cover
TO: Mayor Richard C. Irvin
FROM: Michael R Pegues, Chief Information Officer
Leela Karumuri, Director Cyber & Technology
DATE: January 27, 2022
SUBJECT:
A resolution to append approved resolution R21-111, dated 4/26/2021 from Data Defenders LLC, 111 Jackson Blvd, Suite 1700, Chicago IL 60604 for $336,697.20. Total amount not to exceed $3,538,912.20 over the five-year contract
PURPOSE:
The City of Aurora, Information Technology (IT) Department is seeking to expand the scope of managed security services to add additional service components that were not included in the DS-002 (R20-311) and DS-003 (R21-111) MSS Order forms and to expand service coverage throughout COA's technology infrastructure. This change also ratification includes hours of incident response to cover recent incident that COA experienced in October and November 2021.
BACKGROUND:
Data Defenders is being engaged by CoA to provide additional services as described in the following section.
DISCUSSION:
TASK #1 - Incident Response Professional Service Hours
On Nov 4th, 2021 COA was alerted to a potential breach of its Microsoft Office 365 Cloud tenant because of anomalous login attempts being detected on its O365 Cloud tenant.
Initial Analysis:
Security discussions were immediately initiated between City of Aurora IT Leaders and Data Defenders. During these discussions, City of Aurora and Data Defenders quickly identified anomalous login attempts were indicated on targeted end-user systems.
Immediate Response:
Technical controls were implemented on the targeted end-user systems to terminate any access by the malicious attacker(s). Following situational analysis and decisions by COA IT Leaders, we made the decision to implement Multi-factor Authentication (MFA) on all COA end-user accounts which will immediately prevent unauthorized login attempts on COA end-user systems. Data Defenders conducted an examination of all COA end-user cloud accounts to determine if other...
Click here for full text