounts ranging from 20 percent to 90 percent of the pre-discount price of eligible services and equipment, based on indicators of need. Schools and libraries in areas with higher percentages of students eligible for free or reduced-price lunch through the National School Lunch Program (or a federally approved alternative mechanism) qualify for higher discounts for eligible services than those with lower levels of eligibility for such programs. The Commission's priority rules for the Pilot provide that funds shall be allocated first to requests for support at the 90 percent discount rate. To the extent funds remain after discounts are awarded to entities eligible for a 90 percent discount, the rules Pilot rules provide that the Administrator shall continue to allocate funds for discounts to participants at each descending single discount percentage. The Pilot rules also provide that if sufficient funds do not exist to grant all requests within a single discount percentage, the Administrator shall allocate the remaining support on a pro rata basis over that single discount percentage level. Funding for libraries will be prioritized based on the percentage of free and reduced lunch eligible students in the school district that is used to calculate the library's discount rate. Funding for individual schools that are not affiliated financially or operationally with a school district, such as private or charter schools that apply individually, will be prioritized Start Printed Page 61296 based on each school's individual free and reduced student lunch eligible population. For those schools and libraries selected as Pilot participants that do not participate in the E-Rate program, their discount rate will be calculated based on indicators of need as outlined and their funding prioritized consistent with the prioritization rules for the Pilot described in this paragraph. This prioritization gives applicants serving the highest poverty populations first access to funds while allowing us to fund within a discount band even where funding is not sufficient to reach all participants in the band. This system of prioritization is also consistent with Fortinet's recommendation that “the Commission . . . consider a tiered prioritization scheme for Pilot support requests” and the recommendations of commenters that those schools, libraries, and consortia with a higher discount rate receive funding ahead of those who are entitled to a lower discount rate.

65. Part Two Application Information. For the second part of the FCC Form 484 application, the Commission directs the Bureau and USAC to collect more detailed cybersecurity information from applicants who are selected to participate in the Pilot Program. The Commission has bifurcated the application into two parts, seeking a general level of cybersecurity information from applicants and leaving the more detailed cybersecurity reporting for the selected Pilot participants. This has the benefit of limiting the amount of sensitive cybersecurity information that will be provided by applicants at the application stage and will reduce the initial application burden. The Commission requires Pilot participants to provide such information to help establish a baseline that will enable it to effectuate the Performance Goals and Data Reporting discussed. Applicants should be aware, that, if selected to participate in the Pilot Program, they will be required to provide the following additional (or substantially similar) cybersecurity information, as applicable, and may be removed from the Pilot Program if they refuse or fail to do so:

Information about correcting known security flaws and conducting routine backups, developing and exercising a cyber incident response plan, and any cybersecurity changes or advancements the participant plans to make outside of the Pilot-funded services and equipment.
A description of the Pilot participant's current cybersecurity posture, including how the school or library is currently managing and addressing its current cybersecurity risks through prevention and mitigation tactics.
Information about a participant's planned use(s) for other Federal, state, or local cybersecurity funding ( i.e., funding obtained outside of the Pilot).
Information about a participant's history of cybersecurity threats and attacks within a year of the date of its application; the date range of the incident; a description of the unauthorized access; a description of the impact to the K-12 school or library; a description of the vulnerabilities exploited and the techniques used to access the system; and identifying information for each actor responsible for the incident, if known.
A description of the specific Education Department or CISA cybersecurity best practices recommendations that the participant has implemented or begun to implement.
Information about a participant's current cybersecurity training policies and procedures, such as the frequency with which a participant trains its school and library staff and, separately, information about student cyber training sessions, and participation rates.
Information about any non-monetary or other challenges a participant may be facing in developing a more robust cybersecurity posture.

66. Instructions for Filing Applications. Iin order to facilitate the application process, the Commission plans to provide an application titled “Schools and Libraries Cybersecurity Pilot Program Application” (FCC Form 484) that applicants must use when submitting their project proposals to the Commission. Applicants will be required to complete each section of the first part of the application and make the required certifications. The applications for the Pilot Program must be submitted through the Pilot portal on USAC's website during the announced FCC Form 484 application filing window discussed below. The Commission directs the Bureau to issue a Public Notice subsequent to the release of the Order that specifies the effective date of the Pilot Program rules and the filing window dates for submitting Pilot applications. The Public Notice must also include details on how to submit an application using the Pilot portal on USAC's website. In response to concerns about the security and confidentiality of cybersecurity information provided as part of the Pilot, as stated previously, the Commission is only requiring more general information at the application stage of the Pilot. The more detailed, cybersecurity-related information will only be provided by Pilot participants. Some commenters have expressed concerns that this type of information is sensitive and could be used by malicious cybersecurity actors for nefarious purposes. The Commission agrees and find that the cybersecurity-related information that is being requested and provided in the FCC Form 484 constitutes sensitive business information and includes trade secrets. Accordingly, the Commission will treat it as presumptively confidential under its rules and will withhold it from public inspection. The Commission further notes that FCC Form 484 data will be protected by security protections built into USAC's Pilot portal.

67. Instructions for Establishing Application Schedule and Reviewing Applications. The Commission delegates to the Bureau the authority to establish an application schedule consistent with the direction provided in the Order; review Pilot FCC Form 484 applications; and select Pilot projects and participants, doing so in an efficient and expedited manner. The Commission further directs the Bureau to consult with OEA, PSHSB, OMD, and the Office of General Counsel (OGC), as needed, regarding the review of Pilot applications and selection of participants. After selecting the Pilot participants, the Commission directs the Bureau to announce its selections through a Public Notice that will provide further detail about the Pilot Program requirements, including providing additional information and instruction regarding Pilot requirements for submitting the second part of the Form 484 application, competitive bidding, submitting requests for funding, and invoicing, as well as the Pilot-specific data and metrics reporting requirements discussed herein and the format for those reporting and metrics requirements.

68. Establishing an Application Filing Window. To facilitate an efficient and equitable application review process, the Commission directs the Bureau to establish an application filing window, after which it will review applications from all eligible applicants by weighing the considerations discussed. Establishing a single filing window was well received by those commenters who addressed the proposal and opening a single window will allow the Bureau to review all applications before making selections. The Commission expects that adopting a single FCC Form 484 application filing window and proceeding in this manner will assist with its goal of selecting a diverse cross- Start Printed Page 61297 section of Pilot participants with a particular focus on the under-resourced applicants who are most in need of cybersecurity funding. To further assist under-resourced applicants, the Commission directs the Bureau and USAC to offer dedicated training and office hours for applicants and participants who are less experienced with cybersecurity services and equipment, or with the E-Rate and ECF program forms and processes.

69. The Commission next adopts competitive bidding processes and rules for the Pilot Program that mirror the E-Rate program to ensure that the limited Pilot funds are used for the most cost-effective eligible services and equipment; the integrity of the Pilot Program is protected; and potential waste, fraud, and abuse is prevented. The Commission directs the Bureau and USAC to model the Pilot Program requests for services, invoicing, and reimbursement processes and forms on existing E-Rate and ECF program processes and forms to the extent possible for the Pilot Program, consistent with record support. In particular, the Commission expects the Bureau and USAC to leverage the following FCC forms for the Pilot that will mirror existing E-Rate and ECF forms: (1) FCC Form 470 (Description of Services Requested and Certification Form); (2) FCC Form 471 (Description of Services Ordered and Certification Form); (3) FCC Form 472 (Billed Entity Applicant Reimbursement (BEAR) Form); and (4) FCC Form 474 (Service Provider Invoice (SPI) Form). The Commission requires Pilot participants and service providers to make certain certifications on Pilot Program forms to protect the integrity of the Pilot. The Commission also requires them to submit invoices with their reimbursement requests that support the amounts requested and approved in their Pilot FCC Form 471 applications. By modeling the Pilot processes and forms on existing E-Rate and ECF processes and forms, the Commission expects to save Pilot participants time needed to familiarize themselves with the new forms and reduce administrative cost and burden.

70. As in the E-Rate program, the Commission adopts competitive bidding processes and rules for the Pilot Program to ensure that the limited Pilot funds are used for the most cost-effective eligible services and equipment, and to protect the integrity of the Pilot. Competitive bidding is a cornerstone of several USF programs, including the E-Rate and Connected Care Pilot programs, and is critical to ensuring that applicants obtain the most cost-effective offering available. Currently, under the E-Rate program rules, to obtain support an applicant must first conduct a competitive bidding process and comply with the Commission's competitive bidding rules. Applicants begin the competitive bidding process by filing a completed E-Rate FCC Form 470 with USAC. USAC, in turn, posts the form on its website for potential competing service providers to review and submit bids. An applicant must wait at least 28 days from the date on which its E-Rate FCC Form 470 is posted on USAC's website before entering into a signed contract or other legally binding agreement with a service provider and submitting an E-Rate FCC Form 471 to seek funding for selected services and equipment. The E-Rate FCC Form 470 must specify and provide a description of the eligible services and equipment requested with sufficient detail to enable potential service providers to submit responsive bids.

71. In the Cybersecurity NPRM, the Commission proposed a competitive bidding process and rules for Pilot participants that mirror the existing E-Rate competitive bidding process and rules. Because of the structural similarities between the E-Rate program and the Pilot, the proven effectiveness of the E-Rate processes and rules, and the reduced compliance burden for Pilot participants who are already familiar with existing E-Rate requirements, it concludes that its proposal is reasonable and adopts it here. To begin, the Commission adopts a Pilot FCC Form 470, modeled after the E-Rate form, that Pilot participants will use to describe their desired Pilot-eligible services and equipment and initiate the competitive bidding process. Likewise, the Commission adopts competitive bidding requirements modeled on § 54.503 of the Commission's rules, with which Pilot participants must comply to ensure they conduct an open and fair competitive bidding process. This includes, among other things, the requirement that a Pilot participant must wait at least 28 days from the date the Pilot FCC Form 470 is posted on USAC's website before entering into a legally binding agreement or contract with a service provider and must submit a Pilot FCC Form 471 to seek funding for Pilot-eligible services and equipment. It also includes the requirement that before entering into an agreement or contract with a service provider(s), a Pilot participant carefully consider all bids submitted and select the most cost-effective service offering with price as the primary ( i.e., most heavily-weighted) factor in the vendor selection process. Finally, it includes a restriction on the receipt of gifts and a requirement that the competitive bidding process be conducted in a fair and open manner ( i.e., all potential service providers have access to the same information and are treated in the same manner throughout the entire competitive bidding process).

72. Because the competitive bidding process is essential to ensuring that Pilot participants obtain the most cost-effective eligible services and equipment, protecting program integrity, and preventing potential waste, fraud, and abuse in the Pilot, the Commission declines CCSD's recommendation that applicants with existing contracts for cybersecurity solutions be allowed to request Pilot Program funding to cover the cost of those contracts and be exempt from any competitive bidding requirements. Likewise, the Commission declines to provide an exemption to competitive bidding for costs that Pilot participants may be currently cost-allocating in E-Rate funding requests for advanced firewall services. Similarly, because an open and fair competitive bidding process hinges on all bidders being on equal footing, the Commission also declines E-Rate Central's proposal that applicants be allowed to conduct their competitive bidding processes before submitting their FCC Form 484 applications and be permitted to work alongside their selected service providers to develop their proposed Pilot projects. Finally, to enable participants to select the services and equipment that best meets their needs, it clarifies, as SECA requests, that participants are permitted to require that the services or equipment to be purchased are interoperable with and/or compatible with existing services and equipment that have already been purchased.

73. The Commission does, however, establish a limited exemption to competitive bidding for Pilot participants who may be eligible to purchase services and equipment from master services agreements (MSAs) or their equivalent. Specifically, Pilot participants will not be required to seek competitive bids when seeking support for services and equipment purchased from MSAs negotiated by Federal, state, Tribal, or local governmental entities on behalf of such Pilot participants, if such MSAs were awarded pursuant to the E-Rate Form 470 process, as well as applicable Federal, state, Tribal, or local competitive bidding requirements. The Commission agrees with SECA that these MSAs or state master contracts are “efficient contract vehicles” and reflect Start Printed Page 61298 “cost-effective solutions for different components and different manufacturers.” Pilot participants will be required to use the mini-bid process if required by the relevant MSA or state master contract. The Commission finds that this exemption, which was similarly included in the Connected Care Pilot Program, will enable Pilot participants to benefit from competitively bid state master contracts and MSAs, and in so doing, will streamline the competitive bidding process and minimize the burden on Pilot participants.

74. As proposed in the Cybersecurity NPRM, the Commission adopts the Pilot FCC Form 471, modeled after the E-Rate FCC Form 471, for Pilot participants and their service provider(s). In the E-Rate program, applicants file an FCC Form 471 to request discounts on eligible services and equipment for the upcoming funding year. The E-Rate FCC Form 471 requires detailed descriptions of the services and equipment requested, including the costs of and service dates for the services and equipment; the selected service provider(s); and certifications regarding compliance with program rules. Applicants must wait until the Allowable Contract Date (ACD), which is 28 days after the E-Rate FCC Form 470 is certified and submitted to USAC, to certify and submit their E-Rate FCC Forms 471. Once an applicant certifies and submits its E-Rate FCC Form 471, USAC issues a Receipt Acknowledgment Letter (RAL) to both the applicant and its selected service provider(s). Following the issuance of the RAL, and after USAC conducts its PIA review process, USAC issues a Funding Commitment Decision Letter (FCDL) to both the applicant and the selected service provider(s), at which point they may begin to invoice after the receipt or delivery of the requested eligible services and/or equipment.

75. Similar to the E-Rate program, Pilot participants must file a Pilot FCC Form 471 to request discounts on eligible services and equipment. As with the E-Rate form, the Pilot FCC Form 471 will include information on the recipients of services and equipment and the selected service provider(s); detailed descriptions of the services and equipment requested, including their costs and service dates; and certifications regarding compliance with Pilot rules. Pilot participants will be required to wait until the ACD to certify and submit the Pilot FCC Form 471. Once a Pilot participant certifies and submits the Pilot FCC Form 471, USAC will provide the Pilot participant an opportunity to correct any errors on the form, through a RAL or similar process, after which USAC will issue an FCDL. Pilot participants will submit Pilot FCC Form(s) 471 to cover the full Pilot project, and will be allowed to submit service and equipment substitution change requests, if needed, during the three-year Pilot.

76. The Commission directs the Bureau and USAC to announce and open a Pilot FCC Form 471 application filing window to speed the availability of funds to the selected Pilot participants. During this application filing window, selected Pilot participants may submit their Pilot FCC Form(s) 471 to request eligible equipment and services that are needed to implement their Pilot project through the online system implemented by USAC. As the Commission is adopting forms, processes, and procedures that are used in the E-Rate and ECF programs, it expects that this application filing window process will be familiar to most of the selected Pilot participants. Pilot participants will have a three-year period from the date of their FCDL to receive and implement the services and equipment funded through the Pilot. Pilot participants will be required to report on the progress of their Pilot projects and how the Pilot funding is being used to improve their cybersecurity postures throughout the three-year term, consistent with the annual reporting requirements discussed in the Order. The Commission further expects that using a Pilot FCC Form 471 application filing window will allow USAC to quickly size demand, review applications, and issue funding decisions, thereby allowing the flow of funding more quickly to Pilot participants. In the event that demand does not exceed available funds, the Commission delegates authority to the Bureau to direct USAC to open additional Pilot FCC Form 471 application filing windows and to commit additional funding up to each Pilot participant's allotted budget. No Pilot participant will be allowed to request or receive more funding than what is calculated based on the per-Pilot participant budget rule.

77. Invoicing. Consistent with the E-Rate program, and pursuant to the Second Report and Order, 68 FR 36931 , June 20, 2003, the Commission permits both Pilot participants and service providers to submit requests for reimbursement using the Pilot FCC Forms 472 and 474, respectively. The Commission agrees with those commenters who explain that allowing both participant and service provider invoicing options is the most efficient and direct way to provide funding to eligible schools and libraries. The Commission concludes that, on balance, allowing both invoicing options for the submission of Pilot reimbursement requests is an efficient and effective way to ensure that participants are actually able to purchase Pilot-eligible services and equipment, and aligns most closely with the E-Rate program, which commenters support. Consistent with E-Rate program rules, Pilot participants must be permitted to select the method of invoicing. For administrative simplicity, Pilot participants must also specify on their Pilot FCC Form(s) 471 whether the participant or the service provider will be conducting the invoicing for each funding request. As part of the reimbursement process, Pilot participants and service providers must provide the required certifications, along with any necessary documentation to support their requests. Requests for reimbursement must be submitted to USAC within 90 days after the last date to receive service, and Pilot participants or service providers may request a one-time extension of the invoicing filing deadline, if the request is timely filed.

78. Invoicing Documentation. As in the ECF program, to protect the integrity of the Pilot and protect against potential waste, fraud, and abuse, the Commission requires Pilot participants and service providers to submit, along with their reimbursement requests, invoices detailing the items purchased. Invoices must support the amounts requested and approved in the Pilot FCC Form 471 application. The Commission disagrees with Lumen Technologies, Inc. and NCTA that the submission of invoices with reimbursement requests would limit flexibility for Pilot participants and serves no purposes in this context. Rather, the submission of invoices with the Pilot FCC Forms 472/474 will help expedite the review of those requests and the corresponding disbursement of funds. Moreover, although the Pilot Program is not an emergency program, it is being conducted on an expedited basis, thus necessitating swift and efficient final invoicing decisions. While the Commission will not require Pilot participants and service providers to submit other supporting documentation at the time they submit their Pilot request(s) for reimbursement, pursuant to its certifications and document retention requirements, all participants must certify receipt/delivery of eligible services and equipment and that only eligible services and equipment were invoiced, as well as retain and provide upon request by USAC, the Commission Start Printed Page 61299 (including Commission staff) and its Office of Inspector General (OIG), or any other authorized Federal, state, or local agency with jurisdiction over the entity, all records related to their Pilot FCC Forms 470, 471, and 472/474 (including, for example, competitive bidding documentation and contracts) for at least 10 years from the last date of service or delivery of equipment.

79. Consistent with the terms of the Memorandum of Understanding (MOU) between the Commission and USAC, and pursuant to the rules adopted, the Commission designates USAC as the Administrator of the Pilot Program. The Commission will use USAC's services to review, process, and approve the Pilot FCC Forms 470, 471, 472, 474, 484, and 488, as well as recommend funding commitments, issue FCDLs, review requests for reimbursement and invoices, and payment of funds, as well as other administration-related duties. The one commenter that directly addressed the issue supported using USAC and its processes for the efficient and effective administration of the Pilot Program, and the Commission agrees that USAC's experience administering the E-Rate and Connected Care Pilot programs, along with the other Federal universal service programs makes it uniquely situated to be the Administrator of the Pilot Program. In designating USAC as the Administrator of the Pilot Program the Commission notes that USAC may not make policy, interpret unclear statutes or rules relied upon to implement and administer the Pilot Program, or interpret the intent of Congress. In its administration of the Pilot Program, the Commission also directs USAC to comply with, on an ongoing basis, all applicable laws and Federal Government guidance on privacy and information security standards and requirements such as the Privacy Act, relevant provisions of the Federal Information Security Modernization Act of 2014, NIST publications, and Office of Management and Budget (OMB) guidance.

