RFP # XXXXXX | Proposal Name

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

Request for Information (RFI)

State of Florida, Department of Management Services

September 3, 2015

This document contains information that is proprietary and confidential to Phase One Consulting Group, LLC. that shall not be disclosed outside or duplicated, used, or disclosed in whole or in part for any purpose other than to evaluate Phase One Consulting Group, LLC. Any use or disclosure in

whole or in part of this information without the express written permission of Phase One Consulting Group, LLC. is prohibited.

Submitted by: Jodi Huston, Vice President, jhuston@phaseonecg.com, 571.244.9935

Submitted to: Joel Atkinson, Associate Category Manager, joel.atkinson@dms.myflorida.com, 850.488.0950

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

September 3, 2015

Mr. Joel Atkinson

Associate Category Manager

4050 Esplanade Way, Ste 360

Tallahassee, FL 32399-0950

Mr. Atkinson:

Phase One Consulting Group (Phase One) is pleased to submit this response to your Request for

Information (RFI) on Cyber-Security Assessment, Remediation, and Identity Protection,

Monitoring, and Restoration Services.

Phase One currently supports multiple cyber-security projects across the Federal government,

providing many of the services described in this RFI including assessments, preparation, and

training for cyber-security. We will leverage lessons learned from our current support and bring

the same commitment to value and excellence should we be selected for future engagements with

the State of Florida. Cyber-Security is one of our fastest growing areas of expertise and we

would welcome the opportunity to bring our understanding of federal-level cyber-security

policies and procedures to you.

Thank you for the opportunity to respond to your RFI. We look forward to developing a

partnership with the State of Florida and you have my pledge of excellence in all aspects of

Phase One’s support. Please contact me if you have any questions or require additional

information. I can be reached at jhuston@phaseonecg.com or at 571.244.9935.

Respectfully,

Jodi Huston

Vice President

Phase One Consulting Group, LLC

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the cover page. State of Florida RFI, Page i

Table of Contents

1 Introduction ....................................................................................................................... 1

2 Background ....................................................................................................................... 1

3 Contact Information .......................................................................................................... 3

4 Response to Section IV .................................................................................................... 3

4.1 Pre-Incident Services ............................................................................................ 3

4.1.1 Incident Response Agreement .............................................................................. 3

4.1.2 Assessments ........................................................................................................ 4

4.1.3 Preparation ........................................................................................................... 4

4.1.4 Developing Cyber-Security Incident Response Plans ........................................... 5

4.1.5 Training................................................................................................................. 5

4.2 Post-Incident Services .......................................................................................... 6

4.2.1 Breach Services Toll-free Hotline .......................................................................... 6

4.2.2 Investigation/Clean-up .......................................................................................... 6

4.2.3 Incident Response ................................................................................................ 7

4.2.4 Mitigation Plans .................................................................................................... 7

4.2.5 Identity Monitoring, Protection, and Restoration .................................................... 7

Appendix A: IT-70 Schedule ............................................................................................... A-1

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the cover page. State of Florida RFI, Page 1

1 Introduction

Phase One is a trusted name in Cyber-Security across the federal government

and we bring expertise in the most demanding Cyber policies including the

Federal Information Security Management Act (FISMA), Federal Risk and

Authorization Management Program (FedRAMP), Federal Information

Processing Standards (FIPS), and Federal Information System Controls Audit

Manual (FISCAM).

Phase One is a full lifecycle, global Information

Technology (IT) solutions firm that seeks to radically

change the way that IT is planned, deployed, and

secured. We know that clients need solutions that work without breaking-the-bank and that is why

we specialize in the technologies that leverage modern platforms to achieve incredible results.

Today's IT application technologies have greatly changed the way that solutions can be developed

and deployed and our approach uses these technologies to put traditional firms out-of-business.

