Cyber Security and Network Managed Services Enhancements by John Stinson

IT Governance Compliance Business Case Cyber Security and Network Managed Services Enhancements Technology Solutions

Background The Cyber security program was created in FY18 and since that time we have made significant progress in our efforts to align to the National Institute of Standards and Technology (NIST) 800 framework, a federal best practice guide for the management of a cybersecurity organization. This case will align to the Detect, Respond, Protect and Recover layers of the NIST Framework Cyber Security Posture. Additionally, with the launch of the new city fiber network next fiscal year, TS requires the resources to manage and maintain the network as we will be the sole responsible party acting as the Competitive Local Exchange Carrier (CLEC).

1st Business Problem: Need to Increase Cyber Security Capabilities within the NIST Detect and Response Layer

In the Detect and Respond NIST Framework Layer, there is a lack of visibility of what devices are on the network.

Current Pain Points as the result of the first business problem Cyber Security: Detect and Respond NIST Layer •

TS does not have the capabilities to identify and continuously monitor connected assets.

•

TS does not have the capabilities to identify devices that come on the network that do not have the mandated security requirements.

•

TS does not have enough staff to manage cyber security for the City.

1st Business Problem: Need to Increase Cyber Security Capabilities within the NIST Protect and Recover Layer In the Protect and Recover NIST framework layer, the second business problem TS is attempting to solve with this case is the expansion of the Data Protection capabilities as part of the total Cyber Security posture in alignment to the NIST framework. There are several existing technologies that require additional expansion based on the growth of data. Those technologies include: •

Rubrik – This is the primary data backup and recovery system

•

Microsoft azure cloud storage – This is the cloud location that the City stores the data backups

•

Acronis – This is the critical end point backup and imaging recovery system

1st Business Problem Current Pain Points within the NIST Protect and Recovery layer There is a need for more capacity to backup data due to the growth of data created within the City. •

Rubrik needs additional capacity on-premises to back up data

•

The current budget for Microsoft Azure cloud does not allow for expansion to store more data from on-premises.

•

Replace the existing solution to backup PC images

2nd Business Problem: Need to Increase Resources Required to Manage the City’s New Fiber Network The final business problem TS is attempting to solve with this case is gaining the resources to manage the new multi-million dollar fiber network. The City is transitioning from using a provider (Spectrum/Charter) to becoming our own provider. This transition requires additional resources to manage and maintain the network cable plant, backbone equipment, and performance value of the network. TS will need additional resources to manage this new network. The management of the network was outsourced and is now being insourced. TS has also asked for an additional FTE to manage the multiple vendors that will be needed to maintain this network 24/7/365.

2nd Business Problem Current Pain Points Fiber Network Managed Services •

TS does not currently have the management oversight required to manage the multiple additional partners that are required to maintain the network. There is a budget initiative for a Network Managed Services manager to be added to TS as a result of this need.

•

TS currently does not have the staff to manage the operations of the network.

Desired Business Value 1st Business Problem City of Durham’s Strategic Plan Goal: Innovative & High Performing Organization Initiative: Develop and implement a continuous improvement model that includes evaluation and process improvement to analyze and improve City services Cyber Security •

Provide the TS Cyber Security division with the ability to monitor devices that are on the network for compliance.

•

Expand the data protection resources and deploy critical end point recovery technologies.

Desired Business Value 2nd Business Problem City of Durham’s Strategic Plan Goal: Sustainable Natural and Built Environment Initiative: Develop and implement City of Durham fiber optic network in partnership with Duke and Durham County Network Managed Services •

Provide the capability for TS to manage and operate the new fiber network by adding staff and engaging in contractual relationships with partners to sustain the network.

Future State Benefits for the Cyber Security Program Bring increased security aligned to the Protect, Detect, Respond, and Recover layers of the NIST framework by: •

Being able to determine a classification by type for devices on the network.

•

Understand the patch and vulnerability levels for all of the devices that connect.

•

Institute the controls to add the security and automate the policy enforcement for compliance.

•

Expanding the on premise and cloud data center storage capabilities to align to the data growth.

•

Adding an end point imaging tool that will be able to fully recover key end points in the event of malware attack.

Future State Benefits for the City Fiber Network Management Fiber Network Managed Services With the approved resources including the FTE position, TS will be able to: •

Manage a 24/7/365 Network Operations Center supporting the fiber optic network through the user of partners.

•

Support the physical infrastructure of the new Fiber Network.

•

Maintain the hardware of the network with the appropriate agreements.