RFP CYBER SECURITY Project Description :Mitigate Phishing - Provide simulated phishing attacks to test awareness at least annually Provide security awareness training Provide a documented response plan to respond to Phishing campaigns Protection from malicious websites and or email- Currently have: E-mail filtering solution which blocks known malicious attachments and suspicious file types, including executables. E-mail filtering solution which blocks suspicious messages based on their content or attributes of the sender. Web-filtering solution which stops employees from visiting known malicious or suspicious web pages. Block uncategorized and newly registered domains using web proxies or DNS filters. Web-filtering solution which blocks known malicious or suspicious downloads, including executables. Upgrades: E-mail filtering solution has the capability to run suspicious attachments in a sandbox. Web filtering capabilities that are effective on all corporate assets, even if the
corporate asset is not on a corporate network (e.g. assets are configured to utilize cloud-based web filters or require a VPN connection to browse the internet). Multifactor Authentication – Access to all systems including cloud based services where sensitive data may reside to require MFA Authentication for contractors and vendors remotely accessing corporate resources to require MFA Compromise of devices- Compromise of any single device only compromise a single authenticator All workstations have antivirus with heuristic capabilities End point security tools with behavioral-detection and exploit mitigation capabilities. Access for Town Staff to monitor output of security tools Option of 24/7 Security Operations Center(Managed by provider) RFP – TOV Cyber Security Page 6 of 9 Provide average response time to Triage and contain security incidents(ie. >30 minutes, 30 min – 2 hours, etc.) Provide system that allows updates to installed programs without local administrator access. That is to limit the number of users that are in the administrators group or that have local admin access to their workstations. Automated patching procedure to deploy critical patches within 24-72 hours. Provide simulated threat to test security controls annually Provide/Help configure Full Disk Encryption for all portal devices. MDM services – Provide an option for Mobile Device Management for all Town owned mobile devices. (cellphone and tablets)