Phase One has provided management consulting and IT development services to the federal

government for more than 18 years. We are a minority-owned US business through the RLJ

Equity Partner Group and we bring a team of industry-recognized experts with extensive

corporate reach-back to every interaction. We have demonstrated expertise in professional

services, Cyber-Security, data analysis and processing, IT administrative support, application

development, and management and general administrative support.

Phase One has proven experience and is widely known across government agencies as a highly

skilled IT process, Cyber-Security, and technology management firm. Over the past several

years, more than half of our revenue has come from solution implementations for major agencies

such as Department of Transportation (DOT) and the Department of Agriculture (USDA).

Through our background in architecture–and now implementation–we understand the enterprise

and the technology security challenges associated with the deployment of enterprise solutions

and the culture change required to fully adopt the new processes and technologies accompanying

the solution.

2 Background

Using proven planning and management techniques, Phase One works with its clients to navigate

strategic and tactical crossroads. We focuses our expertise on affecting change by building

trusted relationships across communities, building consensus, and providing technology and

vendor-independent advice. Phase One is made up of four competency areas, as presented in

figure 1 on the following page.

Cyber-Security

The cyber-security competency area is one of Phase One's fastest growing competency areas,

along with Solutions and Infrastructure. Phase One helps clients with the full cyber-security

lifecycle including strategies, plans, and architecture. The cyber-security competency area is

frequently called on to help with the deployment and operations of cyber-security capabilities.

The cyber-security competency area includes individuals with strong cyber-security backgrounds

in planning and operations. All cyber-security employees are encouraged to work actively within

the competency area to develop innovative solutions to common cyber-security challenges.

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the cover page. State of Florida RFI, Page 2

Sharing of intellectual property,

practices, and vulnerability

awareness are just some of the

keys to success for the cyber-

security competency area.

Strategy and Planning

The Strategy and Planning

competency area is deeply rooted

in the Phase One DNA. Even

cyber-security implementation

engagements are heavily

influenced by Phase One's

intellect developed in the

Strategy and Planning

competency area. At Phase One,

all client engagements include a

strategy and planning dimension

as a key differentiator for how

business is done. Clients have

come to expect innovation, proper

planning, and well executed

engagements across all of our contracts. The Strategy and Planning competency area is

responsible for key methodologies focused on cyber-security strategy, transformation, strategic

communications, and complex problem-solving.

Solution and Infrastructure

The Solutions and Infrastructure competency area includes Agile application development and

management, mobile ecosystem development and management, as well as cyber-security and

related service areas. The Solutions and Infrastructure competency area provides Phase One

clients with the end-to-end services needed to help them take advantage of the huge potential for

improvement offered by current and emerging cyber tools and best practices. Many Phase One

clients have saved money and offered better services with new or enhanced cyber solutions

designed and developed by Phase One. The Solutions and Infrastructure competency area has

been a leader in the development of Agile approaches to software design and development.

Management and Organization

The Management and Organization competency area includes professionals with domain

expertise in the design, management and operations of business and government organizations.

Phase One teams are called on to solve many organizational challenges for clients. How

organizations should be designed, governed, and managed is part of the intellectual property

responsibilities of the Management and Organization competency area. Further, Phase One

teams support clients with business process reengineering, business and solution analysis and

design, and organizational change management.

Figure 1 - Phase One’s core capabilities align with the skills and capabilities required for the development of a comprehensive Cyber-Security Strategy.

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the cover page. State of Florida RFI, Page 3

3 Contact Information

Company Information Phase One Consulting Group, LLC 99 Canal Center Plaza, Suite 405 Alexandria, VA 22314 www.pocg.com

Point of Contact Ms. Jodi Huston Vice President jhuston@phaseonecg.com 571.244.9935

4 Response to Section IV

Phase One has the experience and expertise to help the State of Florida accomplish its objectives

in the most cost-effective and forward-thinking manner possible. We take a vendor-agnostic

approach to client technology deployments. This means that our teams thoroughly examine our

client’s needs and make recommendations based not on our corporate partnerships, but rather on

the solutions best suited to solving your problems. We have deployed technologies from all

major manufacturers including Microsoft, Cisco, Symantec, Checkpoint, Palo Alto, Unix/Linux,

BlueCoat, F5, and many more.

