Loading...
The URL can be used to link to this page
Your browser does not support the video tag.
Home
My WebLink
About
Critical Insight, Inc. - Statement of Service OMNIA Partners - Cyber Security Solutions and Associated Products & Services
Cri„ Critical Insight STATEMENT OF SERVICE Name:Kurt Simpson Quote Date: 10-05-2023 Email: kurt.simpson@criticalinsight.com Quote Expiration: 12-29-2023 Phone:(206)557-3231 Bill To: Ship To: Name: John Carney Name: John Carney Company: City of Yakima Company: City of Yakima Address: 129 N 2nd Street,Yakima,WA, US, Address: 129 N 2nd Street,Yakima,WA, US, 98901 98901 Phone: (509)249-6804 Phone: (509)249-6804 Contract Name:OMNIA Partners-Cyber Security Solutions and Associated Products&Services Contract#: R200803 SERVICE SUBSCRIPTION SKU Description Qty Annual Disc Annual MSRP % Net Price CI-PS-IR Incident Response Retainer Hours(SOW-2023-Q-13652-4-A 3) m $11,615.04 $11,150.44 *Line items subject to Sales Tax and are not included in this quote. 'Annual cost of these line items are billed on the Initial Invoice of each year they occur. 'Internal Reference Initial Annual Total: $11,150.40 Total Contract Value: $11,150.40 Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. 02023 Critical Insight,Inc.All rights reserved. 1/16 TERMS AND CONDITIONS This Statement of Service ("SOS"), effective as of 12-30-2023 (the "Effective Date") is subject to the Critical Insight Master Services Agreement dated 11-16-2021, and any other Exhibits,Attachments or Amendments hereto, which are each incorporated herein by reference, and which together with this SOS constitute the "Agreement". Unless otherwise provided in this SOS, capitalized terms herein shall be as defined elsewhere in the Agreement.The terms of this Agreement constitute the final expression of the parties' binding understanding in respect to the subject matter hereof and supersede all prior or contemporaneous agreements, representations and understandings, written and oral, in respect to same. Customer acknowledges that it has read the Agreement and agrees to be bound by its terms. • The term of this SOS is 12 month(s) commencing the Effective Date hereof. • Billing shall be based on Critical Insight reporting. Critical Insight and Customer shall reconcile in good faith any discrepancies in their respective tracking records, provided Critical Insight's reporting shall control in the event of an irreconcilable discrepancy. • Customer shall be invoiced on an annual basis in advance. • The first invoice shall be issued following the Effective Date. • Payment of invoiced amounts due no later than thirty(30) calendar days from date of invoice • Pricing is based on the OMNIA Partners—Cyber Security Solutions and Associated Products & Services Contract#R200803. Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 2/16 C Critical Insight Check one of the following: ® Purchase Order Required ❑ Purchase Order Not Required Customer Billing Contact Signature Name � C� \ W�g Billing Street v UU Name17- c7\p v���O�(\ Address \2�N 2 \ Sic Title k c& Js City,State,Zip kc CA ,v C 4O\ J 2 Billing Contact 1 Date j'b6 (La J _183 Phone S- 5.DvDO3 _ 1"•Vr Billing Email G\e. ,v‘.\Y( coci �4yAki„MavVa Critical Insight, �\ J Inc. Signature „, Name Garrett Silver Title CEO Date Oct 6, 2023 Critical Insights and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 3/16 EXHIBIT A L Critical CITY OF YAKIMA INCIDENT ASSISTANCE SERVICES RETAINER SCOPE OF WORK 10-05-2023 Presented To: Submitted by: John Carney John-Luke Peck Manager, IT Operations Consulting Practice Director City of Yakima Critical Insight, Inc. 129 N 2nd Street, Yakima, WA, US, 98901 500 Pacific Ave., Suite 650 john.carney@yakimawa.gov Bremerton, WA 98337 (509) 249-6804 (425) 508-5150 JLP®Criticallnsight.com Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 4/16 NOTICE Critical Insight, Inc. has made every reasonable attempt to ensure that the information contained within this statement of work is correct, current and properly sets forth the requirements as have been determined to date. The parties acknowledge and agree that the other party assumes no responsibility for errors that may be contained in or for misinterpretations that readers may infer from this document. NON-DISCLOSUREDSTATEMENT The information in this document is Critical Insight, Confidential, and cannot be reproduced or redistributed unless subject to the Washington State Public Records Act, 42.56. RCW. TRADEMARKDNOTICE 2023 Critical Insight, Inc. All Rights Reserved, Critical Insight®, the Critical Insight, and Kraken logos and other trademarks, service marks, and designs are registered or unregistered trademarks of Critical Insight, in the United States and in foreign countries. © Copyright 2023 Critical Insight, Inc. Critical Insights and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 5/16 General Information Background & Objectives Purpose This SOW presents Critical Insight's approach and methodology for on-demand Incident Assistance Services Retainer for City of Yakima. These services, when needed, may include: • Incident triage and response • Forensic analysis • Disk imaging • Event reconstruction • Preservation of evidence and legal hold • A dark web search stolen data • Assessment of web and network data compromise • Messaging to Customer, regulators Services are requested by email to our IR Retainer address or using or Critical Response Hotline at (800) 604-4810. A response to an incoming request will receive an email or phone reply within 2 hours. In most cases, the response process and information gathering will begin as soon as that reply to the incoming request is made, but the full resources of the IR team will be brought to bear on the effort within 24 hours or within 72 hours, at the Customer's discretion. This SOW includes: • Scope