Specifications include, but are not limited to: perform an assessment (using the NIST CyberSecurity Framework) of the State’s current capabilities, strengths, challenges, opportunities and direction with regard to protecting the State enterprise from Cyber threats. Following this analysis, the Contractor will perform a fit/gap analysis using State capabilities and industry best practices to identify a multi-year strategy and plan to enhance the State’s capabilities in response to ongoing evolutions in the Cyber-threat detection, mitigation and response. Offerors are encouraged to highlight relevant experience performing such assessments, development of cybersecurity strategies using industry best practices and driving out realistic and actionable multi-year plans to enhance the security postures of customers similar in size and scale of the State of Ohio
