My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2024-125
CBCC
>
Official Documents
>
2020's
>
2024
>
2024-125
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/11/2024 10:59:33 AM
Creation date
7/11/2024 10:58:35 AM
Metadata
Fields
Template:
Official Documents
Official Document Type
Miscellaneous
Approved Date
06/18/2024
Control Number
2024-125
Agenda Item Number
8.E.
Entity Name
OTM Cyber
Subject
911 Cybersecurity Services
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
13
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
A TRUE COPY <br />CERTIFICATION ON LAST PAGE <br />RYAN L. BUTLER, CLERK <br />Management Service features perform automatic remediation and protection, the <br />customer is ultimately responsible for the security of their own infrastructure. <br />b. Customer may contact OTM CYBER for support for any issues with Services. <br />c. For OTM CYBER Optimized Threat Management, customer must: <br />i. - Maintain internet connectivity to enable remote monitoring; and <br />ii. - Facilitate proper technical controls to allow OTM CYBER to effectively monitor, <br />inspect, and filter traffic. <br />d. Customer agrees to review with OTM CYBER the customer's architecture, including any <br />and all changes to the architecture that may affect the performance of the Services. <br />e. A6 -week period is required to baseline network traffic, during which time the system is <br />under full operational monitoring but is being enhanced and tuned to better detect <br />incidents should they occur. <br />f. Incident Response First Aid consists of assistance with Detection & Analysis and <br />Containment phases of the NIST Incident Response Life Cycle within the first 48 hours of <br />incident detection. Incident Response First Aid does not guarantee full Containment of <br />the threat, nor does it include Eradication or Recovery. Customer acknowledges that <br />incident response may take weeks or months. <br />13. Cyber Incident Response Obligations, Services, and Procedures <br />a. At initial deployment, the OTM CYBER team immediately begins working with the <br />customer's team to help create, test, and employ an incident response plan. The incident <br />response plan is designed to serve as a playbook or guide in the event of a cyber <br />incident to ensure that the threat is identified, isolated, and mitigated. If the customer has <br />an existing incident response plan, OTM CYBER will follow the procedures as outlined in <br />the existing plan. <br />b. In the event of a cyber incident detected by OTM CYBER, OTM CYBER will employ the <br />procedures outlined in the incident response plan and work with the customer's <br />appointed points of contact (as outlined in the incident response plan) to appropriately <br />escalate the issue and participate in the customer led mitigation and remediation process <br />as appropriate. OTM CYBER follows an escalation and classification model to <br />appropriately categorize cyber incidents based on criticality, impact, and time sensitivity. <br />Cyber incidents declared by OTM CYBER as "High" may require immediate action by all <br />parties involved and outlined in the incident response plan. <br />c. It is the priority of OTM CYBER to help prevent cyber incidents and OTM CYBER <br />commits to putting forth its best professional effort in doing so. However, in the unlikely <br />event that a high criticality cyber incident should occur despite best efforts on the part of <br />the customer and OTM CYBER, OTM CYBER commits to working with the customer to <br />
The URL can be used to link to this page
Your browser does not support the video tag.