The URL can be used to link to this page

Agenda 05/14/2024 Item #16E 3 (To fund the Cyber Security applications and upgrades to allow enhanced security for the network within Collier County computer systems)05/14/2024 EXECUTIVE SUMMARY Recommendation to provide after-the-fact approval to submit a Local Government Cybersecurity Grant Program application through the State of Florida Department of Management Services for Cyber Security applications and upgrades and authorize the County Manager or designee to execute any required documents to accept the award in an estimated amount of $300,000. OBJECTIVE: To fund the Cyber Security applications and upgrades to allow for enhanced security for the network and data infrastructure within the Collier County computer systems. CONSIDERATION: On April 10, 2024, the IT Division, working with the Grants Compliance Manager, submitted a grant application to the Florida Department of Management Services through their Florida Digital Services Division for consideration of being awarded funds to help support the Cyber Security infrastructure within Collier County. The application was submitted through an electronic process with high security because of the sensitivity of the cyber information required for the grant. The award conditions have short deadlines that require an expedited execution of the award. Collier County CMA #5330 authorizes the County Manager to approve the submittal of grant applications, with subsequent Board action at its next available meeting to ratify the approval as “after‐the‐fact.” In the current Cyber Security environment, the Board must do everything in its power to secure the data and network infrastructure from threat actors who may want to cause the County and its citizens harm. With Cyber Security, these threats come in the way of attacking the network infrastructure and data held within the Collier County Computer systems. Most of these threats come from hacking into systems, phishing attacks in the hopes of installing malware/ransomware, and attacks on our infrastructure through denial-of-service attacks, to name a few. The County must protect itself from these harmful threats. The Collier County Information Technology Division (“County IT”) is tasked with protecting these systems and the data within them. It is currently being done through security systems and applications installed and implemented in different areas of the computer system. The best way to protect the County from these threats is by creating as many layers of security as possible. The grant that is being applied for will allow us to maintain/upgrade and add layers of security to the existing Cyber Security infrastructure. With this grant award, the County would qualify for five areas to improve or implement these security layers. The State will pay for the improvements in one or more of those five areas through this grant, which includes help in implementing and configuring the software. County IT will monitor and maintain the software after installation. Alerts from the software will allow County IT to act quickly to resolve any threats that may be found. There are no matching funds to acquire the grant, and the State will pay the vendors for the software the County installs. The only cost is that County IT will share telemetry (metrics, structured logs, and traces) data with the State so that it is alerted if a threat is identified. This allows the State to share the vectors for that attack with other Local Government Agencies that are participating in the grant. FISCAL IMPACT: A budget amendment is not necessary to appropriate funding as the State of Florida Department of Management Services will secure services directly with the Florida Department of Management Services contracted vendors in the estimated amount of $300,000. This grant program does not require a local match. The County will also administer and maintain the software after installation with the current complement of staff. GROWTH MANAGEMENT IMPACT: No growth management impact is associated with this action. 16.E.3 Packet Pg. 1293 05/14/2024 LEGAL CONSIDERATIONS: Public records are subject to disclosure unless exempt from disclosure by law. Records pertaining to cybersecurity are confidential and exempt from Section 119.071, Fla. Stat., including: insurance limits and deductibles, information relating to critical infrastructure, incident reporting information pursuant to sections 282.318 and 282.3185, F.S., network schematics, hardware and software configurations, and encryption information or information that identifies detection, investigation, or response practices for suspected or confirmed cybersecurity incidents, including suspected or confirmed breaches, are confidential and exempt pursuant to section 119.0725, F.S. References to such exempt materials in the Grant Agreement have been redacted from this Board agenda item but appear in the Grant Agreement that was submitted to the State. This item is approved as to form and legality and requires majority vote for Board approval. - CMG RECOMMENDATION: Recommendation to provide after-the-fact to submit a Local Government Cybersecurity Grant Program application through the State of Florida Department of Management Services for Cyber Security applications and upgrades and authorize the County Manager or designee to execute any required documents to accept the award in an estimated amount of $300,000. Prepared by: Mark Gillis, Division Director, Information Technology ATTACHMENT(S) 1. CM Memo ATF 24-009 (PDF) 16.E.3 Packet Pg. 1294 05/14/2024 COLLIER COUNTY Board of County Commissioners Item Number: 16.E.3 Doc ID: 28732 Item Summary: Recommendation to provide after-the-fact approval to submit a Local Government Cybersecurity Grant Program application through the State of Florida Department of Management Services for Cyber Security applications and upgrades and authorize the County Manager or designee to execute any required documents to accept the award in an estimated amount of $300,000. Meeting Date: 05/14/2024 Prepared by: Title: Division Director - Information Technology – Information Technology Name: Mark Gillis 04/30/2024 1:55 PM Submitted by: Title: Division Director - Information Technology – Information Technology Name: Mark Gillis 04/30/2024 1:55 PM Approved By: Review: Information Technology Mark Gillis Director Review Completed 05/03/2024 2:45 PM Corporate Business Operations Kenneth Kovensky Corporate Business Operations Review Completed 05/03/2024 4:23 PM County Attorney's Office Colleen Greene Level 2 Attorney Review Completed 05/06/2024 11:26 AM Grants Erica Robinson Level 2 Grants Review Completed 05/07/2024 1:04 PM Office of Management and Budget Debra Windsor Level 3 OMB Gatekeeper Review Completed 05/07/2024 1:11 PM County Attorney's Office Jeffrey A. Klatzkow Level 3 County Attorney's Office Review Completed 05/07/2024 2:45 PM Grants Therese Stanley OMB Reviewer Completed 05/07/2024 4:05 PM Office of Management and Budget Blanca Aquino Luque OMB Reviewer Completed 05/07/2024 4:53 PM County Manager's Office Amy Patterson Level 4 County Manager Review Completed 05/08/2024 12:34 PM Board of County Commissioners Geoffrey Willig Meeting Pending 05/14/2024 9:00 AM 16.E.3 Packet Pg. 1295 16.E.3.aPacket Pg. 1296Attachment: CM Memo ATF 24-009 (28732 : 2024 Florida State Cyber Security Grant)