80. The Commission notifies Pilot participants, including their selected service providers that, similar to the E-Rate program and other USF programs, they shall be subject to audits and other investigations to evaluate their compliance with the statutory and regulatory requirements for the Pilot. USF Program audits have been successful in helping program applicants and participants improve compliance with the Commission's rules and in protecting the funds from waste, fraud, and abuse. The Commission directs USAC to perform such audits pursuant to the Commission's and USAC's respective roles and responsibilities as set forth in the MOU and § 54.2011 of the Commission's rules. The Commission is also mindful of the privacy concerns raised regarding providing personally identifiable information (PII) to Commission or USAC staff about individual students, school staff, or library patrons that may be collected as part of the cybersecurity measures implemented through the Pilot. While it does not anticipate that Pilot participants will need to share the PII of students, school staff, or library patrons in connection with their Pilot FCC forms, audits (or related compliance tools), or reporting, it notes that the Commission, USAC, and any contractors or vendors will be required to abide by all applicable Federal and state privacy laws. The Commission also directs the Commission, USAC, and contractor/vendor staff to take into account the importance of protecting the privacy of students, school staff, and library patrons, to design requests for information from schools and libraries that minimize the need to produce information that might reveal PII, and to work with auditors to accept anonymized or deidentified information in response to requests for information wherever possible. If anonymized or deidentified information regarding the students, school staff, and library patrons is not sufficient for auditors' or investigative purposes, the auditors or investigators may request that the school or library obtain the consent of the parents or guardians, for students, and the consent of the school staff member or library patron to have access to PII or explore other legal options for obtaining PII. The Commission additionally delegates to the Bureau and OMD, in consultation with OGC (and specifically the Senior Agency Official for Privacy) the authority to establish requirements for the Bureau's, USAC's, or any contractor's/vendor's collection, use, processing, maintenance, storage, protection, disclosure, and disposal of PII in connection with any Pilot FCC forms, audit (or other compliance tool), or reporting.

81. The Commission takes seriously its obligation to be a careful steward of the USF and to protect the integrity of the Pilot Program. The commission is committed to ensuring the integrity of the Pilot and will pursue instances of waste, fraud, or abuse under its own procedures and in cooperation with the Commission's OIG and other law enforcement agencies. The specific procedures the Commission adopts regarding document retention requirements, the prohibition on gifts, certifications, audits, suspension and debarment, and the treatment of eligible services and equipment are modeled after its E-Rate processes and are tools at its disposal to protect the Pilot and ensure the limited program funding is used for its intended purposes to support Pilot Program goals and enable the purchase of Pilot-eligible services and equipment.

82. In the Cybersecurity NPRM, the Commission sought comment on whether “document retention requirements” for the Pilot, including those based on modifying rules from the Commission's E-Rate program, would help “protect the program integrity of the Pilot.” The Commission adopts this proposal. Specifically the Commission includes a new § 54.2010(a) of the Commission's rules, modeled after a corresponding E-Rate rule, that requires Pilot participants to “retain all documents related to their participation in the [Pilot] program sufficient to demonstrate compliance with all program rules for at least 10 years from the last date of service or delivery of equipment” and “maintain asset and inventory records of services and equipment purchased sufficient to verify the actual location of such services and equipment for a period of 10 years after purchase.” The Commission also includes a new § 54.2010(b) of the Commission's rules, also modeled after a corresponding E-Rate rule, that requires Pilot participants and service providers to “produce such records upon request of any representative (including any auditor) appointed by a state education department, the Administrator, the Commission, its OIG, or any local, state, or federal agency with jurisdiction over the entity.” This rule requires that Pilot participants must retain documents regarding participation in the Pilot, including asset and inventory records, accumulated during the Pilot, for a period of 10 years.

83. While commenters generally did not opine on these issues, the Commission finds that this new rule, § 54.2010(a), will ensure that participants have sufficient records on hand related to all aspects of their participation in the Pilot to permit entities with jurisdiction over the participant, including USAC and the Commission, to make efficient and reliable determinations of compliance, e.g., as part of any post-audit review or investigation that bears on potential waste, fraud and abuse in the Pilot Program. The Commission finds that this new rule, § 54.2010(b), will effectively establish (or confirm) that a Start Printed Page 61300 Pilot participant must provide documents to external parties with valid jurisdiction when a request is made for the retained documents. The Commission finds its actions are warranted as the Commission, as a careful steward of the USF's limited funds, has a strong interest in ensuring that sufficient documentation is available and can be accessed to permit external parties with jurisdiction to make reliable and efficient determinations of potential waste, fraud and abuse in the Pilot. The Commission also finds that the new rules will meaningfully inform potential Commission short-term action, e.g., through enforcement or other remediation steps if the integrity of the Pilot Program is threatened, and long-term action, that could potentially result in future revision of Commission or USAC processes to better protect the USF and the USF programs. Moreover, the Commission finds these rules, including the associated “10 year” retention and production requirements, are likely to be effective in protecting the integrity of the Pilot because they are modeled after existing § 54.516 of the Commission's rules with only clarifying amendments reflective of the structure of the Pilot. The Commission has found the E-Rate rules to be effective over the course of its many years of experience overseeing USAC's administration of the E-Rate program. As the Commission has previously noted, these rules, including the 10-year document retention and production requirement, appropriately balance the need to have pertinent documentation available for review with corresponding administrative burdens and storage costs borne by E-Rate applicants and service providers. The Commission expects similar benefits to accrue in relation to the Pilot.

84. In balancing the longstanding goal of fair and open procurement with the disbursement of USF support for eligible equipment and services, the Commission adopts gift restrictions for the Pilot. Consistent with the E-Rate program, the Commission prohibits eligible schools and libraries receiving Pilot Program support, including their employees, officers, representatives, agents, independent contractors, consultants, and individuals who are on the governing boards, from soliciting or accepting any gift or other thing of value from a service provider participating in or seeking to participate in the Pilot. Similar to the E-Rate program, participating service providers, including their employees, officers, representatives, agents, independent contractors, consultants, and individuals who are on governing boards, are likewise prohibited from offering or providing any gift or other thing of value to eligible entities, including their employees, officers, representatives, agents, independent contractors, consultants, and individuals who are on the governing boards.

85. As an additional measure to protect the integrity of the Pilot, the Commission also requires participants to provide several certifications as part of the FCC Form 484 application, competitive bidding, requests for services, and invoicing processes. Similarly, the Commission requires their selected service providers to provide certifications related to Pilot invoicing processes. The Commission finds, and no commenter disagrees, that the use of certifications are a key compliance mechanism to protect the limited Pilot funds. All certifications must be made subject to the provisions against false statements contained in the Act and Title 18 of the United States Code.

86. Duplicate Funding Certification. The Commission confirms that it will not provide support for eligible services and equipment, or the portion of eligible services and equipment, that have already been reimbursed with other Federal, state, Tribal, or local funding, or are eligible for discounts from E-Rate or another universal service program. No commenters opposed adopting this limitation to stretch the Pilot's limited funds. To implement this prohibition on requesting or receiving duplicative funding, the Commission will require Pilot participants and service providers to certify on the FCC Forms 472 or 474 that they are not seeking support or reimbursement for Pilot-eligible services and equipment that have been purchased and reimbursed with other Federal, state, Tribal, or local funding, or are eligible for discounts from E-Rate or another universal service program. The Commission takes this action to ensure that the limited Pilot support will be used for its intended purposes and clarify that if the Pilot-eligible services and equipment are fully reimbursed through other sources, participants and service providers should not be seeking funding for them through the Pilot Program.

87. Additional Certification Requirements. The Commission also requires Pilot participants, when submitting their Pilot FCC Form 470 competitive bidding forms, and Pilot participants and service providers when submitting their FCC Forms 472 and 474 requests for reimbursement ( i.e., invoicing forms), respectively, to provide several additional certifications. For example, Pilot participants and service providers must certify that they are seeking funding for only Pilot-eligible services and equipment. Pilot participants and service providers should be aware that the certification descriptions referenced in this section are not exhaustive and it is incumbent on them to familiarize themselves with the certifications required by each of the Pilot forms and rules that are applicable to them.

88. Support provided for cybersecurity services and equipment funded through the Pilot will be subject to audits and reviews consistent with the procedures currently used for the USF programs ( e.g., Beneficiary and Contributor Audit Program audits and Payment Integrity Assurance (PIA) reviews), and could be subject to recovery measures should the Commission and/or USAC find a violation of its rules and deem it appropriate. Specifically, applicants, participants, and service providers may be subject to audits and other investigations by USAC and/or Bureaus and Offices of the Commission to evaluate compliance with the rules it adopted. The Commission considers audits and other review mechanisms in the Pilot program to be important tools in ensuring compliance with its rules and identifying instances of waste, fraud, and abuse. Considering the action it took to create the Pilot Program using universal service funding, the Commission expects that these tools will continue to be paramount to its ability to ensure that these finite funds are used appropriately and consistent with its rules.

89. Consistent with its proposals in the Cybersecurity NPRM, the Commission will apply its existing USF suspension and debarment rules to the Pilot. In addition, to the extent that the Commission adopts updated and final suspension and debarment rules in a separate and pending proceeding, it will apply the updated rules to the Pilot Program.”

90. While commenters did not opine on these issues, the Commission finds it beneficial to apply its USF suspension and debarment rules, which are applicable to existing USF programs and codified at § 54.8 of its rules, to the Pilot as well. The Commission's decision to make these rules binding on persons, including individuals and entities, involved in the Pilot provides these groups with notice as to the types of behavior that could result in their suspension and debarment (and the suspension and debarment of others), Start Printed Page 61301 the processes by which suspension and debarment would be determined, and some of the consequences of such action. The Commission also finds that this action will permit Pilot participants to make better-informed decisions as to the consultants and other persons that they choose to employ or otherwise retain ( e.g., based on factors that are identified in its suspension and debarment rules) for work on the Pilot Program, which will protect participants, and the USF, from waste, fraud, and abuse. As the Pilot incorporates administrative processes, forms, and rules from E-Rate and other USF programs, the Commission finds it reasonable to apply its existing USF suspension and debarment rules to the Pilot as well. The Commission finds that doing so ensures that participants are able to engage a variety of persons with expertise and skills relevant to the USF generally, and Pilot specifically, while also preventing potential bad actors from undermining the Pilot's goals. Ultimately, the Commission finds that its actions will support its mission to maintain the Pilot's integrity and protect it from waste, fraud, and abuse.

91. Similarly, the Commission finds it appropriate to apply any new Commission USF suspension and debarment rules that may be finalized during the course of the Pilot to the Pilot as well. The Pilot incorporates administrative processes, forms, and rules from E-Rate and other USF programs. The Commission therefore finds it reasonable to apply any new suspension and debarment rules developed for those programs to the Pilot as well.

92. The Commission adopts three performance goals to enable it to evaluate the Pilot Program. The Commission expects that, to the extent that the Pilot Program meets these goals, the results of the Pilot will help us assess the costs and benefits of utilizing universal service funds to support schools' and libraries' cybersecurity needs, as well as how other Federal resources could best be leveraged to ensure that these needs are addressed in the most efficient and effective manner. The Commission also adopts a periodic reporting requirement designed to allow the Commission evaluate the goals and success of the Pilot Program while, to the extent possible, taking steps to minimize the burden on Pilot participants.

93. In the Cybersecurity NPRM, the Commission proposed three performance goals for the Pilot Program. Specifically, the Commission proposed the goals of: (i) improving the security and protection of E-Rate-funded broadband networks and the data on those networks; (ii) measuring the costs associated with cybersecurity services and equipment, and the amount of funding needed to adequately meet the demand for these services if extended to the E-Rate program; and (iii) evaluating how to leverage other Federal K-12 cybersecurity tools and resources to help schools and libraries effectively address their cybersecurity needs. Additionally, the Commission proposed and sought comment on how it can best measure progress towards these goals, to ensure that the limited Pilot funds are used most impactfully and effectively. The Commission also sought comment on how to evaluate the Pilot, including whether participants should submit periodic reports and other assessments and evaluations.

94. Based on the record, the Commission adopts its three proposed performance goals for the Pilot. The Commission notes that commenters broadly supported the three proposed goals, considering them appropriate to allow the Commission to assess the effectiveness and cost of the cybersecurity services and equipment used in the Pilot.

95. First Performance Goal: Improving the Security and Protection of E-Rate-Funded Broadband Networks and Data. First, the Commission adopts a goal for the Pilot Program of improving the security and protection of E-Rate-funded broadband networks and data. Funding made available by the Pilot will help participants acquire cybersecurity services and equipment to improve the security of their broadband networks and data. Commenters generally supported this goal. Cisco, for example, deemed the goal consistent with the Commission's “statutory responsibilities to adapt the universal service rules to account for advances in telecommunications and information technology.” Making funding available for cybersecurity services and equipment will help Pilot participants protect and secure their E-Rate-funded broadband networks and data to mitigate increasing cybersecurity threats. In adopting this goal, the Commission emphasizes that it is not only seeking to improve the security and protection of E-Rate-funded Pilot participants, but also to gather information to aid the exploration of improving the security and protection of E-Rate-funded networks going forward. To that end, and as discussed herein, the Commission is not limiting Pilot participation to existing E-Rate participants but will allow all eligible schools, libraries, and consortia to apply for the Pilot. By taking a holistic approach that incorporates all types of eligible schools and libraries, the Commission seeks to gather data that will help it evaluate how best to safeguard E-Rate-funded networks now and in the future.

96. Second Performance Goal: Measuring the costs associated with cybersecurity services and equipment, and the amount of funding needed to adequately meet the demand for these services if extended to all E-Rate participants. Next, the Commission adopts a goal of measuring the costs and effectiveness of cybersecurity services and equipment. By making a wide range of cybersecurity services and equipment eligible for USF support, the Pilot will enable the Commission to gather data on the associated cost and effectiveness of various cybersecurity solutions. As ALA, in particular, has observed, there are concerns about the cost to the USF of adding any new E-Rate eligible services and equipment, including cybersecurity services and equipment. By measuring these costs as part of the Pilot, the Commission will be well-positioned to evaluate the potential challenges to funding these types of services and equipment over the long term. In addition, to measure effectiveness, CIS recommended that the Commission require participants “to assess themselves before the Pilot and annually against a recognized cybersecurity framework and provide their scores as a measurement of success against their individual baseline.” With such recommendations in mind, the Commission adopts a goal of measuring the costs and effectiveness of cybersecurity services and equipment, gathering data for the Commission to determine whether it is economically feasible to support advanced firewall and other cybersecurity services and equipment with universal service funding. In adopting this goal, the Commission disagrees with commenters who suggest that, in collecting data to evaluate the Pilot, its goals should be focused on determining “how to best modernize the E-rate Category 2 to include cybersecurity permanently” or adopting concurrent changes to its category two rules to permit funding for advanced firewalls and MFA. Although the Commission hopes to learn more about whether and how to best fund cybersecurity services and equipment at the conclusion of the Pilot, it does not prejudge the appropriate mechanism or services and equipment to fund and, instead, look holistically at how universal service funds could be used to meet the K-12 schools' and libraries' Start Printed Page 61302 demand for cybersecurity services and equipment.

97. Third Performance Goal: Evaluating how to leverage other Federal K-12 cybersecurity tools and resources to help schools and libraries effectively address their cybersecurity needs. Third, the Commission adopts a goal of evaluating how to best leverage other available and low-cost and free Federal resources to better equip K-12 schools and libraries to proactively address their cybersecurity risks, though it does not go so far as to require the use of specific Federal Government tools and resources as initially discussed in the Cybersecurity NPRM. Commenters generally agreed with this goal. The Friday Institute for Education Innovation (Friday Institute), for example, stated that its Federal partners “provide a wealth of best practices and knowledge,” and “[r]elying on their expertise is a prudent approach to shaping the E-rate program's cybersecurity component.” CTIA emphasized the importance of collaborating with other agencies to pursue and implement shared cybersecurity objectives. Commenters emphasize that collaboration with other Federal partners is “vital,” with the Cybersecurity Coalition and Information Technology Industry Council (Cybersecurity Coalition/ITI) noting that they are “pleased” that the Pilot is focused on “how to balance [the] `complementary work of federal agency partners.' ” The Commission agrees with commenters on the importance of leveraging the expertise of its Federal, state, and local partners, and adopting this goal for the Pilot Program signals its intent to continue to work collaboratively on shared objectives to streamline its efforts to address schools' and libraries' cybersecurity challenges. To this end, the Commission agrees with commenters that, where possible, it should align its Pilot with the cybersecurity goals of its Federal partners.

98. Data reporting requirements for participants. To measure the Pilot's success in meeting the aforementioned goals, the Commission adopts initial, annual, and final reporting requirements for participants. In the Cybersecurity NPRM, the Commission proposed that Pilot participants submit certain information to apply for the Pilot, a progress report for each year of the Pilot, and a final report at the conclusion of the Pilot. The Commission also proposed that these reports contain information on how Pilot funding was used, any changes or advancements that were made to the school's or library's cybersecurity efforts outside of the Pilot-funded services and equipment, the number of cyber incidents that occurred each year of the Pilot Program, and the impact of each cyber incident on the school's or library's broadband network and data. The Commission sought comment on these proposals, as well as the best ways for it to evaluate the Pilot and measure progress towards the proposed performance goals.

99. Commenters generally agreed with its proposal to establish data reporting requirements. Crown Castle Fiber LLC (Crown Castle) noted the value of data reporting requirements, stating that they provide “valuable insight into the types of new services and equipment that applicants purchase to address their network and data security concerns and the impact of implementing various cybersecurity solutions.” FFL emphasized that the effectiveness of the Pilot Program should be measured by progress made toward the implementation of solutions and tactics known to increase resiliency to attacks, not by the presence or characteristics of cyberattacks or applicant responses during an applicant's participation in the Pilot. CTIA suggested that the reporting requirements use standardized metrics to obtain a common baseline of data across participants to aid in program evaluation.

100. Some commenters provided detailed recommendations about the reporting metrics the Commission should use to gather and report Pilot data. CrowdStrike, for example, stated that one promising evaluation metric is mean time to detection and response, and suggested that the Commission designate a “control group” of similar organizations to assess Pilot success. Rubrik proposed a variety of metrics to measure Pilot effectiveness, such as the ability to quickly recover from a cyber event; identify sensitive data on the network where it resides and determine who has access to it; and test cyber recovery functionality to properly plan for a cyber event. The City of New York Office of Technology and Innovation (City of NY OTI) suggested specific metrics that could include “Mean Time to Detect”; “Mean Time to Response”; “False Positive Rate”; “True Positive Rate”; and “Investigation Rate to Incident Containment Rate.”

