Specifications include, but are not limited to: On-Premise: Servers: 30 (Windows OS); Network Nodes: 40 (Switches, Routers, etc); Firewalls: 4 (2 Active/ 2Passive scenario); Endpoints: 500 (Desktops, Laptops); Cloud: AWS Servers: • Windows: 6; • Linux: 2 ; 1. Security Monitoring and Incident Detection: - 24x7x365 monitoring of the County's network systems and applications for potential security incidents . - Real-time threat detection using advanced security tools, techniques, and threat intelligence sources. - Incident triage, analysis, and escalation as per predefined protocols. 2. Incident Response: - Rapid response to security incidents, including containment, eradication, and recovery activities. - Incident reporting, documentation, and post-incident analysis for continuous improvement. - Detailed incident handling procedures, including defined response times and escalation paths for different types of incidents. - Clear communication channels for reporting and responding to security incidents. 3. Threat Intelligence: - Proactive identification and monitoring of emerging threats, vulnerabilities, and attack vectors. - Regular threat intelligence reports and recommendations for the County's cybersecurity posture enhancement. - Advising on the implementation of best practices, security controls, and countermeasures. 4. Reporting and Metrics: - Regular reports on security incidents, threat landscape, and SOC performance. - Specified employees of Kendall County should have access to a Security dashboard. - Customizable reporting options based on the County's requirements. - Logs must be kept for a duration of at least 12 months. 5. Cloud Security Monitoring: -Capabilities for monitoring and securing cloud environments (e.g., AWS, Azure) to protect cloud-based assets and workloads. -Support for hybrid environments to monitor both on-premises and cloud resources. 6. Disaster Recovery and Business Continuity Planning: - Collaboration with County's IT team to develop and review disaster recovery and business continuity plans. - Testing of these plans periodically to ensure their effectiveness in case of an incident will be conducted by the County IT team.
