cover
TO: Mayor Richard C. Irvin
FROM: Leela Karumuri, Director Cyber and Technology Risk
Michael R. Pegues, Chief Information Officer
Ken Schroth, Director of Public Works
Martin Lyons, Chief Financial Officer/City Treasurer
DATE: March 31, 2021
SUBJECT:
A resolution to amend approved resolution R20-311, dated December 22, 2020, (legistar item 20-0815) from Data Defenders LLC, 111 Jackson Blvd, Suite 1700, Chicago IL 60604 for $1,601,730. Total amount not to exceed $3,202,215 over the five-year contract.
PURPOSE:
The City of Aurora, Information Technology (IT) Division is seeking to expand the scope of managed security services to include the City of Aurora Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) infrastructure.
In addition to IT components, this amendment will cover SCADA, the centralized system that monitors and controls the water treatment and distribution systems (including mains and storage) for the entire area city. This supervisory system gathers data on the process and sends the commands control to the process.
Gartner, the City's technology advisor, defines operational technology (OT) as, "Hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes and events in asset-centric enterprises, particularly in production and operations."
BACKGROUND:
Goal # 1: Implementing a Cybersecurity Program, Operation, and Technical Infrastructure of the City's OT Infrastructure which will include the following components:
Service Additions:
1. eSentire esNetwork Managed Detection and Response Service.
2. esEndpoint Detection and Response Powered by CrowdStrike Services.
3. Sentinel SEIM Management (includes Security Device Management or 3 devices).
4. Vulnerability Management
Goal# 2: Adding the following Professional Services Tasks:
Service Additions:
1. Risk Assessment
2. Internal/External Penetration Testing.
3. vCISO Professional Servi...
Click here for full text