101. Based on the record, the Commission adopts the requirement for initial, annual, and final reporting so that Pilot participants evaluate and report on their cybersecurity readiness before they begin participation in, during, and after the Pilot Program and it directs the Bureau to add a certification as part of the data collection requirements that will require participants to certify to the accuracy of the information reported and define mechanisms for enforcement. Specifically, after providing an initial baseline assessment using information that includes the reporting requirements for the second part of the application process, Pilot participants will be required to submit annual reports, followed by a final report at the completion of the program. In establishing these periodic reporting requirements, the Commission seeks to balance its need for gathering the data necessary to evaluate the goals and success of the Pilot with commenters' recommendations that it minimize the burden on Pilot participants to the extent possible. The Commission finds that tracking and evaluating participants' cybersecurity progress over the course of the Pilot will be essential in helping us determine whether and how to fund schools' and libraries' cybersecurity needs through the E-Rate program or another universal service program on an ongoing basis. Information contained in initial, annual, and final reports will be presumptively confidential; however, the Commission does plan to use school or library data as a tool to evaluate the Pilot and determine next steps. Additionally, at its discretion, the Commission may create for public release a version of this information that is aggregated, anonymized, or otherwise not subject to protection from disclosure under the Freedom of Information Act. The Commission requires Pilot participants to submit each annual report no later than 60 days following the conclusion of each year ( i.e., year one and year two) of the Pilot Program, and to submit their final report no later than 60 days following the conclusion of the last year ( i.e., year three) of the Pilot Program. To accomplish the goal of periodic reporting by Pilot participants, the Commission delegates to the Bureau the authority to use school and library data to evaluate the Pilot, as well as the authority to create and release a public version of this information. The Commission also directs the Bureau to release a Public Notice (or multiple Public Notices, as needed) detailing the specific information to be provided by Pilot participants, additional detail regarding the timing for the submission of these reports, and to consider developing a standardized reporting form and publicizing its availability. In developing the required reporting metrics, the Commission directs the Bureau to consult with OEA and relevant Federal partners to identify those metrics that will best serve the Start Printed Page 61303 needs of the Pilot and allow the Commission to evaluate whether and to what extent the Pilot succeeded in meeting the three performance goals. The Bureau should, to the extent practicable, and subject to approval from OMB, make the data reporting requirements available to Pilot participants prior to the availability of the Pilot FCC Form 470 to enable participants to consider whether there is any required information that they may need to obtain from their vendor(s) during the competitive bidding process.

102. Finally, in making these data reporting recommendations, a few commenters expressed concerns about protecting both the sensitive nature of the data and insulating Pilot applicants and participants from malicious cybersecurity actors who would use the data for nefarious purposes. The Commission is sensitive to and agree with these concerns and have measures in place to protect the school- and library-specific cybersecurity data it requests as part of the Pilot Program. Specifically, the Commission finds that the information provided by Pilot participants in the initial, annual, and final reports required by the Pilot constitutes sensitive business information and the reports may also contain trade secrets. The Commission therefore will treat this information as presumptively confidential under its rules and withhold it from public inspection. In addition, the Commission has elected to bifurcate the application process, seeking a more general level of cybersecurity information from applicants and leaving the more detailed cybersecurity reporting for Pilot participants. Taken together, the Commission expects that these measures will alleviate commenters' concerns about protecting Pilot applicants' and participants' sensitive information regarding cybersecurity threats and readiness.

103. Pilot Program reports. The Commission directs the Bureau, in consultation with OEA, to review the reports submitted by Pilot participants and publish one interim report during the three-year Pilot and a final report after the Pilot has concluded. The interim report will, at a minimum, provide a summary of funding commitments and disbursements to-date and provide an update on progress toward the Pilot Program's performance goals. The final report will, at a minimum, provide a summary of funding disbursements, evaluate the Pilot Program's success in meeting each performance goal, and identify lessons learned. Recognizing the sensitivity of the information provided by Pilot applicants and participants, the Commission directs the Bureau to follow procedures for confidential information, including aggregating the information as necessary. The Commission directs the Bureau to publish the interim report no later than 180 days after Pilot participants submit their second ( i.e., year two) annual reports and to publish the final report no later than 180 days after Pilot participants submit their final ( i.e., year three) reports.

104. The Commission provides a path for recourse to parties aggrieved by decisions issued by USAC as a result of, or during, the Pilot. Specifically, the Commission adopts appeal and waiver request rules consistent with those that govern USAC's administration of the USF programs, including the E-Rate program. The Commission finds these existing processes sufficient to provide a meaningful review of decisions issued by USAC and the Commission regarding the Pilot. However, the Commission makes one modification for the Pilot Program appeal and waiver rules and provide a 30-day timeframe to request the review of an action by USAC, or to request the review of a decision by USAC or a waiver of the Commission's rules. Despite assertions from some commenters that modifying the rules in this manner would limit Pilot participant flexibility and is unnecessary in this context, the Commission thinks this change will benefit Pilot participants (and the program generally) by providing faster timeframes for appeal and waiver decisions and final Pilot funding decisions. Additionally, the Commission finds that a 30-day timeframe is appropriate given the limited three-year duration of the Pilot Program.

105. The Commission concludes that the Commission has legal authority to establish a Pilot Program that provides USF support for cybersecurity services and equipment to eligible schools and libraries. As a preliminary matter, in the Cybersecurity NPRM, it tentatively concluded that the Commission has sufficient legal authority for funding cybersecurity services and equipment for schools and libraries pursuant to sections 254(c)(1), (c)(3), (h)(1)(B), and (h)(2) of the Act. The Commission noted that the Pilot is consistent with Congress's view that the USF represents an evolving level of service, informing potential future actions that the Commission would take to further its obligation to “establish periodically” universal service rules that “tak[e] into account advances in telecommunications and information technologies and services.” Additionally, the Commission noted that the existing record supported the view that the Pilot is “technically feasible and economically reasonable” as required by section 254(h)(2)(A) of the Act. The Commission also noted that the proposed Pilot appeared consistent with section 254(c)(3) of the Act, which grants the Commission authority to “designate additional services for [USF] support . . . for schools [and] libraries,” as the Pilot would allow for the designation of additional services that may be used by participating schools and libraries based on USF funding. In the Cybersecurity NPRM, the Commission sought additional comment on such views and on the other sources of legal authority, such as the extent to which the Pilot fulfills the Commission's mandate to make “[q]uality services” available at just, reasonable, and affordable rates, and the limits and restrictions that it should place on recipients of Pilot funds to remain within the statutory authority.

106. Commenters generally supported its conclusion that sufficient legal authority exists for the creation of this Pilot Program. In particular, commenters agreed that universal service is an “evolving level of telecommunications services,” and noted that the Pilot-supported services and equipment “reflect ongoing advances in schools and libraries broadband networks and services.” Furthermore, Cisco stated that enhanced cybersecurity services and equipment strengthens and ensures access to and usability of broadband networks, supporting the Act's mandate that the Commission enhance access to advanced telecommunications and information services for schools and libraries. Cisco also noted that the scale and number of cybersecurity threats and attacks increased during the pandemic, as schools shifted to heavier reliance on technology services, and “such changed circumstances support consideration of a change in the Commission's policy with respect to the funding of cybersecurity measures for schools and libraries,” in furtherance of Congress's mandate “to take into account evolving technologies and to designate additional services to support enhanced connectivity for schools and libraries.”

107. It agrees with these assessments, and affirm its conclusion in the Cybersecurity NPRM that the Commission has sufficient legal authority to use universal service funds to support cybersecurity services and equipment for eligible schools and libraries, for several reasons. First, the Commission agrees that providing Start Printed Page 61304 support for cybersecurity services and equipment fulfills its mandate under section 254(c)(1) of the Act to periodically refine universal service to take into account advances in technology and services. As CoSN points out, the Pilot Program will provide support for new services and equipment that reflect advances in school networking technology. By studying how best universal service funds can be used to support E-Rate-funded networks and data, the Pilot enables us to refine universal service in today's modern educational environment, pursuant to section 254(c)(1) of the Act.

108. Second, the Commission finds that Pilot funds will be used for “educational purposes,” pursuant to section 254(h)(1)(B) of the Act. E-Rate rules require schools and libraries to use eligible services “primarily for educational purposes,” defined for schools as “activities that are integral, immediate, and proximate to the education of students,” and for libraries as “activities that are integral, immediate, and proximate to the provision of library services to library patrons.” Pilot funds will help ensure that school and library connections are reliable and not disrupted by cyberattacks, and will further protect the sensitive data often stored on those networks. As such, use of Pilot funds serves an educational purpose, by promoting the education of students, or the provision of library services to library patrons, free from disruption, cyberattack, or theft of sensitive data, pursuant to its mandate under section 254(h)(1)(B) of the Act.

109. Furthermore, the Commission concludes that the use of universal service support for advanced firewalls and other cybersecurity services and equipment for educational purposes fits within the Commission's authority and direction under section 254(h)(1)(B) of the Act to designate “services that are within the definition of universal service under subsection (c)(3),” which authorizes the Commission to designate non-telecommunications services for support. In the First Universal Service Order, 62 FR 32862 , June 17, 1997, the Commission found that sections 254(h)(1)(B) through 254(c)(3) of the Communications Act authorizes universal service support for telecommunications services and additional services such as information services. The Commission therefore finds that, to the extent any of the advanced firewall or cybersecurity services are not telecommunications services, those services nevertheless can be purchased with universal service support pursuant to section 254(h)(1)(B) of the Act. In addition, sections 254(h)(1)(B) through 254(c)(3) of the Act provides authority to support the advanced firewall and cybersecurity equipment that the Pilot will fund to protect E-Rate-funded networks and data. In the First Universal Service Order, the Commission concluded that “we can include `the information services,' e.g., protocol conversion and information storage, that are needed to access the internet, as well as internal connections, as `additional services' that section 254(h)(1)(B), through section 254(c)(3), authorizes us to support.” The Commission further distinguished between ineligible types of peripheral equipment ( e.g., laptops) and eligible equipment that is necessary to make the services functional. Therefore, the Commission also finds that because advanced firewall and cybersecurity equipment are critical to support the services that will protect E-Rate-funded networks and data, they fall into the latter category and it therefore concludes that the Commission has authority under sections 254(h)(1)(B) through 254(c)(3) of the Act to support the purchase of advanced firewall and cybersecurity equipment for educational purposes.

110. Additionally, the Commission has concluded that, pursuant to sections 4(i) and 254(c)(1), (c)(3), (h)(1)(B), and (h)(2) of the Act, E-Rate-supported services can be provided by both telecommunications carriers and non-telecommunications carriers. In reaching this conclusion, the Commission determined that section 254(h)(1)(B)'s requirement that discounts for services be provided to “telecommunications carriers” does not “stand as a bar to its authority to allow non-telecommunications providers to provide such services and participate in the E-rate program” under sections 254(h)(2)(A) and 4(i) because limiting the eligibility of such services to only those provided by telecommunications carriers would “unduly limit the flexibility of schools and libraries to select the most cost-effective broadband solutions to meet their needs, which would be inconsistent with its schools and libraries policies.” Moreover, permitting the provision of such services by both telecommunications and non-telecommunications carriers “enhances access to advanced telecommunications and information services for public and non-profit elementary and secondary school classrooms and libraries.” Consistent with this authority, the Commission likewise allow Pilot participants to purchase eligible services and equipment from both telecommunications and non-telecommunications providers because it will provide Pilot participants with greater access and flexibility to select the best option at lower costs.

111. Third, and separately, the Commission affirms its authority under section 254(h)(2)(A) of the Act, as the Pilot will enhance access to advanced telecommunications and information services for elementary and secondary school classrooms and libraries. The use of Pilot-supported services to protect school and library broadband networks further enhances school classroom and library access to other advanced telecommunications and information services. Specifically, the Commission agree with CoSN that “cyberattacks throttle or completely thwart the ability of schools and libraries to use the `advanced telecommunications and information services' promised by the Act.” Supporting cybersecurity services through the Pilot will enable and encourage participants to make full use of their connectivity services, with the reassurance that their broadband networks and services, and the information contained in them is protected. The Commission finds this to be true even for use of school-owned devices used for educational purposes outside of the school, for example, in a student's home. Section 254(h)(2)(A)'s reference to “classrooms” is not prohibitive to the use of E-Rate support for off-premises use. The statute directs the Commission to establish rules to enhance access “ for all public and nonprofit elementary and secondary school classrooms . . . and libraries.” Notably, the text does not say to enhance access to services “at” or “in” school classrooms (or libraries), as would more naturally indicate a tie to a physical location. As such, the statute permits funding of services that enhance access for school classrooms and libraries, even if such services are used off-premises. Accordingly, the Pilot can support the purchase of advanced firewall and cybersecurity services and equipment for use on school-owned devices for educational purposes, even if those devices may be used off-premises.

112. Lastly, the Commission finds that the Pilot Program is economically reasonable, and a prudent use of the limited universal service funds. The Commission has previously found expanding the types of cybersecurity services and equipment beyond basic firewall services to be cost-prohibitive to the E-Rate program. Since then, however, the COVID-19 pandemic Start Printed Page 61305 changed how K-12 schools and libraries use their broadband networks for educational purposes, and K-12 schools and libraries increasingly find themselves prime targets for cybersecurity threats and attacks by malicious actors who seek to exploit the schools' and libraries' networks and data. In light of such developments, as well as an increased cap for E-Rate funding, exploring expanding funding for cybersecurity services and equipment beyond basic firewalls is now prudent to determine whether there is more the Commission can do to protect schools' and libraries' E-Rate-funded broadband networks. Furthermore, by conducting a limited Pilot, the Commission can best determine whether it can support these essential services without jeopardizing the ability of the E-Rate program to continue to support the connectivity of school and library broadband networks. Generally, commenters were in favor of increasing funding to support cybersecurity services beyond basic firewalls. For example, CIS recommended that the Commission “allow funding for any cybersecurity protection that improves or enhances the cybersecurity of an organization.” Cisco stated that “enhanced cybersecurity and advanced firewalls are needed for the delivery of reliable and useable broadband connectivity to students and educators” and funding such services is “consistent with the public interest, convenience, and necessity.” As a result, the Commission finds funding cybersecurity services and equipment through the Pilot to be a prudent use of the limited USF support and conclude that the Pilot is economically reasonable pursuant to section 254(h)(2)(A) of the Act.

113. The Commission concludes that the requirements of the Children's internet Protection Act (CIPA) are triggered by the purchase of eligible services or equipment through the Pilot Program. As it has explained in the E-Rate and ECF programs, CIPA applies to the use of school- or library-owned computers, including laptop and tablet computers, if the school or library accepts support for services and equipment that are used for internet access, internet services, or internal connections. As discussed in the Cybersecurity NPRM, Congress enacted CIPA to protect children from exposure to harmful material while accessing the internet from a school or library, and CIPA prohibits certain schools and libraries having computers with internet access from receiving funding under section 254(h)(1)(B) of the Act unless they comply with specific internet safety requirements. Its determination that CIPA is applicable to the Pilot Program is consistent with past Commission decisions in the E-Rate program and E-Rate ESLs which have included both basic firewall services provided as a standard component of a vendor's internet access service as category one internet access services, and standalone basic firewall services and components as category two internal connections services. Because the cybersecurity services and equipment it makes eligible under the Pilot Program serve functions equivalent to that of the basic firewall services currently supported by the E-Rate program, the Commission treats them similarly, either as standalone internal connections or as components of internet access. The Commission therefore concludes that the provision of Pilot support is also governed by sections 254(h)(5)(A)(i) and 254(h)(6)(A)(i) of the Act, and compliance with the CIPA internet safety requirements is a condition of the receipt of Pilot Program support. As with the E-Rate and ECF programs, the Commission also concludes that CIPA does not apply where schools or libraries have purchased services to be used only in conjunction with student-, school staff-, or library patron-owned computers. Also, consistent with the ECF program, the Commission finds that a Pilot participant need not complete additional CIPA compliance certifications if it has already certified its CIPA compliance for E-Rate support for the funding year preceding the start of the Pilot ( i.e., it has certified its compliance in an E-Rate FCC Form 486 or FCC Form 479). If a Pilot participant has not previously certified its CIPA compliance in the E-Rate program, it will need to do so to qualify for Pilot Program support or certify that it is taking actions to come into compliance with the CIPA requirements.

114. In order to ease program administration, the Commission delegates to the Bureau, consistent with the goals of the Pilot Program, the authority to waive certain program deadlines, clarify any inconsistencies or ambiguities in the Pilot Program rules, adjust Pilot project funding commitments, or to perform other administrative tasks as may be necessary for the smooth implementation, administration, and operation of the Pilot Program. The Commission also delegates to the Bureau the authority to grant limited extensions of deadlines to Pilot projects, and other authority as may be necessary to ensure a successful Pilot Program.

115. In addition, the Commission delegates financial, information security, and privacy oversight of the Pilot Program to OMD and OGC, and direct OMD and OGC to work in coordination with the Bureau to ensure that all financial, information security, and privacy aspects of the Pilot have adequate internal controls. These duties fall with OMD's current delegated authority to ensure that the Commission operates in accordance with Federal financial statutes and guidance. OMD performs this role with respect to USAC's administration of the Commission's universal service programs and it anticipates that OMD will leverage existing policies and procedures, to the extent practicable and consistent with the Pilot, to ensure the efficient and effective management of the program. Finally, it notes OMD is required to consult with the Bureau on any policy matters affecting the Pilot Program, consistent with § 0.91(a) of the Commission's rules.

116. The Commission directs the Bureau to conduct outreach to educate eligible schools and libraries about the Pilot Program, and to coordinate, as necessary, with other Federal agencies, and state, local, and Tribal governments. As supported by the record in this proceeding, the Commission also directs USAC to develop and implement a communications strategy, under the oversight of the Bureau, to provide training and information necessary for schools and libraries to successfully participate in the Pilot Program. Outreach, education, and engagement with Pilot Program applicants and, ultimately, selected Pilot participants will be an important tool in ensuring the Pilot Program is successful and meets its goals.

117. The Commission recognizes that once implementation of the Pilot Program begins, the Bureau may encounter unforeseen issues or problems with the administration of the program that may need to be resolved. To promote maximum effectiveness and smooth administration of the Pilot Program, the Commission delegates to Bureau staff the authority to address and resolve such unforeseen administrative issues or problems, provided that doing so is consistent with the decisions it reached herein.

118. Paperwork Reduction Act. This document contains new information collection requirements. The Commission, as part of its continuing effort to reduce paperwork burdens, will Start Printed Page 61306 invite the general public to comment on the information collection requirements contained in the Order as required by the Paperwork Reduction Act of 1995, Public Law 104-13 . In addition, the Commission notes that pursuant to the Small Business Paperwork Relief Act of 2002, Public Law 107-198 , see 44 U.S.C. 3506(c)(4) , the Commission previously sought specific comment on how the Commission might further reduce the information collection burden for small business concerns with fewer than 25 employees.

119. Congressional Review Act. The Commission has determined, and the Administrator of the Office of Information and Regulatory Affairs, OMB, concurs, that this rule is “non-major” under the Congressional Review Act, 5 U.S.C. 804(2) . The Commission will send a copy of the Order to Congress and the Government Accountability Office pursuant to 5 U.S.C. 801(a)(1)(A) .

120. Regulatory Flexibility Act. As required by the Regulatory Flexibility Act of 1980, as amended (RFA), an Initial Regulatory Flexibility Analysis (IRFA) was incorporated in the Cybersecurity NPRM, released in November of 2023. The Federal Communications Commission (Commission) sought written public comment on the proposals in the Cybersecurity NPRM, including comment on the IRFA. No comments were filed addressing the IRFA. This Final Regulatory Flexibility Analysis (FRFA) conforms to the RFA.

