Title
Information Technologies Department recommending the Board consider the following:
1) Make findings in accordance with Procurement Policy C-17, Section 3.4.2 (a), that the cybersecurity consulting services agreement with The Institute for Applied Network Security, LLC (IANS) is exempt from Competitive Bidding due to a technological, specialized, unique character of the good requiring it to be purchased from a specified vendor;
2) Approve and authorize the Purchasing Agent to sign Master Services Agreement 8295 and Order Form with IANS to provide cybersecurity consulting services for a three-year term in the amount of $210,000; and
3) Authorize the Purchasing Agent to execute any necessary amendments relating to Master Services Agreement 8295, excluding term extensions and increases in compensation, contingent upon approval by County Counsel and Risk Management.
FUNDING: General Fund.
Body
DISCUSSION / BACKGROUND
The Institute for Applied Network Security, LLC (IANS) provides expert cybersecurity consulting services, including access to unlimited “ask-an-expert” requests, a peer community, portal tools, templates, communications and trainings, and premium executive coaching. IANS forms direct partnerships with all clients and is a leader in providing experience-based security insights for Chief Information Security Officers (CISO) and their teams. The IT Department has previously contracted with Liebert Security, LLC and Foresite Cybersecurity, Inc. for virtual CISO services but was looking for better support for the County’s new CISO and team that could help guide, augment, and support the County’s vital Cybersecurity team and infrastructure needs.
IANS has been a trusted partner in the security community for over 20 years and has the tools and support to help the County’s CISO make informed decisions, increase the County’s security structure, and keep the County’s networks compliant and secure. IANS provides training, webinars, and other events to keep customers aware of emerging threats, best practices, and security enhancements. IANS has bundled many aspects of the possible Cybersecurity support needs an agency or business may have. Having deep-domain insights are invaluable, and IANS matches Information Security Offices with the proper experts to provide step-by-step guidance for teams facing security challenges. They provide areas of expertise in such items as governance, risk management, compliance, threats and vulnerabilities, incident response and recovery, data protection, security operations, infrastructure, identity and access management, networking, application development, enterprise software, cloud computing, mobility and communications, and management and leadership. No other solution has as many solution offerings or as vast a peer network in the cybersecurity space. Procurement Policy C-17, Section 3.4, Exemptions to Competitive Bidding, subsection 2(a), Sole Source/Single Source, allows for an exemption from Competitive Bidding due to a technological, specialized, unique character of the good requiring it to be purchased from a specified vendor.
The proposed Master Services Agreement 8295 and Order Form will allow IANS to provide cybersecurity consulting services for a three-year term in the amount of $210,000. The Information Technologies Department has previously used Liebert and Foresite for virtual CISO services, but these small scope projects are expensive and lack the breadth of coverage of IANS. IANS provides unlimited expert support for the County’s Information Security Office in the full-spectrum of network, security, cloud, and mobile computing management, along with tools, training, and peer network access for $70,000 per year.
ALTERNATIVES
The Board could choose not to approve Agreement 8295 with IANS, however, this would require the IT Department to locate and initiate services with another vendor who would not be able to provide the specific and unique services that the department is looking for.
PRIOR BOARD ACTION
N/A
OTHER DEPARTMENT / AGENCY INVOLVEMENT
Procurement & Contracts and County Counsel.
CAO RECOMMENDATION / COMMENTS
Approve as recommended.
FINANCIAL IMPACT
The IT Department FY 2023-24 Recommended Budget contains sufficient appropriations for this cost. Future years’ costs will be budgeted appropriately.
CLERK OF THE BOARD FOLLOW UP ACTIONS
N/A
STRATEGIC PLAN COMPONENT
Good Governance.
CONTACT
Tonya Digiorno, Director of Information Technologies