Information Technology Cyber Services

The Vendor is required to provide on-call information technology cyber services (“Services”) at airport.
- These Services include but are not limited to data breach incident investigation and response; vulnerability assessments; penetration testing; critical controls assessment and compliance testing; business and operational risk assessment; documentation services; as well as network, systems, and application services.
- Specified On-Call Services:
•    Data Breach Incident Investigation and Response: Cyber services to conduct data breach investigations and response. These Services include, but are not limited to: containment strategy, forensic investigation, eradication and recovery, and post incident analysis.
•    Vulnerability Assessment: Cyber Security software and services to conduct network vulnerability tests; vulnerability mitigation and remediation recommendations; assistance with the remediation of systems, networks and applications. 
•    Penetration Testing: Cyber Security software and services to conduct network penetration tests; assess the ability of network defenders to detect and respond to attacks; provide threat assessment reports that detail the magnitude of detected threats and the potential business and operational impacts.
•    Cyber Security Critical Controls Assessment and Compliance Testing: Cyber services to conduct audits; gap analysis and recommendations; assist with update to critical controls. Standards include but are not limited to PCI/DSS, CSC, NIST, and HIPPA.
•    Cyber Security Business and Operation Risk Assessment: Cyber services to conduct cyber assessment of business and operational risks based on the existing cyber posture; produce a highly detailed report with metrics that details the data such that management can use the information to prioritize cyber efforts.
•    Cyber Documentation Services: Cyber services to conduct audit of information technology documents related to Cyber Security; assist with updating existing documents and creation of new documents; Standards include NIST, ISO 2701, ITIL, and COBIT. Examples include but are not limited to, Information Security Policy, Incident Response Plans, and Cybersecurity language for Contracts.
•    Cyber Network, Systems and Applications Services: In support of airport systems and operation, provide services to assist with cyber security technology and solution selection; assist with deployment of new technology and solutions; hardening systems, troubleshooting existing cyber security systems; provide training services; provide guidance and advisory support on best practices.
- Action Items: 
•    Contractor shall track all information requests of the Authority and provide requested due dates for the information requested. It is the Contractor’s responsibility to follow-up on the status of each information request, on a weekly basis, when the information request is within one (1) month of the requested due date. 
- Documentation and Reports:
•    Contractor shall create diagrams, document procedures, or utilize other methods for the purpose of explaining technical material, as agreed upon by the Authority. Contractor will be responsible for delivering highly detailed technical reports providing all steps performed, tools utilized, and outcomes of each test, suggested solutions or remediation’s required. Contractor will also be required to provide an executive level summary of any analysis and remediation efforts.
- Support Hours:
•    Contractor must be flexible with work hours so that normal operations of the Airport are not affected by potentially disruptive testing, upgrades, or changes to systems/networks configuration. It is expected that all disruptive work be done between the hours of 12:00 AM and 4:00 AM Pacific Standard Time. Standard work hours are 8 AM to 5 PM Pacific Standard Time.