Cyber Resilience Center Operations and Maintenance Services

The vendor is required to provide for a turnkey solution to manage, operate, maintain, and enhance the county cyber resilience center (CRC), which began operations in December 2021.
- On an as-needed basis, the contractor shall propose new innovative technologies or enhancements to combat emerging threats to achieve the objectives of the CRC.
- This may include updates, design, installation and support services to the existing CRC solution, which is in steady state operations.
- This CRC include the following elements: 1) transition; 2) operations; 3) warranty, maintenance, and support; and 4) closeout.
- The CRC shall be operated 24 hours per day, 7 days per week (24x7)
- The CRC shall be operated by on-site staffing of a minimum of two analysts from 8:00 am to 5:00 pm, Monday to Friday, and automated alerts and notifications for after-hours on-call coverage and call-back if needed.
- The CRC shall be reachable by the 844-pola-crc toll-free number where calls are forwarded to business mobile phone lines of staff/analysts.
- The CRC shall detect, notify, and provide oversight of cyber events within the port ecosystem; this shall include, but is not limited to:
• Operationalize internal and external threat intelligence to predict potential threats to the port ecosystem.
• Identify, collect, process, analyze and validate security events to provide actionable threat intelligence.
• Provide automated real-time dissemination of actionable threat intelligence.
• Provide weekly threat reports and threat advisories of actional threat intelligence.
• Fine tune processes to improve detection speed, enhance accuracy, identify/ predict potential threats, and reduce manual workload.
- Provide, maintain, and ensure CRC systems and associated software, hardware, interfaces, integrations, and all subcomponents are fully functional with 99.99%; this shall include, but is not limited to:
• Threat intelligence platform
• Threat intelligence sources (up to ten)
• Automated incident responses system
• Deep fake detection system
• Security awareness training
• CRC facility
1. Firewall, AppleTV, laptops
2. Video system - video wall, video wall controllers, and peripherals;
3. Audio system and peripherals;
4. Video teleconference system and peripherals;
5. Uninterruptable power supply (ups) backup power for critical systems;
6. Servers, KVM switches, network equipment;
7. Four console workstations and monitors;
8. Equipment racks;
9. Printers, paper shredder;
10. Furniture, hardware, software; and
11. Smartboard and whiteboard.
• The CRC shall be compliant with relevant state, federal and international laws and regulations.
• The CRC data shall remain within the continental states and shall not be used, shared, and/or sold to any other parties.
• The CRC data at rest and in motion shall be encrypted with the latest cryptographic standards.
• The CRC platform shall be based on, and compliant with the national institute of standards and technology (“NIST”) special publication 800-150, guide to cyber threat information sharing.
• The CRC shall incorporate artificial intelligence (AI) technologies such as but not limited to, natural language processing (NALP), large language model (LLM), machine language (ml), and predictive analytics capabilities.
• The CRC platform shall be capable of bi-directional data sharing via an API, sensor, and/or STIX/TAXII framework.
• The CRC platform shall be capable of tagging indicators to a framework that outlines the distinct stages of a cyber-attack, such as but not limited to the MITRE ATT&CK framework.
• The CRC may be on-premises, cloud, managed security services provider, or hybrid solutions.
• The CRC shall have a minimum availability of 99.99%, with fail-over and redundancy of critical components.
• The CRC shall have a hot standby disaster recovery solution.
• The CRC platform shall have tools and capabilities for authorization, authentication, and accounting.
• The CRC platform shall be a system-of-systems and shall not replace any cyber security operations of participating stakeholders.
• The CRC shall not be invasive or disruptive to existing systems of participating stakeholders.
• The CRC shall not include stakeholder proprietary information.
• The CRC shall not identify or expose stakeholder cyber vulnerabilities.
• The CRC shall not be burdensome to stakeholder staff.
- The CRC shall be operated by on-site staffing of a minimum of two analysts from 8:00 am to 5:00 pm, Monday to Friday, and automated alerts and notifications for after-hours on-call coverage and call-back if needed.
- Contract Period/Term: 3 years
- Virtual Pre-Proposal Meeting Date: April 30, 2025
- Questions/Inquires Deadline: May 8, 2025