cover
TO: Mayor Richard C. Irvin
FROM: Michael R Pegues, Chief Information Officer
Leela Karumuri, Director Cyber & Technology
DATE: January 27, 2022
SUBJECT:
A resolution to append approved resolution R21-111, dated 4/26/2021 from Data Defenders LLC, 111 Jackson Blvd, Suite 1700, Chicago IL 60604 for $336,697.20. Total amount not to exceed $3,538,912.20 over the five-year contract
PURPOSE:
The City of Aurora, Information Technology (IT) Department is seeking to expand the scope of managed security services to add additional service components that were not included in the DS-002 (R20-311) and DS-003 (R21-111) MSS Order forms and to expand service coverage throughout COA’s technology infrastructure. This change also ratification includes hours of incident response to cover recent incident that COA experienced in October and November 2021.
BACKGROUND:
Data Defenders is being engaged by CoA to provide additional services as described in the following section.
DISCUSSION:
TASK #1 - Incident Response Professional Service Hours
On Nov 4th, 2021 COA was alerted to a potential breach of its Microsoft Office 365 Cloud tenant because of anomalous login attempts being detected on its O365 Cloud tenant.
Initial Analysis:
Security discussions were immediately initiated between City of Aurora IT Leaders and Data Defenders. During these discussions, City of Aurora and Data Defenders quickly identified anomalous login attempts were indicated on targeted end-user systems.
Immediate Response:
Technical controls were implemented on the targeted end-user systems to terminate any access by the malicious attacker(s). Following situational analysis and decisions by COA IT Leaders, we made the decision to implement Multi-factor Authentication (MFA) on all COA end-user accounts which will immediately prevent unauthorized login attempts on COA end-user systems. Data Defenders conducted an examination of all COA end-user cloud accounts to determine if other accounts were impacted.
TASK #2 - Additional Professional Services Hours
The current allocation of hours in the following professional services line items for Order Form DS-003 were exhausted prior to the end of the 2021 contract year (CY). COA has requested that Data Defenders continue to provide services in the following professional service line items and has agreed to replenish those hours to enable continuous service delivery through the end of the CY 2021.
Threat Intelligence and Incident Response:
1) vCISO
2) Annual General Hours Allocation.
3) Annual General Hours Allocation
4) Additional Professional Services Hours
TASK #3 - KnowBe4 Security Awareness Training Software Subscription
COA has requested that Data Defenders assume management and service delivery responsibility for its Phishing and security awareness campaign activities. COA has also requested that Data Defenders implement and manage the KnowBe4 Security Awareness training software point solution as part of the Data Shield Managed Security Service tenant provided to COA.
TASK #4 - eSentire CrowdStrike Anti-Virus Module (Prevention) Subscription
COA’s current subscription for Symantec Anti-Virus protection expired at the end of June 2021 and COA asked Data Defenders to assume responsibility to provide the Anti-Virus Module function as a component of the current eSentire CrowdStrike implementation.
See attached Data Defenders Change Order (COA 20190213-01-DS-003-002) (002).docx
|
Task Description |
Units |
Amount |
|
1) Incident Response Professional Services (2021) |
Hours (389 x $150) |
$58, 350.00 |
|
2) Additional Professional Service Hours (2021) |
Hours (256 x $150) |
$38,400.00 |
|
Total |
|
$96,750.00 |
|
|
|
|
|
3) KB4 Security Awareness Training Software Subscription |
2022 - 2025 |
$80,190.00 |
|
4) eSentire Crowd strike Antivirus (Prevention) Subscription |
2022 - 2025 |
$159,757.20 |
|
Total |
|
$239,947.20 |
Tasks 1 & 2 = $96,750 | To be paid from approved 2021 budget in account # 101-1383-419.32-80 as one-time payments.
Task 3 & 4 = $239,947.20 | An additional amount of $59,989.80 will be added to the original budgeted amount over 4 years (2022 - 2025). The IT budget has sufficient funds to cover the spending in 101-1283-419.32-80.
See summary below:
Budget Year Original Proposed
=====================================================
2021 $327,778.00 N/A
2022 $318,488.00 $378,474.80
2023 $318,488.00 $378,474.80
Optional Years
2024 $318,488.00 $378,474.80
2025 $318,488.00 $378,474.80
The Budget Transfer/Amendment for 2022 is in progress to fund the services from Data Defenders.
IMPACT STATEMENT:
Cyber protection is a necessity, and the City will face increasing insurance costs without the above protective measures. Benefits include but are not limited to:
1) Increase in professional services hours will allow for continuous delivery of services through the end of CY 2021.
2) The CrowdStrike Anti-Virus (Prevention) module will allow for integrated management of prevention and response activities on all COA endpoints.
3) The KnowBe4 Phishing and Security Awareness Point solution will enable COA to continue to manage security awareness training of its employees with the objective of reducing the number of employee related security incidents.
RECOMMENDATIONS:
Request the amended resolution be adopted.
cc: Finance Committee
CITY OF AURORA, ILLINOIS
RESOLUTION NO. _________
DATE OF PASSAGE ________________
title
A Resolution to append approved resolution R21-111, dated 4/26/2021 from Data Defenders LLC, 111 Jackson Blvd, Suite 1700, Chicago IL 60604 for $336,697.20.
body
WHEREAS, the City of Aurora has a population of more than 25,000 persons and is, therefore, a home rule unit under subsection (a) of Section 6 of Article VII of the Illinois Constitution of 1970; and
WHEREAS, subject to said Section, a home rule unit may exercise any power and perform any function pertaining to its government and affairs for the protection of the public health, safety, morals, and welfare; and
WHEREAS, this is an appended Managed Security Service to provide protection to city owned assets related to information and operational technology; and
WHEREAS, the goal is to implement solutions focused on reducing cybersecurity risks, protect city system and assets, and safeguard the City's reputation and financial wellbeing from bad actors; and
WHEREAS, Cyber protection is a necessity and the City will face increasing insurance costs without the above protective measures. Furthermore, the potential cost of a substantial breach could be many times this 5-year $3 million investment in protecting the City;
WHEREAS, Tasks 1 & 2 = $96,750 | To be paid from approved 2021 budget in account # 101-1383-419.32-80 as one-time payments.
WHEREAS, Task 3 & 4 = $239,947.20 | An additional amount of $59,989.80 will be added to the original budgeted amount over 4 years (2022 - 2025). IT will be submitting a budget transfer amendment to account 101-1283-419.32-80 for 2022.
NOW, THEREFORE, BE IT RESOLVED by the City Council of the City of Aurora, Illinois, as follows: A resolution to amend approved resolution R21-111, dated 4/26/2021 from Data Defenders LLC, 111 Jackson Blvd, Suite 1700, Chicago IL 60604 for $336,697.20. The Director of Purchasing is authorized to execute a revised agreement with Data Defenders in a total amount not to exceed $3,538,912.20 over five-year contract.