of Work - Critical Insight's methodology for assisting and supporting City of Yakima's technology & executive teams, and the scope of work that will be performed • Deliverables - Description of the deliverables for this project • Project Assumptions - any assumptions that were used to derive the scope of work or pricing for this engagement Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 6/16 Key Business and Technical Contacts Customer Business Contact Information Name: John Carney Manager, IT Operations Mailing Address: City of Yakima 129 N 2nd Street, Yakima, WA, US, 98901 E-Mail Address: john.carney@yakimawa.gov Phone Number: (509) 249-6804 Critical Insight Business Contact Information Name: John-Luke Peck Consulting Practice Director & Critical Insight dCISO Mailing Address: Critical Insight, Inc. 500 Pacific Ave., Suite 650 Bremerton WA 98337 E-Mail Address: JLP@Criticallnsight.com Phone Number: (425) 508-5150 Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 7/16 Service Description and Scope This section provides a description of services, scope of activity, and support requirements associated with the services. General Description The work and scope are not defined until the request for services is made but will consist of incident response assistance and forensics activities. No expert witness services, such as testifying in court are included in this SOW. Critical Insight will respond by phone or email within 2 hours of initiation of a request for assistance. We require a call to the IR Assistance Phone line or an email to the IR Assistance email address to initiate IR Assistance services and prefer use of both in tandem to allow for the most rapid response. If you suspect your email system may be compromised, use a non-business email to initiate contact such as Gmail, etc. If you suspect your phone has been compromised, use someone else's phone or email. Indicate if this is Emergency Response, up to 24 hours for full resource deployment, or Rapid Response, up to 72 hours for full resource deployment in your communication. For 24-hour Emergency Response requests, you will receive a phone response to the service initiation request within 2 hours to begin the response process, but often we are in contact with you within 20 minutes if not immediately upon incoming communications. The full IR resources which may include boots-on-the-ground response, forensics, detailed log analysis, or other services will be available within 24 hours of initiation of services, though we commonly are conducting those activities within hours. If you are making a request for the 72-hour response time, indicate that in the communication and we will contact you by the close of business that day, or if the request comes in after hours, by 10:00 AM the next morning. To request IR Assistance: • Email - IncidentAssitance@Criticallnsight.com • Phone - 1 (206) 687-9100, press 1 (12066879100,,,1 for speed dial) Or • 1 (206) 687-9100, press 9 We will provide disk imaging and forensic analysis software for hard disk analysis. If City of Yakima uses and requires a specific forensics analysis suite, some cross training may be required prior to our use of City of Yakima system if it is different than the tools we use. NOTE: This is a retainer contract with all fees paid up front. Hours will be lost if they are not used within 90 days after the IR Retainer term, which is 1 year/365 days from the execution of this SOW. This allows a full year of IR Retainer, with a 90 period after the full Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 8/16 year to repurpose and use those hours. These hours can be repurposed for any service we offer but requires at least 4 weeks lead time to schedule alternate work. Scope of Activity The scope outlined below depicts the scope of activity associated with this engagement. Table 1: Notification Lead Time Statement Lead Time for Emergency Response Onsite Requests 24-hour notice Lead Time for Rapid Response Onsite Requests 72-hour notice IR Retainer Period One Year from Contract Signing Contract Period One Year from Contract Signing plus 90 days Incident triage and response Once City of Yakima has stabilized the situation, we can further assist onsite based on the request for services at one of the two Rapid Response rates shown in Table 1 . Notification Lead Time Statement above. Our services may include: • Assist in execution against an existing Incident Response plan • Response strategies and tactics • Advisor to Incident Manager, Executives, Legal Forensics Computer forensics is the process of examining and preserving data found in computers systems, digital storage mediums or on networks in order to determine as much as possible about a security incident including: • Identification of how it occurred • Root cause analysis to determine why it occurred • Collection of evidence of suspected misuse • Documentation of policy violations • Documentation of potentially unlawful activities or actions Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 9/16 Working with Legal, IT, InfoSec, Compliance, Business Unit and Risk Managers to provide value to all effected parts of the business, Critical Insight will provide a forensic examination of a laptop systems and review log sources in order to assist in identifying any malicious or unauthorized activity. The project activities will be performed both onsite and remotely. Critical Insights and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 10/16 Schedule Period of Performance City of Yakima understands and agrees that changes in critical factors (such as those listed below in Project Change Control, or a delay in signature of this document) may impact Critical Insight's ability to meet certain dates. Project Start Date: Within Thirty (30) days of Effective Date Project Completion