Specifications include, but are not limited to: 1) Financial protections a. Financial protections to address expenses associated with the investigation/management of a cybersecurity event i. Engagement of external services (see section 2) ii. Electronic discovery tools iii. Forensics tools / detection and monitoring technology b. Financial protections to address expenses associated with resolution of a cybersecurity event i. Ransomware payments ii. Breach notifications iii. I.T. hardware/software replacement iv. Biomedical device replacement v. Errors and Omissions/ Media Liability vi. Identity theft protection vii. Regulatory reporting and compliance expenses, including fines c. Financial protection to address financial losses incurred relating to interruption of business operations associated with a cybersecurity event d. Financial protection to address losses incurred related to the disruption of services delivered to the University by third-party (vendor, supply chain) product or services due to a cyber security event 2. Professional services for cybersecurity incident response (please include information regarding service level agreements, response times, and activation processes associated with these services.) a. Crisis communication management (internal and external) b. Forensics expertise for the broad range of IT devices, systems and services deployed at the University c. Cloud services management d. Ransomware negotiations and services to include performing the transaction e. Biomedical device / Diagnostic imaging systems management expertise f. Regulatory expertise, to include ensuring compliance with all regulations related to investigation and reporting of any cyber attack g. Work with University legal counsel or outside legal counsel engaged by University legal counsel to protect communications that may be related to court cases h. Law enforcement engagement i. Vendor consultation / management j. Overall incident management k. Address the ability to provide services and insurance based on the current climate of employees working remotely (domestically and/or internationally l. Whether products and services are available a la carte or if only sold in packages m. any services or issues that would be significant to University cyber security that wasn't included in this list n. relevant workflow documents, if applicable, to any products or services
