Title
Information Technologies Department recommending the Board consider the following:
1) Make findings in accordance with Procurement Policy C-17, Section 3.4.2 (a), that the cybersecurity consulting services agreement with The Institute for Applied Network Security, LLC (IANS) is exempt from competitive bidding due to a technological, specialized, unique character of the good requiring it to be purchased from a specified vendor;
2) Approve and authorize the Purchasing Agent to sign Order Form-1 for Amendment I to Agreement 8295 with IANS to increase compensation by $8,000, making the new not-to-exceed amount $218,000, and update the scope of work to include one Live Online Training Seat for the period of April 15, 2024, through April 14, 2025; and
3) Authorize the Purchasing Agent to execute any necessary amendments relating to Master Services Agreement 8295, excluding term extensions and increases in compensation, contingent upon approval by County Counsel and Risk Management.
FUNDING: General Fund.
Body
DISCUSSION / BACKGROUND
The Institute for Applied Network Security, LLC (IANS) provides expert cybersecurity consulting services, including access to unlimited “ask-an-expert” requests, a peer community, portal tools, templates, communications and trainings, and premium executive coaching. IANS forms direct partnerships with all clients and is a leader in providing experience-based security insights for Chief Information Security Officers (CISO) and their teams. The Information Technologies (IT) Department has previously contracted with Liebert Security, LLC and Foresite Cybersecurity, Inc. for virtual CISO services but was looking for better support for the County’s new CISO and team that could help guide, augment, and support the County’s vital Cybersecurity team and infrastructure needs. As a result, the IT Department contracted with IANS in January 2024 to provide these services for the County for a three-year term in the prepaid amount of $210,000. The original purchase was done as a three-year prepay in order to save an additional 5% of the service costs, saving the County $13,125 for this robust service offering.
IANS has been a trusted partner in the security community for over 20 years and has the tools and support to help the County’s CISO make informed decisions, increase the County’s security structure, and keep the County’s networks compliant and secure. IANS provides training, webinars, and other events to keep customers aware of emerging threats, best practices, and security enhancements. IANS has bundled many aspects of the possible Cybersecurity support needs an agency or business may have. Having deep-domain insights are invaluable, and IANS matches Information Security Offices with the proper experts to provide step-by-step guidance for teams facing security challenges. They provide areas of expertise in such items as governance, risk management, compliance, threats and vulnerabilities, incident response and recovery, data protection, security operations, infrastructure, identity and access management, networking, application development, enterprise software, cloud computing, mobility and communications, and management and leadership. No other solution has as many solution offerings or as vast a peer network in the cybersecurity space. Procurement Policy C-17, Section 3.4, Exemptions to Competitive Bidding, subsection 2(a), Sole Source/Single Source, allows for an exemption from Competitive Bidding due to a technological, specialized, unique character of the good requiring it to be purchased from a specified vendor.
The proposed Order Form-1 for Amendment I to Agreement 8295 with IANS will allow for an increase of compensation of $8,000, making the new total compensation amount $218,000, and update the scope of work to include one Live Online Training Seat for the period of April 15, 2024, through April 14, 2025.
ALTERNATIVES
The Board could choose not to approve Order Form-1 for Amendment I to Agreement 8295 with IANS, however, this would prevent IT from obtaining Live Online Training from IANS, who is currently providing specific and unique cybersecurity consulting services for the IT Department.
PRIOR BOARD ACTION
23-2124 - On January 1, 2024, the Board authorized the Purchasing Agent to sign Master Services Agreement 8295 and Order Form with IANS to provide cybersecurity consulting services for a three-year term in the amount of $210,000.
OTHER DEPARTMENT / AGENCY INVOLVEMENT
Procurement & Contracts and County Counsel.
CAO RECOMMENDATION / COMMENTS
Approve as recommended.
FINANCIAL IMPACT
The IT Department FY 2023-24 Budget and requested FY 2024-25 Budget contain sufficient appropriations for this additional cost.
CLERK OF THE BOARD FOLLOW UP ACTIONS
N/A
STRATEGIC PLAN COMPONENT
N/A
CONTACT
Tonya Digiorno, Director of Information Technologies