121. The Nation's K-12 schools and libraries increasing rely on remote, digital learning technologies to connect students, teachers, and library patrons to information, jobs, and other vital learning opportunities. This shift has increased the extent to which schools and libraries rely on networks to connect with student and patrons. This shift has also made school and library networks prime targets for cybersecurity threats and attacks. When these attacks occur, they have the potential to disrupt school and library operations, resulting in a loss of learning, reductions in available bandwidth, significant monetary losses, and the potential for the leak and theft of personal information and confidential data associated with students, school staff and library patrons.

122. The Nation's eligible schools, libraries, and consortia (comprised of eligible schools and libraries) may request universal service discounts for services and equipment to support their network connectivity, including telecommunications services, internet access, and internal connections, through the Commission's E-Rate program. The E-Rate program was created by the Commission in 1997 in response to the Telecommunications Act of 1996. The E-Rate program currently funds basic firewall service provided as part of the vendor's internet service as a category one service and separately-priced basic firewalls as a category two service. The E-Rate program, however, does not currently fund advanced firewalls or other cybersecurity services and equipment that have increasingly been requested by commenters to protect school and library networks from cyber harms over the years.

123. In the Order, the Commission establishes a three-year Pilot Program (Pilot or Pilot Program) funded at $200 million, within the USF but separate from the E-Rate program, to enable it to assess the costs and benefits of utilizing universal service funds to support schools' and libraries' cybersecurity needs and how other Federal resources could be leveraged to ensure that these needs are addressed in the most efficient and effective manner. One objective of the Pilot is to help participants acquire cybersecurity services and equipment, including many of the equipment and services that have specifically been requested by commenters in the record, to improve the security of their broadband networks and data. Another objective of the Pilot is to measure the costs and effectiveness of cybersecurity services and equipment. By making a wide range of cybersecurity services and equipment eligible for USF support, the Pilot will enable the Commission to gather data on the associated cost and effectiveness of various solutions. A further objective of the Pilot is to evaluate how to best leverage other available low-cost and free Federal resources to help schools and libraries proactively address K-12 cybersecurity risks. To ensure that these objectives can be met, the Commission also adopts requirements that Pilot participants provide initial, annual, and final reports so that Pilot participants can be evaluated for their cybersecurity readiness before they begin participation in, during, and after the conclusion of the Pilot Program. By taking these actions, the Commission will be able to better to fulfill its obligation to ensure that schools and libraries have access to advanced telecommunications, as provided for by Congress in the 1996 Act.

124. In addition, the Order finalizes several aspects of the structure and administration of the Pilot based on the proposals made in the Cybersecurity NPRM. For example, the Pilot establishes: (1) that schools and school districts will be eligible to receive up to $13.60 per student, annually, on a pre-discounted basis, to purchase eligible cybersecurity services and equipment, with a pre-discount annual funding floor of $15,000 and a pre-discount annual funding maximum of $1.5 million; (2) a pre-discount annual budget of $15,000 per library, with the provision that library systems with more than 11 sites will be eligible for support up to a pre-discount maximum of $175,000 annually; and (3) that consortia participants comprised of eligible schools and libraries are eligible to receive funding based on student count (using the annual pre-discount $13.60 per student multiplier) and the number of library sites (using the $15,000 per library pre-discount annual budget) subject to either the pre-discount $175,000 annual budget maximum for library systems or pre-discount $1.5 million annual budget maximum for schools depending on the consortium's constituency. While these budgets, including associated maximums and floors, are specified in terms of annualized dollar amounts, participants' expenses are capped based on the full three-year duration of the Pilot and not on an annual basis. Thus, Pilot participants may request reimbursement for expenses as they are incurred even if it means that the amount of funding disbursed to a participant in a given year of the program exceeds their annual budget, so long as the total amount disbursed to a participant over the three-year term does not exceed three times that annual budget. The Pilot requires participants to contribute a portion of the costs of the cybersecurity services and equipment they seek to purchase with Pilot Program support, similar to the non-discount share that E-Rate applicants are required to contribute to the cost of their eligible services and equipment. The Commission also permits all eligible schools and libraries, including those that do not currently participate in the E-Rate program, to apply to participate in the Pilot.

125. The Commission also adopts a P-ESL in the Order, which specifies eligible cybersecurity services and equipment for the Pilot. The P-ESL deems services and/or equipment eligible if they constitute a protection designed to improve or enhance the cybersecurity of a K-12 school, library, or consortia. To provide clarity and specificity to small entity and other participants, the P-ESL also enumerates as eligible, in a non-limiting manner, four categories of technology raised by Start Printed Page 61307 commenters as effective in combatting cyber threats, namely, (i) advanced/next-generation firewalls; (ii) endpoint protection; (iii) identity protection and authentication; and (iv) monitoring, detection, and response. For purposes of the Pilot, the Commission defines: (i) an “advanced” or “next-generation” firewall as equipment, services, or a combination of equipment and services, that limits access between networks, excluding basic firewalls that are funded through the Commission's E-Rate program; (ii) endpoint protection as equipment, services, or a combination of equipment and services that implements safeguards to protect school- and library-owned end-user devices, including desktops, laptops, and mobile devices, against cybersecurity threats and attacks; (iii) identity protection and authentication as equipment, services, or a combination of equipment and services that implements safeguards to protect a user's network identity from theft or misuse and/or provide assurance about the network identity of an entity interacting with a system; and (iv) monitoring, detection, and response as equipment, services, or a combination of equipment and services that monitor and/or detect threats to a network and that take responsive action to remediate or otherwise address those threats. Through the list of examples provided in the P-ESL, the Commission confirms that a wide range of services and equipment that it had proposed for inclusion in the Cybersecurity NPRM, or that commenters had otherwise requested, are eligible. In the Order, the Commission describes that eligibility is limited to equipment that is network-based ( i.e., that excludes end-user devices, including, for example, tablets, smartphones, and laptops) and services that are network-based and/or locally installed on end-user devices, where the devices are owned or leased by the school or library, and where equipment and services are designed to identify and/or remediate threats that could otherwise directly impair or disrupt a school's or library's network, including to threats from users accessing the network remotely.

126. In the Order, it explains that ineligible costs include, among other things, (i) any equipment, service, or other related cost that is eligible in the Commission's E-Rate program eligible services list in the corresponding E-Rate funding year for which Pilot reimbursement is sought, (ii) any equipment, service, or other related cost, or portion thereof, for which a participant has already received reimbursement in full or in part, or plans to apply for reimbursement in full or in part, through any other USF or Federal, state, or local program, and (iii) any equipment or services prohibited by the Secure and Trusted Communications Networks Act of 2019, Public Law 116-124 , 134 Stat. 158 (2020) (codified as amended at 47 U.S.C. 1601-1609 ) (Secure Networks Act) or the Commission's rules, including §§ 54.9 and 54.10 of the Commission's rules, that implement the Secure Networks Act.

127. The Commission designates USAC to be the Administrator for the Pilot. The Commission requires applicants to submit part one of a FCC Form 484 application describing its proposed Pilot project and providing information to facilitate the evaluation and eventual selection of high-quality projects for inclusion in the Pilot. To facilitate the inclusion of a diverse set of Pilot projects and to target Pilot funds to the populations most in need of cybersecurity support, the Commission anticipates selecting projects from, and providing funding to, a combination of large and small and urban and rural schools, libraries, and consortia, with an emphasis on funding proposed Pilot projects that include low-income and Tribal applicants. Further, the Commission encourages participation in the Pilot by a broad range of service providers and do not discourage new companies from participating, nor does it require service providers to have preexisting service provider identification numbers (SPIN) before submitting cybersecurity bids or previous E-Rate experience before participating in the Pilot.

128. In the Order, the Commission describes that it will direct funding to: (1) the neediest eligible schools, libraries, and consortia who will benefit most from cybersecurity funding ( i.e., those at the highest discount rate percentages); (2) as many eligible schools, libraries, and consortia as possible; (3) those schools, libraries, and consortia that include Tribal entities; and (4) a mix of large and small and urban and rural, schools, libraries, and consortia. This will ensure that the Pilot contains a diverse cross-section of applicants with differing cybersecurity postures and experiences. In the event that number of FCC Form 484 applications received exceeds the number of projects that can be funded through the Pilot, the Commission will prioritize selection of Pilot participants by considering their funding needs in combination with the funding needs of the same type(s) of applicants with an eye toward selecting Pilot participants with differing levels of exposure to cybersecurity threats and attacks. In the event that there is insufficient funding to select all of the Pilot participants at a particular discount rate, the Commission will prioritize the selection of Pilot participants within the discount rate using the percentage of students who are eligible for free and reduced lunches within each applicant's school district. Funding for libraries will be prioritized based on the percentage of free and reduced lunch eligible students in the school district that is used to calculate the library's discount rate. Funding for individual schools that are not affiliated financially or operationally with a school district, such as private or charter schools that apply individually, will be prioritized based on each school's individual free and reduced student lunch eligible population.

129. In the Order, the Commission directs the Bureau and the Universal Service Administration Company (USAC or the Administrator) to model the Pilot processes and forms on existing E-Rate and ECF programs' processes and forms to the extent possible for the Pilot Program. The Commission expects the Bureau and USAC to leverage the following Pilot forms, that will mirror existing E-Rate and ECF forms: (1) FCC Form 470 (Description of Services Requested and Certification Form); (2) FCC Form 471 (Description of Services Ordered and Certification Form); (3) FCC Form 472 (Billed Entity Applicant Reimbursement (BEAR) Form); and (4) FCC Form 474 (Service Provider Invoice (SPI) Form).

130. To protect the integrity of the Pilot, and safeguard universal service funds, the Commission implements a number of program integrity protections. For example, it implements document retention requirements and a prohibition on gifts, and the Commission requires applicants provide certain certifications and be subject to auditing. The Commission has modeled these provisions after its E-Rate processes to protect the Pilot and ensure the limited program funding is used for its intended purposes. The Commission also applies its existing suspension are debarment rules to the Pilot. The Commission also delegates to Bureau the authority to address and resolve a number of matters, including unforeseen administrative issues or problems, provided that doing so is consistent with the decisions it reached in the Order. The Commission expects that this action will allow the Bureau and USAC to reduce any undue burdens on applicants and other individual and entities involved in the Pilot Program, Start Printed Page 61308 while ensuring that all program goals are efficient and effectively satisfied.

131. There were no comments filed that specifically address the proposed rules and policies presented in the IRFA.

132. Pursuant to the Small Business Jobs Act of 2010, which amended the RFA, the Commission is required to respond to any comments filed by the Chief Counsel for Advocacy of the Small Business Administration (SBA), and to provide a detailed statement of any change made to the proposed rules as a result of those comments. The Chief Counsel did not file any comments in response to the proposed rules in this proceeding.

133. The RFA directs agencies to provide a description of and, where feasible, an estimate of the number of small entities that may be affected by the rules adopted herein. The RFA generally defines the term “small entity” as having the same meaning as the terms “small business,” “small organization,” and “small governmental jurisdiction.” In addition, the term “small business” has the same meaning as the term “small business concern” under the Small Business Act. A small business concern is one that: (1) is independently owned and operated; (2) is not dominant in its field of operation; and (3) satisfies any additional criteria established by the Small Business Administration (SBA).

134. Small Businesses, Small Organizations, Small Governmental Jurisdictions. The Commission's actions, over time, may affect small entities that are not easily categorized at present. The Commission therefore describes, at the outset, three broad groups of small entities that could be directly affected herein. First, while there are industry specific size standards for small businesses that are used in the regulatory flexibility analysis, according to data from the Small Business Administration's (SBA) Office of Advocacy, in general a small business is an independent business having fewer than 500 employees. These types of small businesses represent 99.9% of all businesses in the United States, which translates to 33.2 million businesses.

135. Next, the type of small entity described as a “small organization” is generally “any not-for-profit enterprise which is independently owned and operated and is not dominant in its field.” The Internal Revenue Service (IRS) uses a revenue benchmark of $50,000 or less to delineate its annual electronic filing requirements for small exempt organizations. Nationwide, for tax year 2022, there were approximately 530,109 small exempt organizations in the U.S. reporting revenues of $50,000 or less according to the registration and tax data for exempt organizations available from the IRS.

136. Finally, the small entity described as a “small governmental jurisdiction” is defined generally as “governments of cities, counties, towns, townships, villages, school districts, or special districts, with a population of less than fifty thousand.” U.S. Census Bureau data from the 2022 Census of Governments indicate there were 90,837 local governmental jurisdictions consisting of general purpose governments and special purpose governments in the United States. Of this number, there were 36,845 general purpose governments (county, municipal, and town or township) with populations of less than 50,000 and 11,879 special purpose governments (independent school districts) with enrollment populations of less than 50,000. Accordingly, based on the 2022 U.S. Census of Governments data, the Commission estimates that at least 48,724 entities fall into the category of “small governmental jurisdictions.”

137. Small entities potentially affected by the rules herein are Schools, Libraries, Telecommunications Resellers, Local Resellers, Wired Telecommunications Carriers, All Other Telecommunications, Wireless Telecommunications Carriers (except Satellite), Wireless Carriers and Service Providers, Wired Broadband internet Access Service Providers (Wired ISPs), Wireless Broadband internet Access Service Providers (Wireless ISPs or WISPs), internet Service Providers (Non-Broadband), Vendors of Infrastructure Development or Network Buildout, Telephone Apparatus Manufacturing, Custom Computer Programming Services, Other Computer Related Services (Except Information Technology Value Added Resellers), Information Technology Value Added Resellers, Software Publishers.

138. While the Commission sought to minimize compliance burdens on small entities where practicable, the rules adopted in the Order will impose new or additional reporting, recordkeeping, and/or other compliance obligations on small entities that participate in the Pilot Program. The adopted rules encompass a broad range of Pilot-related compliance requirements that are summarized in further detail below.

139. Application process. The purpose of the Pilot Program is to better assess the costs and benefits of utilizing universal service funds to support schools' and libraries' cybersecurity needs and how other Federal resources could be leveraged to ensure that these needs are addressed in the most efficient and effective manner. To do so, the Commission requires Pilot applicants to submit, as part of their application to participate in the Pilot, part one (out of two parts) of a new FCC Form 484 application, including by completing appropriate certifications. In this first part of the application, an applicant will provide a general level of cybersecurity information about itself and its proposed Pilot project, and will use pre-populated data, as well as a number of “yes/no” questions and questions with a predetermined set of responses ( i.e., multiselect questions with predefined answers). The applicant will explain how its proposed project meets a number of criteria outlined in the Order. In addition, the applicant must present a clear strategy for addressing the cybersecurity needs of its K-12 school(s) and/or library(ies) pursuant to its proposed Pilot project, and clearly articulate how the project will accomplish the applicant's cybersecurity objectives. After selection for participation Pilot, participants shall submit to USAC a second part to the FCC Form 484, including by completing appropriate certifications. The second part will require that participants provide more detailed cybersecurity data and Pilot project information, including a description of the Pilot participant's current cybersecurity posture, information about the participant's planned use(s) for other Federal, state, or local cybersecurity funding ( i.e., funding obtained outside of the Pilot), and information about a participant's history of cybersecurity threats and attacks within a year of the date of its application. Moreover, the Commission requires applications to be submitted through an online Pilot portal on USAC's website and direct the Bureau to issue a Public Notice that includes details and instructions on how to submit an application using the Pilot portal on USAC's website.

140. Competitive Bidding, Requests for Services, and Invoicing and Reimbursement Processes. The Commission requires Pilot participants to provide information related to competitive bidding, requests for services and invoice and reimbursement information, including associated and appropriate certifications, using new Pilot Program forms that will mirror existing E-Rate and ECF forms: (1) FCC Form 470 (Description of Services Requested and Certification Form);(2) FCC Form 471 (Description of Services Ordered and Certification Form); (3) FCC Form 472 (Billed Entity Applicant Reimbursement (BEAR) Form); and (4) Start Printed Page 61309 FCC Form 474 (Service Provider Invoice (SPI) Form).

141. Reporting Requirements. The Commission requires Pilot participants to submit initial, annual, and final reports. Applicants must provide an initial baseline assessment using information that includes the reporting requirements for the second part of the application process described.

142. Document Retention Requirements. The Commission requires Pilot participants to retain all documents related to their participation in the Pilot Program sufficient to demonstrate compliance with all program rules for at least 10 years from the last date of service or delivery of equipment and to maintain asset and inventory records of services and equipment purchased sufficient to verify the actual location of such services and equipment for a period of 10 years after purchase. This rule requires that Pilot participants must retain documents regarding participation in the Pilot, including asset and inventory records, accumulated during the Pilot, for a period of 10 years. The Commission also requires Pilot participants to present such records upon request of any representative (including any auditor) appointed by a state education department, the Administrator, the Commission, its Inspector General, or any local, state, or Federal agency with jurisdiction over the entity.

143. Pilot Program Certifications. As noted, the Commission requires participants to provide several certifications as part of their FCC Form 484 application, competitive bidding requirements, requests for services, and invoicing processes. Similarly, the Commission requires their selected service providers to provide certifications related to invoicing processes. The Commission also requires Pilot participants and service providers to certify that they are not seeking support or reimbursement for Pilot-eligible services and equipment that has been purchased and reimbursed from other Federal, state, Tribal, or local funding sources or that is eligible for discounts from E-Rate or another universal service program. Pilot participants and service providers must certify that they are seeking funding for only Pilot-eligible services and equipment.

144. Other Delegations. As part of the Order, the Commission also delegates to Bureau the authority to address and resolve a number of procedural or administrative matters, including unforeseen administrative issues or problems, provided that doing so is consistent with the decisions it reached in the Order.

145. The record does not include a detailed cost/benefit analysis that would allow the Commission to quantify the costs of compliance for small entities, including whether it will be necessary for small entities to hire professionals to comply with the adopted rules. However, as program participation by applicants and service providers is voluntary, and the Commission expects that Pilot participants will carefully weigh the benefits, costs, and burdens of participation to ensure that the benefits outweigh their costs. The Commission expects that there may be additional benefits that cannot be easily quantified, such as a reduction in learning downtime caused by cyberattacks, reputational benefits from increased trust in school and library systems, increased digital and cybersecurity literacy among students and staff, and the safeguarding of intellectual property. This limited Pilot Program will enable the Commission to evaluate the benefits of using universal service funding to fund cybersecurity services and equipment against the costs before deciding whether to support it on a permanent basis.

146. The RFA requires an agency to provide, “a description of the steps the agency has taken to minimize the significant economic impact on small entities . . . including a statement of the factual, policy, and legal reasons for selecting the alternative adopted in the final rule and why each one of the other significant alternatives to the rule considered by the agency which affect the impact on small entities was rejected.”

147. In the Order, the Commission takes multiple steps that minimize economic impact on small entities related to the final rules it adopted. The Commission has sought to minimize economic impact on eligible small schools, libraries and consortia by dividing the process of completing the application form for participation in the Pilot (FCC Form 484) into two parts. By requiring that an applicant only complete the first part of the application form, which seeks more general information, with their initial application ( i.e., prior to its decision about whether to approve the entity as a participant in the Pilot), the Commission minimizes the economic impacts associated with filling out the second part of the form in at least two ways. First, applicants that are not selected for participation in the Pilot will never be required to fill out the second portion of the form. Second, applicants that are selected will have additional time to gather and prepare their answers, as compared to an alternate approach where it could have required that the entire form be completed with the initial application.

