TOWN STAFF REPORT RECCOMENDATIONS
title
Consider approving expenditure of budgeted funds for the continuation of services from Arctic Wolf Managed Network Security Services for one year in the amount of $63,064.62; and take appropriate action (Jason Power, Director of Information Technology)
body
STAFF: Jason Power, Information Technology Director
BACKGROUND:
Arctic Wolf Networks is a cybersecurity company that provides security monitoring to detect and respond to cyber threats. The company monitors on-premises computers, networks and cloud-based information assets from malicious activity such as cybercrime, ransomware, and malicious software attacks. Powered by threat telemetry spanning endpoint, network, and cloud sources, the Arctic Wolf Security Operations Cloud ingests and analyzes trillions of security events each week to enable critical outcomes for most security use cases.
The Town of Westlake and Westlake Academy have used Arctic Wolf Managed Network Security Services since October 2021. Staff is recommending continuation of these services in FY24 with a one-year renewal at a TIPS cooperative pricing cost of $63,064.62. TIPS (The Interlocal Purchasing Cooperative) is a national purchasing cooperative managed by ESC Region 8 in Pittsburg, Texas, and provides access to competitively procured contract pricing that is in compliance with Texas state statutes and rules for procurement.
We utilize the following services: Arctic Wolf Managed Detection and Response, Arctic Wolf Managed Risk, Arctic Wolf Incident Response, and Arctic Wolf Security Operations Warranty.
Managed Detection and Response: Monitor, Detect, and Respond to Cybersecurity Threats
The Arctic Wolf Platform delivers automated threat detection and response . Spanning thousands of installations, the Arctic Wolf Platform processes over 3 trillion security events weekly. The platform collects and enriches endpoint, network, and cloud telemetry and then analyzes it with multiple detection engines. Machine learning and custom detection rules then deliver personalized protection for our organization.
The vendor-neutral Arctic Wolf Platform enables broad visibility and works seamlessly with our existing technology stacks, eliminating blind spots. The on-premise Arctic Wolf scanners discover and profile assets and collect data and security event observations from multiple sources on our networks. Our environment is monitored for threats and risks around the clock. The Arctic Wolf platform detects and responds to critical security incidents within minutes to prevent the spread of threats.
Arctic Wolf services include a Concierge 24x7 Security team that investigates all suspicious activity and notifies us of real issues, eliminating false positives. We are able to conduct additional investigations, if needed, easily. Also, we have regular meetings with the Arctic Wolf Security Team to review our overall security posture and find areas of improvement that are optimized for our environment.
Managed Risk:
We work with the Arctic Wolf Team to identify all assets in our environment, defining our attack surface across the network, perimeter, host, and accounts. Then the team contextualizes our attack surface coverage with risk policies, asset criticalities, and SLOs (service level objectives). This contextualization enables us to prepare our environment to end cyber risk. Once we have that perspective, the Concierge Security Team assesses and provides us with the risk priorities in the environment and advise us on remediation actions to ensure we are benchmarking against configuration best practices and continually hardening our security posture.
Incident Response:
If there is a cybersecurity event, Arctic Wolf provides guided remediation. They work with us on detection, response, and remediation to validate that the threat has been neutralized and verify it has not returned. They provide deep investigation into the root cause of incidents to promote the creation of customized rules and workflows that harden our security posture.
Arctic Wolf Security Operations Warranty:
In the event of a cyberattack, Arctic Wolf Security Operations Warranty provides up to $1,000,000 in financial assistance for recovery activities, legal and regulatory expenses, and other associated business costs.
FISCAL IMPACT:
The approved FY24 budget includes funding for Arctic Wolf for up to $66,000.
STAFF RECOMMENDATION:
Staff recommends approving the expenditure of budgeted funds for the continued use of managed network security services provided by Arctic Wolf.
ATTACHMENT(S):
1) Arctic Wolf Quote
2) Resolution 23-61
TOWN COUNCIL ACTION/OPTIONS:
1) Motion to approve
2) Motion to amend with the following stipulations (please state stipulations in motion)
3) Motion to table
4) Motion to deny