Date: Within One (1) Year of Start Date plus Ninety (90) days Project Change Control Critical Insight has made every attempt to accurately estimate time required to successfully complete the project. City of Yakima acknowledges and agrees that if impediments, complications, or City of Yakima requested changes in scope arise, these factors are out of the control of Critical Insight, and the length of the project and associated price could be impacted. Examples of valid impediments, complications, and changes in scope consist of (but are not limited to): • City of Yakima initiated delay where City of Yakima is not prepared to allow Critical Insight to begin work on the agreed upon start date thus resulting in additional cost to Critical Insight for resources that have been sent to City of Yakima's site but cannot begin the Services • City of Yakima provided information necessary for timely delivery by Critical Insight is not accurate • Delays or problems associated with third party telecommunication equipment o This includes, but is not limited to, cabling, servers, routers, hubs, and switches managed or installed by third parties • Malfunctioning hardware • Inability to access equipment or personnel that are required to complete the project • Conflicts or incompatibilities associated with the installation of hardware or software installed by Critical Insight • City of Yakima increases the scope of services requiring additional labor, hardware, software, materials, travel, lodging, meals, or other direct costs If any change(s) from impediments, complications, or City of Yakima changes in the scope of services cause an increase or decrease in the price or level of effort of the SOW, or the Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 11/16 time required for the performance of any part of the work to be accomplished hereunder, whether or not such work is specifically identified in the written change, then the price, delivery schedules and other affected provision(s), if any, as applicable, shall be equitably adjusted and this SOW shall be modified in writing by the mutual agreement of the parties in accordance with this Section. Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 12/16 Service Deliverables Description Critical Insight has no predefined deliverables as part of this project. The work and scope are not defined until the request for services is made but will consist of incident response assistance and forensics activities. Critical Insights and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 13/16 Assumptions Critical Insight used the following assumptions during development of this SOW. Any changes to these assumptions may affect the price and schedule commitments. • City of Yakima will provide Critical Insight access to the business, customer, and technical information, and facilities necessary to execute the solution • City of Yakima will provide Critical Insight on-site and off-site access to documents necessary for this assessment • City of Yakima will ensure that appropriate personnel are available to meet with Critical Insight, as necessary • Layer-3 devices will allow the protocols needed to discover and identify network services • Critical Insight will have approved access to vendors, for the purpose of obtaining device configurations, network diagrams, and details on monitoring or other processes that are performed on behalf of City of Yakima o If required, City of Yakima will assist with obtaining this access • During this engagement, any vulnerabilities, sensitive data, or configuration data found will not be exploited or disclosed except to specified Customer staff • Discovery and investigation processes should not interrupt any processes or services or cause any impact to the availability of operations • Critical Insight will not be obligated to extend engagements when delays result from City of Yakima's inability to meet stated prerequisites prior to an engagement, nor when delays result from City of Yakima personnel not being available to provide required support • During this effort, Critical Insight will not be responsible for negotiations with hardware, software, or other vendors, or any other contractual relationship between Customer and third parties o Critical Insight, at the request of City of Yakima, will provide input to City of Yakima regarding optimal product or vendor selection • Critical Insight will perform the work between 8:30 a.m. and 5:00 p.m. (local time) • As technical testing is included in the SOW which could require after-hour and weekend work, Critical Insight agrees to provide services as indicated below: After-hours upon request? Yes ® No ❑ Weekend upon request? Yes ® No ❑ Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 14/16 Location of onsite services? All work can be conducted remotely Or City of Yakima 129 N 2nd Street, Yakima, WA, US, 98901 Critical Insights and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 15/16 Cost NOTE: The entire value of this IR Retainer Service will be paid in advance and payment is due on the Effective Date. All hours must be expended no later than 90 days after the IR Retainer expires one year from the Effective Date. No rollover of hours will occur when this contract expires, and unused hours will be lost if not used within 90 days of contract expiration. Travel and Expense Reimbursement Travel, meals, lodging, and other direct costs for the described effort are not expected for this project and are not included in the quote above. When travel, meals, lodging, and other direct costs for the described effort are incurred, those expenses shall be reimbursed by City of Yakima at actual cost. Critical Insight®and the Critical Insight logo are the trademarks of Critical Insight,Inc. ©2023 Critical Insight,Inc.All rights reserved. 16/16