148. The Commission has also significantly minimized economic impacts on eligible small schools, libraries, consortia and service providers by modeling the Pilot processes and forms, including those related to competitive bidding, requests for services, and invoicing and reimbursement processes, on existing E-Rate and ECF processes and forms. This includes submitting applications using the Pilot portal on USAC's website. The Commission expects this action will meaningfully reduce any economic impact on small entities associated with completing information requested via these forms. First, the Commission expects that many small entity participants, including their potential consultants and advisors, and service providers will be familiar with the substance of the forms from their involvement with the Commission's E-Rate and ECF processes and forms. Second, the Commission expects that even those small entities that may not be involved with the E-Rate and ECF programs may benefit from the significant guidance and information that the Commission and USAC have issued over the years in those programs ( e.g., trainings and instructions materials), that could also be relevant to the Pilot, including future guidance the Bureau will provide about the Pilot Program requirements through a Public Notice. Third, the Commission expects that these forms will generally be easy to use and efficient to complete based on its observation, made over many years, that forms with similar substance have proven effective in the Commission's E-Rate and ECF programs. The Commission thus expect its actions will significantly minimize any economic impact on small entities compared to an alternative approach where it developed Pilot processes and forms that were not related to those already developed in the Commission's E-Rate and ECF programs.

149. The Commission has also designed its reporting requirements to minimize the economic impact on small entities while ensuring that it gathers the information necessary to achieve the goals and ensure the success of the Pilot. In particular, have required only annual reporting from participants during the duration of the Pilot rather than alternate approaches where it could have required either per-incident “real-time” reports based on the occurrence of certain notable cyber Start Printed Page 61310 events or regular but more frequent ( e.g., quarterly) reporting. To further reduce economic impacts on small entities the Commission has also directed the Bureau to consider the development of a standardized reporting form for use by Pilot participants.

150. Additionally, the Commission has also delegated authority to the Bureau to address and resolve a number of matters, including unforeseen administrative issues or problems, provided that doing so is consistent with the decisions it reached in the Order. The Commission expects that that these delegations of authority will permit the Bureau and Administrator to take procedural actions, based on their experience gained managing the Pilot Program, to further reduce, wherever possible, economic impacts on small entities while still ensuring that all Pilot Program goals are effectively and efficiently satisfied.

151. The Commission also will not require the use of specific Federal Government tools and resources in the Pilot as initially suggested in the Cybersecurity NPRM. Further, while several commenters support a shortened Pilot duration of either one year or eighteen months, the Commission adopts its proposed three-year Pilot Program because it will allow us a better opportunity to evaluate whether universal service support should be used to fund cybersecurity services and equipment on a permanent basis. In determining the share of costs, participants will use their category one discount rate to determine the non-discount share of costs, instead of the category two discount proposed in the Cybersecurity NPRM, allowing participants with the highest discount rate to be eligible for support for 90 percent of their costs.

152. The Commission considered, but declined to adopt, proposals to abandon the traditional E-Rate reimbursement structure and instead provide “seed” money at the start of the Pilot, because requiring participants to contribute their funds toward eligible equipment and services helps to safeguard the integrity of the program and is consistent with processes in E-Rate and other universal service programs. However, for the Pilot, the Commission modifies the time to request appeal and waiver of an action by USAC to 30 days instead of the 60-day timeframe in the existing programs. Though commenters assert this will limit flexibility for participants, the Commission thinks the change is appropriate for the Pilot Program because it will allow for faster decisions in a program that has a limited duration.

153. The Commission will send a copy of the Order, including this FRFA, in a report to Congress pursuant to the Congressional Review Act. In addition, the Commission will send a copy of the Order, including the FRFA, to the Chief Counsel for Advocacy of the SBA. A copy of the Order and FRFA (or summaries thereof) will also be published in the Federal Register .

154. OPEN Government Data Act. The OPEN Government Data Act, requires agencies to make “public data assets” available under an open license and as “open Government data assets,” i.e., in machine-readable, open format, unencumbered by use restrictions other than intellectual property rights, and based on an open standard that is maintained by a standards organization. This requirement is to be implemented “in accordance with guidance by the Director” of OMB. The term “public data asset” means “a data asset, or part thereof, maintained by the Federal Government that has been, or may be, released to the public, including any data asset, or part thereof, subject to disclosure under [the Freedom of Information Act (FOIA)].” A “data asset” is “a collection of data elements or data sets that may be grouped together,” and “data” is “recorded information, regardless of form or the media on which the data is recorded.” The Commission delegates authority, including the authority to adopt rules, to the Bureau, in consultation with the agency's Chief Data and Analytics Officer and after seeking public comment to the extent it deems appropriate, to determine whether any data assets maintained or created by the Commission pursuant to the rules adopted herein are “public data assets” and if so, to determine when and to what extent such information should be made publicly available to the extent the Commission has not done so. In doing so, the Bureau shall take into account the extent to which such data assets should not be made publicly available because they are not subject to disclosure under the FOIA.

155. People with Disabilities. To request materials in accessible formats for people with disabilities (Braille, large print, electronic files, audio format), send an email to [email protected] or call the Consumer & Governmental Affairs Bureau at 202-418-0530 (voice).

156. Accordingly, it is ordered, that pursuant to the authority contained in sections 1 through 4, 201 through 202, 254, 303(r), and 403 of the Communications Act of 1934, as amended, 47 U.S.C. 151-154 , 201-202 , 254 , 303(r) , and 403 , the Report and Order is adopted effective August 29, 2024.

157. It is further ordered, that pursuant to the authority contained in sections 1 through 4, 201 through 202, 254, 303(r), and 403 of the Communications Act of 1934, as amended, 47 U.S.C. 151-154 , 201-202 , 254 , 303(r) , and 403 , part 54 of the Commission's rules, 47 CFR part 54 , is amended, and such rule amendments shall be effective August 29, 2024, except for §§ 54.2004, 54.2005, 54.2006, and 54.2008, which are delayed indefinitely. The Commission will publish a document in the Federal Register announcing the effective date for those sections after approved by the Office of Management and Budget as required by the Paperwork Reduction Act.

Communications common carriers
Cybersecurity
Reporting and recordkeeping requirements
Telecommunications

Katura Jackson,

Federal Register Liaison Officer.

For the reasons discussed in the preamble, the Federal Communications Commission amends part 54 of title 47 of the Code of Federal Regulations as follows:

1. The authority citation for part 54 continues to read as follows:

Authority: 47 U.S.C. 151 , 154(i) , 155 , 201 , 205 , 214 , 219 , 220 , 229 , 254 , 303(r) , 403 , 1004 , 1302 , 1601-1609 , and 1752 , unless otherwise noted.

2. Add subpart T to read as follows:

Administrator. The term “Administrator” means the Universal Service Administrative Company.

Applicant. An “applicant” is a school, library, or consortium of schools and/or libraries that applies to participate in the Schools and Libraries Cybersecurity Pilot Program.

Billed entity. A “billed entity” is the entity that remits payment to service providers for services rendered to eligible schools, libraries, or consortia of eligible schools and libraries.

Commission. The term “Commission” means the Federal Communications Commission (FCC).

Connected device. The term “connected device” means a laptop or desktop computer, or a tablet.

Consortium. A “consortium” is any local, Tribal, statewide, regional, or interstate cooperative association of schools and/or libraries eligible for Schools and Libraries Cybersecurity Pilot Program support that seeks competitive bids for eligible services or funding for eligible services on behalf of some or all of its members. A consortium may also include health care providers eligible under subpart G of this part, and public sector (governmental) entities, including, but not limited to, state colleges and state universities, state educational broadcasters, counties, and municipalities, although such entities are not eligible for support.

Cyber incident. An occurrence that actually or potentially results in adverse consequences to an information system or the information that the system processes, stores, or transmits and that may require a response action to mitigate or eliminate the consequences.

Cyber threat. A circumstance or event that has or indicates the potential to exploit vulnerabilities and to adversely impact organizational operations, organizational assets (including information and information systems), individuals, other organizations, or society.

Cyberattac k. An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system or information integrity.

Doxing. The act of compiling or publishing personal information about an individual on the internet, typically with malicious intent.

Educational purposes. For purposes of this subpart, activities that are integral, immediate, and proximate to the education of students, or in the case of libraries, integral, immediate, and proximate to the provision of library services to library patrons, qualify as “educational purposes.”

Elementary school. An “elementary school” means an elementary school as defined in 20 U.S.C. 7801(18) , a non-profit institutional day or residential school, including a public elementary charter school, that provides elementary education, as determined under state law.

Library. A “library” includes:

(1) A public library;

(2) A public elementary school or secondary school library;

(3) A Tribal library;

(4) An academic library;

(5) A research library, which for the purpose of this subpart means a library that:

(i) Makes publicly available library services and materials suitable for scholarly research and not otherwise available to the public; and

(ii) Is not an integral part of an institution of higher education; and

(6) A private library, but only if the state in which such private library is located determines that the library should be considered a library for the purposes of this definition.

Library consortium. A “library consortium” is any local, statewide, Tribal, regional, or interstate cooperative association of libraries that provides for the systematic and effective coordination of the resources of schools, and public, academic, and special libraries and information centers, for improving services to the clientele of such libraries. For the purposes of this subpart, references to library will also refer to library consortium.

National School Lunch Program. The “National School Lunch Program” is a program administered by the U.S. Department of Agriculture and state agencies that provides free or reduced price lunches to economically disadvantaged children. A child whose family income is between 130 percent and 185 percent of applicable family size income levels contained in the nonfarm poverty guidelines prescribed by the Office of Management and Budget (OMB) is eligible for a reduced price lunch. A child whose family income is 130 percent or less of applicable family size income levels contained in the nonfarm income poverty guidelines prescribed by OMB is eligible for a free lunch.

Pilot participant. A “Pilot participant” is an eligible school, library, or consortium of eligible schools and/or libraries selected to participate in the Schools and Libraries Cybersecurity Pilot Program.

Pre-discount price. The “pre-discount price” means, in this subpart, the price the service provider agrees to accept as total payment for its eligible services and equipment. This amount is the sum of the amount the service provider expects to receive from the eligible school, library, or consortium, and the amount it expects to receive as reimbursement from the Schools and Libraries Cybersecurity Pilot Program for the discounts provided under this subpart.

Secondary school. A “secondary school” means a secondary school as defined in 20 U.S.C. 7801(38) , a non-profit institutional day or residential school, including a public secondary charter school, that provides secondary education, as determined under state law except that the term does not include any education beyond grade 12.

Tribal. An entity is “Tribal” if it is a school operated by or receiving funding from the Bureau of Indian Education (BIE), or if it is a school or library operated by any Tribe, Band, Nation, or other organized group or community, including any Alaska native village, regional corporation, or village corporation (as defined in, or established pursuant to, the Alaska Native Claims Settlement Act ( 43 U.S.C. 1601 et seq. ) that is recognized as eligible for the special programs and services provided by the United States to Indians because of their status as Indians.

(a) Cap. The Schools and Libraries Cybersecurity Pilot Program shall have a cap of $200 million.

(b) Pilot participant budgets. Each Pilot participant will be subject to a specific budget. Budgets are specified in terms of annualized dollar amounts, but participants' expenses are capped based on the full three-year duration of the Pilot and participants may seek reimbursement for more than the annual budget for any given Pilot Program year, so long as the total amount disbursed over the three-year term does not exceed three times the applicable annual budget.

(1) Schools. At a minimum, each eligible school or school district will receive a pre-discount budget of $15,000 annually. Schools and school districts with 1,100 students or fewer will be eligible to receive the annual pre-discount $15,000 funding floor. For schools and school districts with more than 1,100 students, the annual budget is calculated using the pre-discount $13.60 per-student multiplier, subject to an annual pre-discount budget maximum of $1.5 million.

(2) Libraries. Each eligible library will receive a pre-discount budget of $15,000 Start Printed Page 61312 annually up to 11 libraries/sites. For library systems with more than 11 libraries/sites, the budget will be up to $175,000 pre-discount annually.

(3) Consortia. Consortia comprised of eligible schools and libraries will be eligible to receive funding based on student count, using the pre-discount $13.60 per-student multiplier and $1.5 million pre-discount funding caps, and the number of library sites, using the pre-discount $15,000 annual per-library budget and $175,000 pre-discount funding caps. Consortia solely comprised of eligible schools or comprised of both eligible schools and libraries are subject to the pre-discount annual $1.5 million budget maximum for schools and school districts. Consortia solely comprised of eligible libraries will be subject to the pre-discount annual $175,000 budget maximum for library systems.

(c) Duration. The Schools and Libraries Cybersecurity Pilot Program shall make funding available to applicants selected to participate in the Pilot for three years, to begin when the applicants selected to participate in the Pilot are first eligible to receive eligible services and equipment ( i.e., from the date of the first funding commitment decision letter).

(d) Rules of prioritization. If total demand for the Schools and Libraries Cybersecurity Pilot Program exceeds the Pilot Program cap of $200 million, funding will be made available as follows:

(1) Schools and libraries eligible for a 90 percent discount shall receive first priority for funds, as determined by the schools and libraries discount matrix in § 54.2007. Funding shall next be made available for schools and libraries eligible for an 80 percent discount, then for a 70 percent discount, and continuing at each descending discount level until there are no funds remaining.

(2) If funding is not sufficient to support all of the funding requests within a particular discount level, funding will be allocated at that discount level using the percentage of students eligible for the National School Lunch Program (NSLP). Thus, if there is not enough support to fund all requests at the 90 percent discount level, funding shall be allocated beginning with those applicants with the highest percentage of NSLP eligibility for that discount level, and shall continue at each descending percentage of NSLP until there are no funds remaining.

(a) Schools. (1) Only schools meeting the definition of “elementary school” or “secondary school”, as defined in § 54.2000, and not excluded under paragraph (a)(2) or (3) of this section, shall be eligible for discounts on supported services under this subpart.

(2) Schools operating as for-profit businesses shall not be eligible for discounts under this subpart.

(3) Schools with endowments exceeding $50,000,000 shall not be eligible for discounts under this subpart.

(b) Libraries. (1) Only libraries eligible for assistance from a State library administrative agency under the Library Services and Technology Act ( 20 U.S.C. 9122 ) and not excluded under paragraph (b)(2) or (3) of this section shall be eligible for discounts under this subpart.

(2) Except as provided in paragraph (b)(4) of this section, a library's eligibility for discounts under this subpart shall depend on its funding as an independent entity. Only libraries whose budgets are completely separate from any schools (including, but not limited to, elementary and secondary schools, colleges, and universities) shall be eligible for discounts as libraries under this subpart.

(3) Libraries operating as for-profit businesses shall not be eligible for discounts under this subpart.

(4) A Tribal college or university library that serves as a public library by having dedicated library staff, regular hours, and a collection available for public use in its community shall be eligible for discounts under this subpart.

(c) Consortia —(1) Consortium Leader. Each consortium seeking support under this subpart must identify an entity or organization that will lead the consortium (the “Consortium Leader”). The Consortium Leader may be an eligible school or library participating in the consortium; a state organization; public sector governmental entity, including a Tribal government entity; or a non-profit entity that is ineligible for support under this subpart. Ineligible state organizations, public sector entities, or non-profit entities may serve as Consortium Leaders or provide consulting assistance to consortia only if they do not participate as potential service providers during the competitive bidding process. An ineligible entity that serves as the Consortium Leader must pass through the full value of any discounts, funding, or other program benefits secured to the eligible schools and libraries that are members of the consortium.

(2) For consortia, discounts under this subpart shall apply only to the portion of eligible services and equipment used by eligible schools and libraries.

(3) Service providers shall keep and retain records of rates charged to and discounts allowed for eligible schools and libraries on their own or as part of a consortium. Such records shall be available for public inspection.

(a) Supported services and equipment. All supported services and equipment are identified in the Schools and Libraries Cybersecurity Pilot Program Eligible Services List (see § 54.502(a)), available on the FCC's website at https://www.fcc.gov/cybersecurity-pilot/cybersecurity-pilot-eligible-services-list . The services and equipment in this subpart will be supported in addition to all reasonable charges that are incurred by taking such services, such as state and Federal taxes. Charges for termination liability, penalty surcharges, and other charges not included in the cost of taking such service shall not be covered by universal service support.

(b) Prohibition on resale. Eligible supported services and equipment shall not be sold, resold, or transferred in consideration of money or any other thing of value, until the conclusion of the Schools and Libraries Cybersecurity Pilot Program, as provided in § 54.2001.

(a) Discount mechanism. Discounts for participants in the Schools and Libraries Cybersecurity Pilot Program shall be set as a percentage discount from the pre-discount price.

(b) Discount percentages. The discounts available to participants in the Schools and Libraries Cybersecurity Pilot Program shall range from 20 percent to 90 percent of the pre-discount price for all eligible services provided by eligible providers. The discounts available shall be determined by indicators of poverty and urban/rurality designation.

(1) For schools and school districts, the level of poverty shall be based on the percentage of the student enrollment that is eligible for a free or reduced price lunch under the National School Lunch Program (NSLP) or a federally-approved alternative mechanism. School districts shall divide the total number of students eligible for the NSLP within the school district by the total number of students within the school district to arrive at a percentage of students eligible. This percentage rate shall then be applied to the discount matrix to set a discount rate for the supported services purchased by all schools within the school district. Independent charter schools, private schools, and other eligible educational facilities should Start Printed Page 61313 calculate a single discount percentage rate based on the total number of students under the control of the central administrative agency.

(2) For libraries and library consortia, the level of poverty shall be based on the percentage of the student enrollment that is eligible for a free or reduced price lunch under the NSLP or a federally-approved alternative mechanism in the public school district in which they are located and should use that school district's level of poverty to determine their discount rate when applying as a library system or as an individual library outlet within that system. When a library system has branches or outlets in more than one public school district, that library system and all library outlets within that system should use the address of the central outlet or main administrative office to determine which school district the library system is in, and should use that school district's level of poverty to determine its discount rate when applying as a library system or as one or more library outlets. If the library is not in a school district, then its level of poverty shall be based on an average of the percentage of students eligible for the NSLP in each of the school districts that children living in the library's location attend.

(3) The Administrator shall classify schools and libraries as “urban” or “rural” according to the following designations. The Administrator shall designate a school or library as “urban” if the school or library is located in an urbanized area or urban cluster area with a population equal to or greater than 25,000, as determined by the most recent rural-urban classification by the Bureau of the Census. The Administrator shall designate all other schools and libraries as “rural.”

(4) Participants in the Schools and Libraries Cybersecurity Pilot Program shall calculate discounts on supported services described in § 54.2003 that are shared by two or more of their schools, libraries, or consortia members by calculating an average discount based on the applicable district-wide discounts of all member schools and libraries. School districts, library systems, or other billed entities shall ensure that, for each year in which an eligible school or library is included for purposes of calculating the aggregate discount rate, that eligible school or library shall receive a proportionate share of the shared services for which support is sought. For schools, the discount shall be a simple average of the applicable district-wide percentage for all schools sharing a portion of the shared services. For libraries, the average discount shall be a simple average of the applicable discounts to which the libraries sharing a portion of the shared services are entitled.

(c) Discount matrix. The Administrator shall use the following matrix to set the discount rate to be applied to eligible services purchased by participants in the Schools and Libraries Cybersecurity Pilot Program based on the participant's level of poverty and location in an “urban” or “rural” area.

