AI Email Security and Cybersecurity Services

The vendor is required to provide for AI email security and cybersecurity professional services as part of its broader cybersecurity initiative, partially funded by the agency e-rate cybersecurity pilot program.
- Services will include AI-powered email security implementation, risk assessment, benchmarking, policy review, and penetration testing.
- All vendors must meet FCC and e-rate program requirements, including registration with applicable federal procurement systems
email security service
o Native integration with google workspace (Gmail)
o Advanced AI/ml-based phishing and broader threat detection and anomaly scoring
o Capable of detecting zero-day threats, malware, insider threats, c2, etc.
o Configurable workflows for quarantine, blocking and alerting
o Customizable reporting, data export capability and APIS for integration into enterprise threat management systems
o Support for secure SSO and identity management
o SIEM and SOAR compatibility
o Web-based admin console with role-based access controls
o Capable of advanced detection and response without excessive administrative cost and complexity
o Real-time and historical visibility into email threats
o Audit trails and logs
o Customizable alerts by severity
o Compatibility with the agency IT governance and cybersecurity controls, processes and policies
o Support for TLS (1.2 or 1.3) and aes-256 encryption for data in transmission and at rest
cybersecurity professional services
o Deep knowledge and expertise of cybersecurity industry standards and risk management frameworks
o Expertise in k-12 technology environments and k-12-specific cyber domain
o Expertise and experience in conducting risk assessments and crafting standards-based roadmaps and KPIs
o Use of standard frameworks such as NIST CSF or iso 27005 for conducting benchmarks and evaluations
o Experience in measuring the effectiveness of technology investments
o Experience in conducting swot analysis and cyber maturity risk scoring
o Use of evidence-based recommendations and models
- Vendor requirements
o Proven track-record of completing similar projects at similar educational institutions or enterprises
o All work must adhere to local codes, industry standards and osha regulations
o A complete timeline must be included with the proposal
o A minimum of 3 years providing cybersecurity services, with a strong preference for k12 cybersecurity experience
o E-rate spin and other requirements as defined by the FCC and USAC
o Ability to adhere to all cybersecurity pilot rules
o Referenceable deployments or engagements showing measurable reduction in phishing and other cyber threats.
o Certifications such as soc 2 type ii, iso/IEC 27001 or the like
o Cybersecurity credentials such as CISSP and CISM
o Familiarity with all relevant laws and best practices related to data privacy and security in education and compliance with all relevant laws such as FERPA and CIPA.
- Contract Period/Term: 1 year