TOWN STAFF REPORT RECCOMENDATIONS
title
Consider approving Resolution 23-60 authorizing the expenditure of budgeted funds for Inspira Enterprises to conduct an Information Technology Security Assessment and develop an IT Security Strategy and Roadmap; and take appropriate action (Jason Power, Director of Information Technology)
body
STAFF: Jason Power, Information Technology Director
BACKGROUND:
The Town of Westlake has received quotes from five vendors to provide an independent and impartial assessment of our network security and cyber defense capabilities as part of our effort to assess and improve organizational cyber resilience and preparedness. After careful review, staff recommends that the Council approve expending budgeted funds for a security assessment and a security strategy and roadmap deliverable with Inspira Enterprise. Inspira quoted the fixed-cost price for a 5-week cybersecurity program assessment at $25,000, with 50% due at the signing of the Statement of Work (contract) and the final 50% due at the delivery of the Final Report (final deliverables).
Inspira recommends starting with a current state maturity and IT security capabilities assessment that will provide an understanding of The Town of Westlake's cybersecurity posture, identify high-impact and high-risk opportunities for immediate action, a target state of maturity based on The Town's specific organizational risks and requirements, and development of both short and long-term focused enterprise-wide IT Security Strategy and Roadmap deliverable.
The assessment shall be performed against:
* National Institute of Standards and Technology Cybersecurity Framework (NIST CSF)
* Service Organizational Control (SOC 2)
For a period of up to five (5) weeks, Inspira will leverage a team of experts to provide professional services to complete the identified activities and deliver a roadmap of recommendations resulting from any identified findings.
Further Background:
Staff received quotes ...
Click here for full text