Table 1 to Paragraph (c)

% of students eligible for national school lunch programDiscount levelUrban discountRural discount<120251-19405020-34506035-49607050-74808075-1009090

(d) Payment for the non-discount portion of supported services and equipment. A participant in the Schools and Libraries Cybersecurity Pilot Program must pay the non-discount portion of costs for the services or equipment purchased with universal service discounts, and may not receive rebates for services or equipment purchased with universal service discounts. For the purpose of this subpart, the provision, by the provider of a supported service or equipment, of free services or equipment unrelated to the supported service or equipment constitutes a rebate of the non-discount portion of the costs for the supported services and equipment.

(a) Audits. Schools and Libraries Cybersecurity Pilot Program participants and service providers shall be subject to audits and other investigations to evaluate their compliance with the statutory and regulatory requirements in this chapter of the Schools and Libraries Cybersecurity Pilot Program, including those requirements pertaining to what services and equipment are purchased, what services and equipment are delivered, and how services and equipment are being used.

(b) Inspections and investigations. Schools and Libraries Cybersecurity Pilot Program participants and service providers shall permit any representative (including any auditor) appointed by a state education department, the Administrator, the Commission, its Office of Inspector General, or any local, state, or Federal agency with jurisdiction over the entity to enter their premises to conduct inspections for compliance with the statutory and regulatory requirements in this subpart of the Schools and Libraries Cybersecurity Pilot Program.

(a) Recordkeeping requirements. All Schools and Libraries Cybersecurity Pilot Program participants and service providers shall retain all documents related to their participation in the program sufficient to demonstrate compliance with all program rules for at least ten years from the last date of service or delivery of equipment. All Schools and Libraries Cybersecurity Pilot Program applicants shall maintain asset and inventory records of services and equipment purchased sufficient to verify the actual location of such services and equipment for a period of ten years after purchase.

(b) Production of records. All Schools and Libraries Cybersecurity Pilot Program participants and service providers shall produce such records upon request of any representative (including any auditor) appointed by a state education department, the Administrator, the Commission, its Office of Inspector General, or any local, state, or Federal agency with jurisdiction over the entity.

(a) The Universal Service Administrative Company is appointed the Administrator of the Schools and Libraries Cybersecurity Pilot Program and shall be responsible for administering the Schools and Libraries Cybersecurity Pilot Program.

(b) The Administrator shall be responsible for reviewing applications for funding, recommending funding commitments, issuing funding commitment decision letters, reviewing invoices and recommending payment of funds, as well as other administration-related duties.

(c) The Administrator may not make policy, interpret unclear provisions of statutes or rules, or interpret the intent of Congress. Where statutes or the Commission's rules in this subpart are unclear, or do not address a particular situation, the Administrator shall seek guidance from the Commission.

(d) The Administrator may advocate positions before the Commission and its staff only on administrative matters relating to the Schools and Libraries Cybersecurity Pilot Program.

(e) The Administrator shall create and maintain a website, as defined in § 54.5, on which applications for services will be posted on behalf of schools and libraries.

(f) The Administrator shall provide the Commission full access to the data collected pursuant to the administration of the Schools and Libraries Cybersecurity Pilot Program.

(g) The Administrator shall provide performance measurements pertaining to the Schools and Libraries Cybersecurity Pilot Program as requested by the Commission by order or otherwise.

(h) The Administrator shall have the authority to audit all entities reporting data to the Administrator regarding the Schools and Libraries Cybersecurity Pilot Program. When the Commission, the Administrator, or any independent auditor hired by the Commission or the Administrator conducts audits of the participants of the Schools and Libraries Cybersecurity Pilot Program, such audits shall be conducted in accordance with generally accepted government auditing standards.

(i) The Administrator shall establish procedures to verify support amounts provided by the Schools and Libraries Cybersecurity Pilot Program and may suspend or delay support amounts if a party fails to provide adequate verification of the support amounts provided upon reasonable request from the Administrator or the Commission.

(j) The Administrator shall make available to whomever the Commission directs, free of charge, any and all intellectual property, including, but not limited to, all records and information generated by or resulting from its role in administering the support mechanisms, if its participation in administering the Schools and Libraries Cybersecurity Pilot Program ends. If its participation in administering the Schools and Libraries Cybersecurity Pilot Program ends, the Administrator shall be subject to close-out audits at the end of its term.

(a) Parties permitted to seek review of Administrator decision. (1) Any party aggrieved by an action taken by the Administrator must first seek review from the Administrator.

(2) Any party aggrieved by an action taken by the Administrator under paragraph (a)(1) of this section may seek review from the Commission as set forth in paragraph (b) of this section.

(3) Parties seeking waivers of the Commission's rules in this subpart shall seek relief directly from the Commission and need not first file an action for review from the Administrator under paragraph (a)(1) of this section.

(b) Filing deadlines. (1) An affected party requesting review of a decision by the Administrator pursuant to paragraph (a)(1) of this section shall file such a request within thirty (30) days from the date the Administrator issues a decision.

(2) An affected party requesting review by the Commission pursuant to paragraph (a)(2) of this section of a decision by the Administrator under paragraph (a)(1) of this section shall file such a request with the Commission within thirty (30) days from the date of the Administrator's decision. Further, any party seeking a waiver of the Commission's rules under paragraph (a)(3) of this section shall file a request for such waiver within thirty (30) days from the date of the Administrator's initial decision, or, if an appeal is filed under paragraph (a)(1) of this section, within thirty days from the date of the Administrator's decision resolving such an appeal.

(3) Parties shall adhere to the time periods for filing oppositions and replies set forth in § 1.45 of this chapter.

(c) General filing requirements. (1) Except as otherwise provided in this section, a request for review of an Administrator decision by the Commission shall be filed with the Commission's Office of the Secretary in accordance with the general requirements set forth in part 1 of this chapter. The request for review shall be captioned “In the Matter of Request for Review by (name of party seeking review) of Decision of Universal Service Administrator” and shall reference the applicable docket numbers.

(2) A request for review pursuant to paragraphs (a)(1) through (3) of this section shall contain:

(i) A statement setting forth the party's interest in the matter presented for review;

(ii) A full statement of relevant, material facts with supporting affidavits and documentation;

(iii) The question presented for review, with reference, where appropriate, to the relevant Commission rule, Commission order, or statutory provision; and;

(iv) A statement of the relief sought and the relevant statutory or regulatory provision pursuant to which such relief is sought.

(3) A copy of a request for review that is submitted to the Commission shall be served on the Administrator consistent with the requirement for service of documents set forth in § 1.47 of this chapter.

(4) If a request for review filed pursuant to paragraphs (a)(1) through (3) of this section alleges prohibitive conduct on the part of a third party, such request for review shall be served on the third party consistent with the requirement for service of documents set forth in § 1.47 of this chapter. The third party may file a response to the request for review. Any response filed by the third party shall adhere to the time period for filing replies set forth in § 1.45 of this chapter and the requirement for service of documents set forth in § 1.47 of this chapter.

(d) Review by the Wireline Competition Bureau or the Commission. (1) Requests for review of Administrator decisions that are submitted to the Commission shall be considered and acted upon by the Wireline Competition Bureau; provided, however, that requests for review that raise novel questions of fact, law, or policy shall be considered by the full Commission.

(2) An affected party may seek review of a decision issued under delegated authority by the Wireline Competition Bureau pursuant to the rules set forth in part 1 of this chapter.

(e) Standard of review. (1) The Wireline Competition Bureau shall conduct a de novo review of requests for review of decisions issued by the Administrator.

(2) The Commission shall conduct a de novo review of requests for review of decisions by the Administrator that involve novel questions of fact, law, or policy; provided, however, that the Start Printed Page 61315 Commission shall not conduct a de novo review of decisions issued by the Wireline Competition Bureau under delegated authority.

(f) Schools and Libraries Cybersecurity Pilot Program disbursements during pendency of a request for review and Administrator decision. When a party has sought review of an Administrator decision under paragraphs (a)(1) through (3) of this section, the Commission shall not process a request for the reimbursement of eligible equipment and/or services until a final decision has been issued either by the Administrator or by the Commission; provided, however, that the Commission may authorize disbursement of funds for any amount of support that is not the subject of an appeal.

(a) Definitions —(1) School. For the purposes of the certification requirements of this section, school means school, school board, school district, local education agency, or other authority responsible for administration of a school.

(2) Library. For the purposes of the certification requirements of this section, library means library, library board, or authority responsible for administration of a library.

(3) Billed entity. Billed entity is defined in § 54.2000. In the case of a consortium, the billed entity is the lead member of the consortium.

(b) Certifications required. A school or library that receives support for eligible services and equipment through the Schools and Libraries Cybersecurity Pilot Program must make the certifications as described in paragraph (c) of this section.

(c) CIPA certifications. (1) A Schools and Libraries Cybersecurity Pilot Program participant need not complete additional Children's internet Protection Act (CIPA) ( 47 U.S.C. 254(h) and (l) ) compliance certifications if the participant has already certified its CIPA compliance for the schools and libraries universal service support mechanism funding year preceding the start of the Schools and Libraries Cybersecurity Pilot Program ( i.e., has certified its compliance in an FCC Form 486 or FCC Form 479).

(2) Schools and Libraries Cybersecurity Pilot Program participants that have not already certified their CIPA compliance for the schools and libraries universal service support mechanism funding year preceding the start of the Schools and Libraries Cybersecurity Pilot Program ( i.e., have not completed a FCC Form 486 or FCC Form 479), will be required to certify:

(i) That they are in compliance with CIPA requirements under 47 U.S.C. 254(h) and (l) ;

(ii) That they are undertaking the actions necessary to comply with CIPA requirements under 47 U.S.C. 254(h) and (l) as part of their request for support through the Schools and Libraries Cybersecurity Pilot Program, and will come into compliance within one year from the date of the submission of its FCC Form 471; or

(iii) That they are not required to comply with CIPA requirements under 47 U.S.C. 254(h) and (l) because they are purchasing services to be used only in conjunction with student-, school staff- or library patron-owned computers.

(d) Failure to provide certifications —(1) Schools and libraries. A school or library that knowingly fails to submit certifications as required by this section shall not be eligible for support through the Schools and Libraries Cybersecurity Pilot Program until such certifications are submitted.

(2) Consortia. A billed entity's knowing failure to collect the required certifications from its eligible school and library members or knowing failure to certify that it collected the required certifications shall render the entire consortium ineligible for support through the Schools and Libraries Cybersecurity Pilot Program.

(3) Reestablishing eligibility. At any time, a school or library deemed ineligible for equipment and services under the Schools and Libraries Cybersecurity Pilot Program because of failure to submit certifications required by this section may reestablish eligibility for support by providing the required certifications to the Administrator and the Commission.

(e) Failure to comply with the certifications —(1) Schools and libraries. A school or library that knowingly fails to comply with the certifications required by this section must reimburse any funds and support received under the Schools and Libraries Cybersecurity Pilot Program for the period in which there was noncompliance.

(2) Consortia. In the case of consortium applications, the eligibility for support of consortium members who comply with the certification requirements of this section shall not be affected by the failure of other school or library consortium members to comply with such requirements.

(3) Reestablishing compliance. At any time, a school or library deemed ineligible for support through the Schools and Libraries Cybersecurity Pilot Program for failure to comply with the certification requirements of this section and that has been directed to reimburse the program for support received during the period of noncompliance may reestablish compliance by complying with the certification requirements under this section. Upon submittal to the Commission of a certification, the school or library shall be eligible for support through the Schools and Libraries Cybersecurity Pilot Program.

(f) Waivers based on state or local procurement rules and regulations and competitive bidding requirements. Waivers shall be granted to schools and libraries when the authority responsible for making the certifications required by this section cannot make the required certifications because its state or local procurement rules or regulations or competitive bidding requirements prevent the making of the certification otherwise required. The waiver shall be granted upon the provision, by the authority responsible for making the certifications on behalf of schools or libraries, that the schools or libraries will be brought into compliance with the requirements of this section within one year from the date the waiver was granted.

3. Delayed indefinitely, add §§ 54.2004 through 54.2006 to read as follows:

(a) Selection window. The Wireline Competition Bureau shall announce the opening of the Pilot Participant Selection Application Window for applicants to submit a Schools and Libraries Pilot Participant Selection Application.

(b) Participant announcement. The Wireline Competition Bureau shall announce those eligible applicants who have been selected to participate in the Schools and Libraries Cybersecurity Pilot Program following the close of the Pilot Participant Selection Application Window.

(c) Filing the FCC Form 484 to be considered for selection in the Pilot Program. (1) Schools, libraries, or consortia of eligible schools and libraries to be considered for participation in the Schools and Libraries Cybersecurity Pilot Program shall submit the first part of an FCC Form 484 to the Administrator, via a portal established by the Administrator, that contains, at a minimum, the following information:

(i) Name, entity number, FCC registration number, employer identification number, addresses, and Start Printed Page 61316 telephone number for each school, library, and consortium member that will participate in the proposed Pilot project, including the identity of the lead site for any proposals involving a consortium.

(ii) Contact information for the individual(s) who will be responsible for the management and operation of the proposed Pilot project, including name, title or position, telephone number, mailing address, and email address.

(iii) Applicant number(s) and entity type(s), including Tribal information, if applicable, and current E-Rate participation status and discount percentage, if applicable.

(iv) A broad description of the proposed Pilot project, including a description of the applicant's goals and objectives for the proposed Pilot project, a description of how Pilot funding will be used for the proposed project, and the cybersecurity risks the proposed Pilot project will prevent or address.

(v) The cybersecurity equipment and services the applicant plans to request as part of its proposed project, the ability of the project to be self-sustaining once established, and whether the applicant has a cybersecurity officer or other senior-level staff member designated to be the cybersecurity officer for its Pilot project.

(vi) Whether the applicant has previous experience implementing cybersecurity protections or measures, how many years of prior experience the applicant has, whether the applicant has experienced a cybersecurity incident within a year of the date of its application, and information about the applicant's participation or planned participation in cybersecurity collaboration and/or information-sharing groups.

(vii) Whether the applicant has implemented, or begun implementing, any U.S. Department of Education (Education Department) or Cybersecurity and Infrastructure Security Agency (CISA) best practices recommendations, a description of any Education Department or CISA free or low-cost cybersecurity resources that an applicant currently utilizes or plans to utilize, or an explanation of what is preventing an applicant from utilizing these available resources.

(viii) An estimate of the total costs for the proposed Pilot project, information about how the applicant will cover the non-discount share of costs for the Pilot-eligible services, and information about other cybersecurity funding the applicant receives, or expects to receive, from other Federal, state, local, or Tribal programs or sources.

(ix) Whether any of the ineligible services and equipment the applicant will purchase with its own resources to support the eligible cybersecurity equipment and services it plans to purchase with Pilot funding will have any ancillary capabilities that will allow it to capture data on cybersecurity threats and attacks, any free or low-cost cybersecurity resources that the applicant will require service providers to include in their bids, and whether the applicant will require its selected service provider(s) to capture and measure cost-effectiveness and cyber awareness/readiness data.

(x) A description of the applicant's proposed metrics for the Pilot project, how they align with the applicant's cybersecurity goals, how those metrics will be collected, and whether the applicant is prepared to share and report its cybersecurity metrics as part of the Pilot Program.

(2) The first part of the FCC Form 484 shall be signed by a person authorized to submit the application to participate in the Schools and Libraries Cybersecurity Pilot Program on behalf of the eligible school, library, or consortium including such entities. The person authorized to submit the first part of the FCC Form 484 application on behalf of the entities listed on an FCC Form 484 shall also certify under oath that:

(i) “I am authorized to submit this application on behalf of the above-named applicant and that based on information known to me or provided to me by employees responsible for the data being submitted, I hereby certify that the data set forth in this form has been examined and is true, accurate, and complete. I acknowledge that any false statement on this application or on any other documents submitted by this applicant can be punished by fine or forfeiture under the Communications Act ( 47 U.S.C. 502 , 503(b) ), or fine or imprisonment under Title 18 of the United States Code ( 18 U.S.C. 1001 ), or can lead to liability under the False Claims Act ( 31 U.S.C. 3729-3733 ).”

(ii) “In addition to the foregoing, this applicant is in compliance with the rules and orders governing the Schools and Libraries Cybersecurity Pilot Program, and I acknowledge that failure to be in compliance and remain in compliance with those rules and orders may result in the denial of funding, cancellation of funding commitments, and/or recoupment of past disbursements. I acknowledge that failure to comply with the rules and orders governing the Schools and Libraries Cybersecurity Pilot Program could result in civil or criminal prosecution by law enforcement authorities.”

(iii) “By signing this application, I certify that the information contained in this form is true, complete, and accurate, and the projected expenditures, disbursements, and cash receipts are for the purposes and objectives set forth in the terms and conditions of the Federal award. I am aware that any false, fictitious, or fraudulent information, or the omission of any material fact, may subject me to criminal, civil, or administrative penalties for fraud, false statements, false claims, or otherwise. (U.S. Code Title 18, §§ 1001, 286-287, and 1341, and Title 31, §§ 3729-3730 and 3801-3812).”

(iv) The applicant recognizes that it may be audited pursuant to its application, that it will retain for ten years any and all records related to its application, and that, if audited, it shall produce such records at the request of any representative (including any auditor) appointed by a state education department, the Administrator, the Commission and its Office of Inspector General, or any local, state, or Federal agency with jurisdiction over the entity.

(v) “I certify and acknowledge, under penalty of perjury, that if selected, the schools, libraries, and consortia in the application will comply with all applicable Schools and Libraries Cybersecurity Pilot Program rules, requirements, and procedures, including the competitive bidding rules and the requirement to pay the required share of the costs for the supported items from eligible sources.”

(vi) “I certify under penalty of perjury, to the best of my knowledge, that the schools, libraries, and consortia listed in the application are not already receiving or expecting to receive other funding (from any source, federal, state, Tribal, local, private, or other) that will pay for the same equipment and/or services, or the same portion of the equipment and/or services, for which I am seeking funding under the Schools and Libraries Cybersecurity Pilot Program.”

(vii) “I certify under penalty of perjury, to the best of my knowledge, that all requested equipment and services funded by the Schools and Libraries Cybersecurity Pilot Program will be used for their intended purposes.”

(d) Filing the FCC Form 484 once selected to be in the Pilot Program. (1) Schools, libraries, or consortia of eligible schools and libraries selected for participation in the Schools and Libraries Cybersecurity Pilot Program shall submit to the Administrator, via a Start Printed Page 61317 portal established by the Administrator, a second part to the FCC Form 484 that contains, at a minimum, the following information, as applicable:

(i) Information about correcting known security flaws and conducting routine backups, developing and exercising a cyber incident response plan, and any cybersecurity changes or advancements the participant plans to make outside of the Pilot-funded services and equipment.

(ii) A description of the participant's current cybersecurity posture, including how the school or library is currently managing and addressing its current cybersecurity risks through prevention and mitigation tactics.

(iii) Information about a participant's planned use(s) for other Federal, state, or local cybersecurity funding ( i.e., funding obtained outside of the Pilot).

(iv) Information about a participant's history of cybersecurity threats and attacks within a year of the date of its application; the date range of the incident, a description of the unauthorized access; a description of the impact to the school or library, a description of the vulnerabilities exploited and the techniques used to access the system, and identifying information for each actor responsible for the incident, if known.

(v) A description of the specific U.S. Department of Education or Cybersecurity and Infrastructure Security Agency best practices recommendations that the participant has implemented or begun to implement.

(vi) Information about a participant's current cybersecurity training policies and procedures, such as the frequency with which a participant trains its school and library staff and, separately, information about student cyber training sessions, and participation rates.

(vii) Information about any non-monetary or other challenges a participant may be facing in developing a more robust cybersecurity posture.

(2) The second part of the FCC Form 484 shall be signed by a person authorized to submit the second part as a participant in the Schools and Libraries Cybersecurity Pilot Program on behalf of the eligible school, library, or consortium including such entities. The person authorized to submit the second part of the FCC Form 484 application on behalf of the Pilot participants listed on an FCC Form 484 shall also certify under oath that:

(i) “I am authorized to submit this application on behalf of the above-named participant and that based on information known to me or provided to me by employees responsible for the data being submitted, I hereby certify that the data set forth in this form has been examined and is true, accurate, and complete. I acknowledge that any false statement on this application or on other documents submitted by this participant can be punished by fine or forfeiture under the Communications Act ( 47 U.S.C. 502 , 503(b) ), or fine or imprisonment under Title 18 of the United States Code ( 18 U.S.C. 1001 ), or can lead to liability under the False Claims Act ( 31 U.S.C. 3729-3733 ).”

(ii) “In addition to the foregoing, this participant is in compliance with the rules and orders governing the Schools and Libraries Cybersecurity Pilot Program, and I acknowledge that failure to be in compliance and remain in compliance with those rules and orders may result in the denial of funding, cancellation of funding commitments, and/or recoupment of past disbursements. I acknowledge that failure to comply with the rules and orders governing the Schools and Libraries Cybersecurity Pilot Program could result in civil or criminal prosecution by law enforcement authorities.”

(iv) The participant recognizes that it may be audited pursuant to its application, that it will retain for ten years any and all records related to its application, and that, if audited, it shall produce such records at the request of any representative (including any auditor) appointed by a state education department, the Administrator, the Commission and its Office of Inspector General, or any local, state, or Federal agency with jurisdiction over the entity.

(3) In order for a school, library, or consortia of eligible schools and libraries selected for participation in the Schools and Libraries Cybersecurity Pilot Program to retain its status as a Pilot participant and receive Pilot Program support, it will be required to submit the information required by the second part of the FCC Form 484 in the form specified by the Wireline Competition Bureau.

(4) The Wireline Competition Bureau may waive, reduce, modify, or eliminate from the second part of the FCC Form 484, information requirements that prove unnecessary for the sound and efficient administration of the Pilot.

(5) Failure to submit the information required by the second part of the FCC Form 484 may result in removal as a participant in the Pilot Program and/or a referral to the Enforcement Bureau.

(e) Data reporting requirements for participants. (1) In order for a Pilot participant to receive and continue receiving Pilot Program support and retain its status as a Pilot participant, it will be required to submit initial and annual reports, followed by a final report at the completion of the program with the information and in the form specified by the Wireline Competition Bureau.

(2) Prior to the start of the Pilot Program, the Wireline Competition Bureau shall announce the timing and form of the initial, annual, and final reports that Pilot participants must submit.

(3) The Wireline Competition Bureau may waive, reduce, modify, or eliminate Pilot participant reporting requirements that prove unnecessary and require additional reporting requirements that the Bureau deems necessary to the sound and efficient administration of the Pilot. Start Printed Page 61318

(4) Failure to submit initial, annual, and final reports may result in a referral to the Enforcement Bureau, a hold on future disbursements, recission of committed funds, and/or recovery of disbursed funds.

(a) Fair and open competitive bidding process. All participants in the Schools and Libraries Cybersecurity Pilot Program must conduct a fair and open competitive bidding process, consistent with all requirements set forth in this subpart.

Note to Paragraph (a): The following is an illustrative list of activities or behaviors that would not result in a fair and open competitive bidding process: the participant seeking supported services has a relationship with a service provider that would unfairly influence the outcome of a competition or would furnish the service provider with inside information; someone other than the participant or an authorized representative of the participant prepares, signs, and submits the FCC Form 470 and certification; a service provider representative is listed as the FCC Form 470 contact person and the participant allows that service provider to participate in the competitive bidding process; the service provider prepares the participant's FCC Form 470 or participates in the bid evaluation or vendor selection process in any way; the participant turns over to a service provider the responsibility for ensuring a fair and open competitive bidding process; a participant employee with a role in the service provider selection process also has an ownership interest in the service provider seeking to participate in the competitive bidding process; and the participant's FCC Form 470 does not describe the supported services with sufficient specificity to enable interested service providers to submit responsive bids.

(b) Competitive bid requirements. All participants in the Schools and Libraries Cybersecurity Pilot Program shall seek competitive bids, pursuant to the requirements established in this subpart, for all services and equipment eligible for support under § 54.2003, except as provided in paragraph (f) of this section. These competitive bidding requirements apply in addition to any applicable state, Tribal, and local competitive bidding requirements and are not intended to preempt such state, Tribal, or local requirements.

(c) Posting of FCC Form 470. (1) Participants in the Schools and Libraries Cybersecurity Pilot Program shall submit a completed FCC Form 470 to the Administrator to initiate the competitive bidding process. The FCC Form 470 shall include, at a minimum, the following information:

(i) A list of specified services and/or equipment for which the school, library, or consortium requests bids; and

(ii) Sufficient information to enable bidders to reasonably determine the needs of the applicant.

(2) The FCC Form 470 shall be signed by a person authorized to request bids for eligible services and equipment for the eligible school, library, or consortium, including such entities, and shall include that person's certification under penalty of perjury that:

(i) “I am authorized to submit this application on behalf of the above-named participant in the Schools and Libraries Cybersecurity Pilot Program and that based on information known to me or provided to me by employees responsible for the data being submitted, I hereby certify that the data set forth in this form has been examined and is true, accurate, and complete. I acknowledge that any false statement on this application or on other documents submitted by this participant can be punished by fine or forfeiture under the Communications Act ( 47 U.S.C. 502 , 503(b) ), or fine or imprisonment under Title 18 of the United States Code ( 18 U.S.C. 1001 ), or can lead to liability under the False Claims Act ( 31 U.S.C. 3729-3733 ).”

(iii) “By signing this application, I certify that the information contained in this form is true, complete, and accurate. I am aware that any false, fictitious, or fraudulent information, or the omission of any material fact, may subject me to criminal, civil, or administrative penalties for fraud, false statements, false claims, or otherwise. (U.S. Code Title 18, §§ 1001, 286-287, and 1341, and Title 31, §§ 3729-3730 and 3801-3812).”

(iv) The schools meet the definition of “elementary school” or “secondary school”, as defined in § 54.2000, do not operate as for-profit businesses, and do not have endowments exceeding $50,000,000.

(v) Libraries or library consortia eligible for assistance from a State library administrative agency under the Library Services and Technology Act of 1996 do not operate as for-profit businesses and, except for the limited case of Tribal college or university libraries, have budgets that are completely separate from any school (including, but not limited to, elementary and secondary schools, colleges, and universities).

(vi) The services and/or equipment that the school, library, or consortium purchases at discounts will not be sold, resold, or transferred in consideration for money or any other thing of value, except as allowed by § 54.2003(b).

(vii) The school(s) and/or library(ies) listed on this FCC Form 470 will not accept anything of value, other than services and equipment sought by means of this form, from the service provider, or any representatives or agent thereof, or any consultant in connection with this request for services.

(viii) All bids submitted for eligible equipment and services will be carefully considered, with price being the primary factor, and the bid selected will be for the most cost-effective service offering consistent with paragraph (e) of this section.

(ix) The school, library, or consortium acknowledges that support under the Schools and Libraries Cybersecurity Pilot Program is conditional upon the school(s) and/or library(ies) securing access, separately or through this program, to all of the resources necessary to effectively use the requested equipment and services. The school, library, or consortium recognizes that some of the aforementioned resources are not eligible for support and certifies that it has considered what financial resources should be available to cover these costs.

(x) “I will retain required documents for a period of at least 10 years (or whatever retention period is required by the rules in effect at the time of this certification) after the later of the last day of the applicable Pilot Program year or the service delivery deadline for the associated funding request. I also certify that I will retain all documents necessary to demonstrate compliance with the statute ( 47 U.S.C. 254 ) and Commission rules regarding the form for, receipt of, and delivery of equipment and services receiving Schools and Libraries Cybersecurity Pilot Program discounts. I acknowledge that I may be audited pursuant to participation in the Pilot Program.” Start Printed Page 61319

(xi) “I certify that the equipment and services that the participant purchases at discounts will be used primarily for educational purposes and will not be sold, resold, or transferred in consideration for money or any other thing of value, except as permitted by the Commission's rules at 47 CFR 54.2003(b) . Additionally, I certify that the entity or entities listed on this form will not accept anything of value or a promise of anything of value, other than services and equipment sought by means of this form, from the service provider, or any representative or agent thereof, or any consultant in connection with this request for services.”

(xii) “I acknowledge that support under this Pilot Program is conditional upon the school(s) and/or library(ies) I represent securing access, separately or through this program, to all of the resources necessary to effectively use the requested equipment and services. I recognize that some of the aforementioned resources are not eligible for support. I certify that I have considered what financial resources should be available to cover these costs.”

(xiii) “I certify that I have reviewed all applicable Commission, state, Tribal, and local procurement/competitive bidding requirements and that the participant will comply with all applicable requirements.”

(3) The Administrator shall post each FCC Form 470 that it receives from a participant in the Schools and Libraries Cybersecurity Pilot Program on its website designated for this purpose.

(4) After posting on the Administrator's website an FCC Form 470, the Administrator shall send confirmation of the posting to the participant requesting services and/or equipment. The participant shall then wait at least 28 days from the date on which its description of services and/or equipment is posted on the Administrator's website before making any commitments with the selected providers of services and/or equipment. The confirmation from the Administrator shall include the date after which the participant may sign a contract with its chosen provider(s).

(d) Gift restrictions. (1) Subject to paragraphs (d)(3) and (4) of this section, a participant in the Schools and Libraries Cybersecurity Pilot Program may not directly or indirectly solicit or accept any gift, gratuity, favor, entertainment, loan, or any other thing of value from a service provider participating in or seeking to participate in the Schools and Libraries Cybersecurity Pilot Program. No such service provider shall offer or provide any such gift, gratuity, favor, entertainment, loan, or other thing of value except as otherwise provided in this paragraph (d). Modest refreshments not offered as part of a meal, items with little intrinsic value intended solely for presentation, and items worth $20 or less, including meals, may be offered or provided, and accepted by any individuals or entities subject to this subpart, if the value of these items received by any individual does not exceed $50 from any one service provider per year. The $50 amount for any service provider shall be calculated as the aggregate value of all gifts provided during a year by the individuals specified in paragraph (d)(2)(ii) of this section.

(2) For purposes of this paragraph (d):

(i) The term “participant in the Schools and Libraries Cybersecurity Pilot Program” includes all individuals who are on the governing boards of such entities (such as members of a school committee), and all employees, officers, representatives, agents, consultants, or independent contractors of such entities involved on behalf of such school, library, or consortium with the Schools and Libraries Cybersecurity Pilot Program, including individuals who prepare, approve, sign, or submit applications, or other forms related to the Schools and Libraries Cybersecurity Pilot Program, or who prepare bids, communicate, or work with Schools and Libraries Cybersecurity Pilot Program service providers, Schools and Libraries Cybersecurity Pilot Program consultants, or with the Administrator, as well as any staff of such entities responsible for monitoring compliance with the Schools and Libraries Cybersecurity Pilot Program; and

(ii) The term “service provider” includes all individuals who are on the governing boards of such an entity (such as members of the board of directors), and all employees, officers, representatives, agents, consultants, or independent contractors of such entities.

(3) The restrictions set forth in this paragraph (d) shall not be applicable to the provision of any gift, gratuity, favor, entertainment, loan, or any other thing of value, to the extent given to a family member or a friend working for an eligible school, library, or consortium that includes an eligible school or library, provided that such transactions:

(i) Are motivated solely by a personal relationship;

(ii) Are not rooted in any service provider business activities or any other business relationship with any such participant in the Schools and Libraries Cybersecurity Pilot Program; and

(iii) Are provided using only the donor's personal funds that will not be reimbursed through any employment or business relationship.

(4) Any service provider may make charitable donations to a participant in the Schools and Libraries Cybersecurity Pilot Program in the support of its programs as long as such contributions are not directly or indirectly related to Schools and Libraries Cybersecurity Pilot Program procurement activities or decisions and are not given by service providers to circumvent competitive bidding and other Schools and Libraries Cybersecurity Pilot Program rules in this subpart.

(e) Selecting a provider of eligible services and/or equipment. In selecting a provider of eligible services and equipment, participants in the Schools and Libraries Cybersecurity Pilot Program shall carefully consider all bids submitted and must select the most cost-effective service and equipment offerings. In determining which service and equipment offering is the most cost-effective, entities may consider relevant factors other than the pre-discount prices submitted by providers, but price must be the primary factor considered.

(f) Exemption to competitive bidding requirements. Participants in the Schools and Libraries Cybersecurity Pilot Program are not required to file an FCC Form 470 when seeking support for services and equipment purchased from Master Service Agreements negotiated by Federal, state, Tribal, or local governmental entities on behalf of such Pilot participants, if such Master Service Agreements were awarded pursuant to the E-Rate program FCC Form 470 process, as well as applicable Federal, state, Tribal, or local competitive bidding requirements.

(a) Filing of the FCC Form 471. (1) A participant in the Schools and Libraries Cybersecurity Pilot Program shall, upon entering into a signed contract or other legally binding agreement for eligible services and/or equipment, submit a completed FCC Form 471 to the Administrator.

(2) The FCC Form 471 shall be signed by the person authorized to order eligible services or equipment for the participant in the Schools and Libraries Cybersecurity Pilot Program and shall include that person's certification under penalty of perjury that:

(i) “I am authorized to submit this application on behalf of the above-named participant and that based on information known to me or provided to me by employees responsible for the data being submitted, I hereby certify Start Printed Page 61320 that the data set forth in this application has been examined and is true, accurate, and complete. I acknowledge that any false statement on this application or on any other documents submitted by this participant can be punished by fine or forfeiture under the Communications Act ( 47 U.S.C. 502 , 503(b) ), or fine or imprisonment under Title 18 of the United States Code ( 18 U.S.C. 1001 ), or can lead to liability under the False Claims Act ( 31 U.S.C. 3729-3733 ).”

(iii) “By signing this application, I certify that the information contained in this application is true, complete, and accurate, and the projected expenditures, disbursements, and cash receipts are for the purposes and objectives set forth in the terms and conditions of the Federal award. I am aware that any false, fictitious, or fraudulent information, or the omission of any material fact, may subject me to criminal, civil, or administrative penalties for fraud, false statements, false claims, or otherwise. (U.S. Code Title 18, §§ 1001, 286-287, and 1341, and Title 31, §§ 3729-3730 and 3801-3812).”

(iv) The school meets the definition of “elementary school” or “secondary school”, as defined in § 54.2000, does not operate as a for-profit business, and does not have endowments exceeding $50,000,000.

(v) The library or library consortia is eligible for assistance from a State library administrative agency under the Library Services and Technology Act, does not operate as a for-profit business and, except for the limited case of Tribal college and university libraries, have budgets that are completely separate from any school (including, but not limited to, elementary and secondary schools, colleges, and universities).

(vi) The school, library, or consortium listed on the FCC Form 471 application will pay the non-discount portion of the costs of the eligible services and/or equipment to the service provider(s).

(vii) The school, library, or consortium listed on the FCC Form 471 application has conducted a fair and open competitive bidding process and has complied with all applicable state, Tribal, or local laws regarding procurement of the equipment and services for which support is being sought.

(viii) An FCC Form 470 was posted and that any related request for proposals (RFP) was made available for at least 28 days before considering all bids received and selecting a service provider. The school, library, or consortium listed on the FCC Form 471 application carefully considered all bids submitted and selected the most-cost-effective bid for services and equipment in accordance with § 54.2005(e), with price being the primary factor considered.

(ix) The school, library, or consortium listed on the FCC Form 471 application is only seeking support for eligible services and/or equipment.

(x) The school, library, or consortia is not seeking Schools and Libraries Cybersecurity Pilot Program support or reimbursement for the portion of eligible services and/or equipment that have been purchased and reimbursed in full or in part with other Federal, state, Tribal, or local funding, or are eligible for discounts from the schools and libraries universal service support mechanism or another universal service support mechanism.

(xi) The services and equipment the school, library, or consortium purchases using Schools and Libraries Cybersecurity Pilot Program support will be used primarily for educational purposes and will not be sold, resold, or transferred in consideration for money or any other thing of value, except as allowed by § 54.2003(b).

(xii) The school, library, or consortium will create and maintain an equipment and service inventory as required by § 54.2010(a).

(xiii) The school, library, or consortium has complied with all program rules in this chapter and acknowledges that failure to do so may result in denial of funding and/or recovery of funding.

(xiv) The school, library, or consortium acknowledges that it may be audited pursuant to its application, that it will retain for ten years any and all records related to its application, and that, if audited, it shall produce such records at the request of any representative (including any auditor) appointed by a state education department, the Administrator, the Commission and its Office of Inspector General, or any local, state, or Federal agency with jurisdiction over the entity.

(xv) No kickbacks, as defined in 41 U.S.C. 8701 , were paid to or received by the participant, including, but not limited to, their employees, officers, representatives, agents, independent contractors, consultants, family members, and individuals who are on the governing boards, from anyone in connection with the Schools and Libraries Cybersecurity Pilot Program or the schools and libraries universal service support mechanism.

(xvi) The school, library, or consortium acknowledges that Commission rules in this chapter provide that persons who have been convicted of criminal violations or held civilly liable for certain acts arising from their participation in the universal service support mechanisms are subject to suspension and debarment from the program. The school, library, or consortium will institute reasonable measures to be informed, and will notify the Administrator should it be informed or become aware that any of the entities listed on this application, or any person associated in any way with this entity and/or the entities listed on this application, is convicted of a criminal violation or held civilly liable for acts arising from their participation in the universal service support mechanisms.

(b) Service or equipment substitution. (1) A request by a Schools and Libraries Cybersecurity Pilot Program participant to substitute a service or piece of equipment for one identified in its FCC Form 471 must be in writing and certified under penalty of perjury by an authorized person.

(2) The Administrator shall approve such written request where:

(i) The service or equipment has the same functionality;

(ii) The substitution does not violate any contract provisions or state, Tribal, or local procurement laws; and

(iii) The Schools and Libraries Cybersecurity Pilot Program participant certifies that the requested change is within the scope of the controlling FCC Form 470.

(3) In the event that a service or equipment substitution results in a change in the pre-discount price for the supported service or equipment, support shall be based on the lower of either the pre-discount price of the service or equipment for which support was originally requested or the pre-discount price of the new, substituted service or equipment after the Administrator has approved a written request for the substitution.

(c) Mixed eligibility services and equipment. A request for discounts for Start Printed Page 61321 services or equipment that includes both eligible and ineligible components must remove the cost of the ineligible components of the service or equipment from the request for funding submitted to the Administrator.

(d) Application filing window. The Wireline Competition Bureau will announce the opening of the Pilot Participant Selection Application Window for participants to submit FCC Form 471 applications. The filing period shall begin and conclude on dates to the determined by the Wireline Competition Bureau. The Wireline Competition Bureau may implement additional filing periods as it deems necessary.

4. Delayed indefinitely, add § 54.2008 to read as follows:

(a) Submission of request for reimbursement (FCC Form 472 or FCC Form 474). Consistent with the invoicing selection made by the Pilot participant, reimbursement for the costs associated with eligible services and equipment shall be provided directly to the participant, or its service provider(s), seeking reimbursement from the Schools and Libraries Cybersecurity Pilot Program upon submission and approval of a completed FCC Form 472 (Billed Entity Applicant Reimbursement Form) or a completed FCC Form 474 (Service Provider Invoice) to the Administrator.

(1) The FCC Form 472 shall be signed by the person authorized to submit requests for reimbursement for the eligible school, library, or consortium and shall include that person's certification under penalty of perjury that:

(i) “I am authorized to submit this request for reimbursement on behalf of the above-named school, library, or consortium and that based on information known to me or provided to me by employees responsible for the data being submitted, I hereby certify that the data set forth in this request for reimbursement has been examined and is true, accurate, and complete. I acknowledge that any false statement on this request for reimbursement or on other documents submitted by this school, library, or consortium can be punished by fine or forfeiture under the Communications Act ( 47 U.S.C. 502 , 503(b) ), or fine or imprisonment under Title 18 of the United States Code ( 18 U.S.C. 1001 ), or can lead to liability under the False Claims Act ( 31 U.S.C. 3729-3733 ).”

(ii) “In addition to the foregoing, the school, library, or consortium is in compliance with the rules and orders governing the Schools and Libraries Cybersecurity Pilot Program, and I acknowledge that failure to be in compliance and remain in compliance with those rules and orders may result in the denial of funding, cancellation of funding commitments, and/or recoupment of past disbursements. I acknowledge that failure to comply with the rules and orders governing the Schools and Libraries Cybersecurity Pilot Program could result in civil or criminal prosecution by law enforcement authorities.”

(iii) “By signing this request for reimbursement, I certify that the information contained in this request for reimbursement is true, complete, and accurate, and the expenditures, disbursements, and cash receipts are for the purposes and objectives set forth in the terms and conditions of the federal award. I am aware that any false, fictitious, or fraudulent information, or the omission of any material fact, may subject me to criminal, civil, or administrative penalties for fraud, false statements, false claims, or otherwise. (U.S. Code Title 18, sections §§ 1001, 286-287, and 1341, and Title 31, §§ 3729-3730 and 3801-3812).”

(iv) The funds sought in the request for reimbursement are for eligible services and/or equipment that were purchased in accordance with the Schools and Libraries Cybersecurity Pilot Program rules and requirements in this subpart and received by the school, library, or consortium. The equipment and/or services being requested for reimbursement were determined to be eligible and approved by the Administrator.

(v) The non-discounted share of costs amount(s) were billed by the Service Provider and paid in full by the Billed Entity Applicant on behalf of the eligible schools, libraries, and consortia of those entities.

(vi) The school, library, or consortium is not seeking Schools and Libraries Cybersecurity Pilot Program reimbursement for the portion of eligible services and/or equipment that have been purchased and reimbursed in full or in part with other Federal, state, Tribal, or local funding or are eligible for discounts from the schools and libraries universal service support mechanism or other universal service support mechanisms.

(vii) The school, library, or consortium acknowledges that it must submit invoices detailing the items purchased and received along with the submission of its request for reimbursement as required by paragraph (b) of this section.

(viii) The equipment and/or services the school, library, or consortium purchased will not be sold, resold, or transferred in consideration for money or any other thing of value, except as allowed by § 54.2003(b).

(ix) The school, library, or consortium acknowledges that it may be subject to an audit, inspection, or investigation pursuant to its request for reimbursement, that it will retain for ten years any and all records related to its request for reimbursement, and will make such records and equipment purchased with Schools and Libraries Cybersecurity Pilot Program reimbursement available at the request of any representative (including any auditor) appointed by a state education department, the Administrator, the Commission and its Office of Inspector General, or any local, state, or Federal agency with jurisdiction over the entity.

(x) No kickbacks, as defined in 41 U.S.C. 8701 , were paid to or received by the participant, including, but not limited to, their employees, officers, representatives, agents, independent contractors, consultants, family members, and individuals who are on the governing boards, from anyone in connection with the Schools and Libraries Cybersecurity Pilot Program or the schools and libraries universal service support mechanism.

(xi) The school, library, or consortium acknowledges that Commission rules provide that persons who have been convicted of criminal violations or held civilly liable for certain acts arising from their participation in the universal service support mechanisms are subject to suspension and debarment from the program. The school, library, or consortium will institute reasonable measures to be informed, and will notify the Administrator should it be informed or become aware that any of the entities listed on this application, or any person associated in any way with this entity and/or the entities listed on this application, is convicted of a criminal violation or held civilly liable for acts arising from their participation in the universal service support mechanisms.

(xii) No universal service support has been or will be used to purchase, obtain, maintain, improve, modify, or otherwise support any equipment or services produced or provided by any company designated by the Commission as posing a national security threat to the integrity of communications networks or the communications supply chain since the effective date of the designations.

(xiii) No Federal subsidy made available through a program administered by the Commission that provides funds to be used for the capital expenditures necessary for the provision of advanced communications services Start Printed Page 61322 has been or will be used to purchase, rent, lease, or otherwise obtain, any covered communications equipment or service, or maintain, any covered communications equipment or service, or maintain any covered communications equipment or service previously purchased, rented, leased, or otherwise obtained, as required by § 54.10.

(2) The FCC Form 474 shall be signed by the person authorized to submit requests for reimbursement for the service provider and shall include that person's certification under penalty of perjury that:

(i) “I am authorized to submit this request for reimbursement on behalf of the above-named Service Provider and that based on information known to me or provided to me by employees responsible for the data being submitted, I hereby certify that the data set forth in this request for reimbursement has been examined and is true, accurate, and complete. I acknowledge that any false statement on this request for reimbursement or on other documents submitted by this Service Provider can be punished by fine or forfeiture under the Communications Act ( 47 U.S.C. 502 , 503(b) ), or fine or imprisonment under Title 18 of the United States Code ( 18 U.S.C. 1001 ), or can lead to liability under the False Claims Act ( 31 U.S.C. 3729-3733 ).”

(ii) “In addition to the foregoing, the Service Provider is in compliance with the rules and orders governing the Schools and Libraries Cybersecurity Pilot Program, and I acknowledge that failure to be in compliance and remain in compliance with those rules and orders may result in the denial of funding, cancellation of funding commitments, and/or recoupment of past disbursements. I acknowledge that failure to comply with the rules and orders governing the Schools and Libraries Cybersecurity Pilot Program could result in civil or criminal prosecution by law enforcement authorities.”

(iii) “By signing this request for reimbursement, I certify that the information contained in this request for reimbursement is true, complete, and accurate, and the expenditures, disbursements, and cash receipts are for the purposes and objectives set forth in the terms and conditions of the federal award. I am aware that any false, fictitious, or fraudulent information, or the omission of any material fact, may subject me to criminal, civil, or administrative penalties for fraud, false statements, false claims, or otherwise. (U.S. Code Title 18, §§ 1001, 286-287, and 1341, and Title 31, §§ 3729-3730 and 3801-3812).”

(v) The Service Provider is not seeking Schools and Libraries Cybersecurity Pilot Program reimbursement for eligible equipment and/or services for which the Service Provider has already been paid.

(vi) The Service Provider certifies that the school's, library's, or consortium's non-discount portion of costs for the eligible equipment and services has not been waived, paid, or promised to be paid by this Service Provider. The Service Provider acknowledges that the provision of a supported service or free services or equipment unrelated to the supported equipment or services constitutes a rebate of the non-discount portion of the costs as stated in § 54.2007(d).

(vii) The Service Provider acknowledges that it must submit invoices detailing the items purchased and provided to the school, library, or consortium, along with the submission of its request for reimbursement as required by paragraph (b) of this section.

(viii) The Service Provider certifies that it is compliant with the Commission's rules and orders regarding gifts and this Service Provider has not directly or indirectly offered or provided any gifts, gratuities, favors, entertainment, loans, or any other thing of value to any eligible school, library, or consortium, except as provided for in this subpart.

(ix) The Service Provider acknowledges that it may be subject to an audit, inspection, or investigation pursuant to its request for reimbursement, that it will retain for ten years any and all records related to its request for reimbursement, and will make such records and equipment purchased with Schools and Libraries Cybersecurity Pilot Program reimbursement available at the request of any representative (including any auditor) appointed by a state education department, the Administrator, the Commission and its Office of Inspector General, or any local, state, or Federal agency with jurisdiction over the entity.

(x) No kickbacks, as defined in 41 U.S.C. 8701 , were paid by the Service Provider to anyone in connection with the Schools and Libraries Cybersecurity Pilot Program or the schools and libraries universal service support mechanism.

(xi) The Service Provider is not debarred or suspended from any Federal programs, including the universal service support mechanisms.

(xiii) No Federal subsidy made available through a program administered by the Commission that provides funds to be used for the capital expenditures necessary for the provision of advanced communications services has been or will be used to purchase, rent, lease, or otherwise obtain, any covered communications equipment or service, or maintain any covered communications equipment or service, or maintain any covered communications equipment or service previously purchased, rented, leased, or otherwise obtained, as required by § 54.10.

(b) Required documentation. Along with the submission of a completed FCC Form 472 or FCC Form 474, a participant or service provider seeking reimbursement from the Schools and Libraries Cybersecurity Pilot Program must submit invoices detailing the items purchased and received to the Administrator at the time the FCC Form 472 or FCC Form 474 is submitted.

(c) Reimbursement and invoice processing. The Administrator shall accept and review requests for reimbursement and invoices subject to the invoice filing deadlines provided in paragraph (d) of this section.

(d) Invoice filing deadline. Invoices must be submitted to the Administrator within ninety (90) days after the last date to receive service, in accordance with § 54.2001(c).

(e) Invoice deadline extensions. In advance of the deadline calculated pursuant to paragraph (d) of this section, billed entities or service providers may request a one-time extension of the invoice filing deadline. The Administrator shall grant a ninety (90) day extension of the invoice filing deadline, if the request is timely filed.

(f) Choice of payment method. Service providers providing discounted services under this subpart shall, prior to the submission of the FCC Form 471, permit the Schools and Libraries Cybersecurity Pilot Program participant to choose the method of payment for the discounted Start Printed Page 61323 services from those methods offered by the Administrator, including making a full undiscounted payment and receiving subsequent reimbursement of the discount amount from the Administrator.

[ FR Doc. 2024-15866 Filed 7-29-24; 8:45 am]

BILLING CODE 6712-01-P

Executive Orders

Reader Aids

Information.

About This Site
Accessibility
No Fear Act
Continuity Information

IMAGES

Free Ebola Virus Slide PowerPoint Template by Premast on Dribbble
Virus PowerPoint Theme
Free COVID-19 PowerPoint Template
Free Green Virus PowerPoint Template
Virus Infections PowerPoint template
Top 25 Virus PowerPoint Templates To Beat the Invisible Threat

VIDEO

The West Nile Virus Presentation
ebola virus presentation by Evie
Corona Virus
Virus Opener
STUDENT'S PRESENTATION ON COMPUTER VIRUS
STUDENT'S PRESENTATION ON COMPUTER VIRUS

COMMENTS

Free templates about virus for Google Slides and PowerPoint
Virus Presentation templates Medical science is moving ahead at an immense speed! Share the most recent scientific researches, medical advances, and treatments of viruses that have marked the history of humanity, such as the Spanish flu or COVID-19. Gather all the necessary information in one of the presentations designed for Google Slides and ...
Virus Powerpoint Templates and Google Slides Themes
Download your presentation as a PowerPoint template or use it online as a Google Slides theme. 100% free, no registration or download limits. Get these virus templates to create informative presentations about viruses and spread knowledge. No Download Limits Free for Any Use No Signups.
Coronavirus Google Slides themes and PowerPoint templates
Coronavirus Presentation templates Raise awareness about one of the hottest topics of the 21st century by downloading and editing our free PPT templates and Google Slides themes about Coronavirus. Filter by ... West Nile Virus presentation for PowerPoint or Google Slides. Taking care of yourself and of those around you is key!
Free Virus PowerPoint Templates
Preview & Download FREE. Download free Virus PowerPoint templates and slide designs containing images of virus or representations of popular virus. For example, under this category you can find free PowerPoint templates on Corona Virus presentations or COVID-19 PowerPoint templates containing multiple colors and cover images.
Coronavirus Disease Google Slides Theme and PowerPoint Template
Titles come with a grotesque sans font, and body copy complements it with a legible display font. Don't forget to wash your hands before editing the presentation! Features of this template. A medical-themed template with illustrations of viruses and abstract backgrounds; 100% editable and easy to modify; 25 different slides to impress your ...
Best Free Covid Coronavirus & Virus PowerPoint PPT Templates 2024
Before we show you the best free PowerPoint templates with virus themes, here are the top premium coronavirus PowerPoint templates from Envato Elements: 1. Delta Corona Virus PowerPoint Template. First, we've got the Delta Corona Virus PowerPoint template with a modern and clean design. This Covid slides template features 80+ slides.
238 Best Virus-Themed Templates for PowerPoint & Google Slides
238 Best Virus-Themed Templates. CrystalGraphics creates templates designed to make even average presentations look incredible. Below you'll see thumbnail sized previews of the title slides of a few of our 238 best virus templates for PowerPoint and Google Slides. The text you'll see in in those slides is just example text.
COVID Outbreak. Free PPT & Google Slides Template
Add, delete or re-order slide pages based on your needs. It includes a customizable icon family with 80 different icons and a world map (you can change sizes and colors). And more. Use as a Google Slides theme or download as PowerPoint template and edit on your computer. Also export to PDF, JPG, etc.
Free Virus PowerPoint Template
Virus PowerPoint Template. The free Virus PowerPoint Template has a green background with a background image of an illustration of the random virus. It fits with the topic and makes it look very professional. Therefore, the template is suitable for presentations about the viruses, virus outbreaks, coronavirus, SARS, symptoms, transmission ...
Top 25 Virus PowerPoint Templates To Beat the Invisible Threat
These templates are specially designed to ease the work of the user by providing ready-made design and aesthetics. Download RSV Virus Medical Images For PowerPoint. Template 23. Mimivirus questions our understanding that viruses are small as this the largest and most complex virus ever found.
Free Virus Google Slides Themes And Powerpoint Templates
Free Virus Google Slides Themes And Powerpoint Templates. Designing an eyecatching presentation template is time-consuming. Download the following free and ready-to-use Virus powerpoint templates and Google slides themes for the upcoming presentation. You only need to change text, logo or colors on the professional PPT templates.
Free Corona Google Slides Themes and PowerPoint Templates
Free. Social Distancing PowerPoint Presentation Slide. Innovative Covid 19 Mask Presentation Template Slide. Coronavirus PowerPoint PPT Template. Creative Coronavirus Presentation Template Slide Design. Creative Coronavirus Safety PowerPoint Template. Corona Terminology PowerPoint And Google Slides Templates. 12 slides.
Free Coronavirus PowerPoint Templates
Download. Download free PowerPoint templates on COVID-19 or also known as Corona Virus. Under this section you can find templates related to the disease declared Epidemic and then Pandemic by World Health Organization (WHO) in 2020. Download free Coronavirus disease (COVID-19) with information and slides that can be used to present information ...
90+ virus PPT Templates
Single Slides. virus PPT Templates FREE for commercial and personal use! Download over 6,300+ complete free templates in high resolution. Unique slides with a clean and professional look.
Virus Infographics Presentation Template
The Virus Infographics Presentation Template features graphics to boost healthcare presentations about infectious diseases. This is a 7 slides PowerPoint deck containing various layout designs to showcase virus-related information. Viruses are parasites that replicate inside living cells at the microscopic level. As the coronavirus pandemic ...
Virus Infographics Google Slides theme & PowerPoint template
Free Google Slides theme, PowerPoint template, and Canva presentation template. In this new template you will find a whole lot of infographics ready to be used in presentations that talk about viruses. These themed diagrams appear as timelines, maps, columns, hexagons and many more. Some health-related icons are provided too to help you place ...
Virus Template
Free Virus Template for PowerPoint and Google Slides. Main features. 36 slides 100% editable. 16:9 widescreen format suitable for all screens. High quality royalty-free images. Easy to edit layouts for presenting or printing. Included resources: charts, graphs, timelines and diagrams. More than 100 icons customizable in color and size.
171 Best Corona Virus-Themed Templates for PowerPoint & Google Slides
171 Best Corona Virus-Themed Templates. CrystalGraphics creates templates designed to make even average presentations look incredible. Below you'll see thumbnail sized previews of the title slides of a few of our 171 best corona virus templates for PowerPoint and Google Slides. The text you'll see in in those slides is just example text.
Free COVID-19 Presentation Template
Free COVID-19 Presentation Template is designed for preparing PPT presentations with the virus background. The ideal image of a virus is designed for indicating the structure of the virus. Viruses aren't just a threat to public health, they are essential to life on earth. Epidemics and pandemics in history made people fearful of their health ...
Coronavirus PowerPoint Templates for free
Features: Coronavirus PowerPoint Templates. Fully and easily editable (shape color, size, and text) This template has a color theme and will automatically apply color when copied and pasted. It includes a customizable icon family with 135 different icons (Fully editable) Drag and drop image placeholder.
Infectious Disease
Free Google Slides theme, PowerPoint template, and Canva presentation template. Any disease caused by bacteria or viruses invading our body tissues are called infectious diseases. As always, every single bit of information that you can share about this topic to the medical community is welcome. With this template, you'll get a dark-colored ...
10 Top Executive Summary Templates for Visually Impressive Presentations
An executive summary is a snapshot of a long document, such as a report, proposal, or a business plan. It highlights the key points and important information, such as objectives, problems, opportunities, key findings, recommendations, etc. These summaries are specifically meant for CEOs, senior executives, and investors. As these professionals are indulged in overseeing the […]
Free COVID-19 PowerPoint Templates
Free COVID-19 Vaccine PowerPoint Template. Free COVID-19 Vaccine PowerPoint Template is a health and medicine design for the presentations regarding the development of vaccines for COVID-19. The cover slide is featuring an image of a vaccine bottle filled with the vaccine content. It is depicting the vaccine is ready to be applied to the public.
How to Create a Successful Brand Presentation (Tips + Templates)
Minimalistic Black & White Brand Presentation Template. Whenever you need to create a formal, clean-looking brand presentation in a monochromatic palette, this is the option to check. Nine slides with a clear structure that doesn't overwhelm the viewer are perfect for introducing a company, presenting a series of facts, or for in-company ...
Schools and Libraries Cybersecurity Pilot Program
37. Next, the Commission makes endpoint protection, including anti-virus, anti-malware, and anti-ransomware, services and equipment eligible in the Pilot so that participants can protect their networks from potential vulnerabilities introduced by desktops, laptops, mobile devices, and other end-user devices that connect to their networks.
CrowdStrike outage: We finally know what caused it
Insurers have begun calculating the financial damage caused by last week's devastating CrowdStrike software glitch that crashed computers, canceled flights and disrupted hospitals all around the ...