As described throughout this document, Phase One has extensive experience supporting projects

similar in scope and criticality to the technical requirements of the State of Florida’s multiple

cyber-security programs.

4.1 Pre-Incident Services

4.1.1 Incident Response Agreement

Yes, Phase One is able to provide this service. Phase One works with clients to establish

thorough terms and conditions, unique to each organization, as to what activities to undertake

with concern to cyber security. By examining the possible scenarios that might take place,

vulnerabilities in systems can be addressed preemptively, and recommendations for responses

will be developed using industry best-practices and case studies.

Department of Transportation. Phase One has assisted DOT, one of the largest US

Government Departments, with Cyber-Security policy development, keeping it aligned with

the requirements of the FISMA, and ahead of the latest threats facing critical organizations

such as the Federal Aviation Administration (FAA). By establishing terms and conditions

for incident response ahead of time, in keeping with federal standards and requirements,

DOT was enabled to respond more rapidly in the event of a cyber-security breach.

Commodity Futures Trading Commission (CFTC). Phase One has implemented multiple

cyber-security tools to meet the SANS Institute’s (SANS) Twenty Critical controls

guidelines, which map directly with the continuous monitoring 800-53 controls, and to

improve the overall security posture of the CFTC network. A Network Access Control

(NAC), Security Information and Event Management (SIEM), Multi-Factor Authentication,

Configuration Integrity Verifier and various Vulnerability Scanning solutions have been

employed by the Phase One team. The security controls addressed helped the CFTC

become compliant with National Institute of Standards and Technology (NIST) 800-53

regulations.

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the cover page. State of Florida RFI, Page 4

4.1.2 Assessments

Yes, Phase One is able to provide this service. Phase One takes a unique approach to reducing

vulnerabilities in software and government systems via performing Penetration Testing of client

applications and private cloud environment, as well as providing recommendations and guidance

to re-mediate the discovered vulnerabilities.

Commodities Futures Trading Commission. Phase One highlighted the need for the

CFTC to incorporate security impact analyses and risk assessments into the

Commission’s configuration management process, which led to the creation of a Security

Impact Analysis Manager (SIAM). The SIAM analyzes all planned projects and system

changes for their impact to the CFTC’s overall security posture and the security of its

systems, and also conducts risk assessments of any known vulnerabilities and the

potential impact to the Commission should mitigating factors not be implemented. The

SIAM plays a key role in ensuring information system security in the configuration

management process, provides informed guidance to the Chief Information Security

Officer regarding potential system changes, and ensures that security concerns are

represented at weekly change control board (CCB) meetings. When reviewing planned

system changes, the Phase One SIAM makes a point to understand the business reasons

for each change and the business needs, so that if there are security concerns with the

proposal a more secure alternative can be suggested. Finally, the SIAM ensures that all

system development activities are conducted in a secure manner by meeting with

developers to discuss system changes, security concerns, and (where applicable)

reviewing application code and/or scanning applications for vulnerabilities to ensure that

new security vulnerabilities are not introduced into systems via insecure development

practices. In addition, the Phase One Security Impact Analysis Manager (SIAM) at

incorporates a regular evaluation of security controls into each Security Impact Analysis

(SIA), ensuring that planned system changes do not negatively impact the ability to

successfully meet the requirements of certain NIST SP 800-53 security controls,

particularly those designated as key controls for secure configuration management in

NIST SP 800-128. The SIAM would be a key component to supporting the FAA’s

Continuous Monitoring security program as well as ensuring that security was

implemented during all system development phases.

4.1.3 Preparation

Yes, Phase One is able to provide this service.

Department of Transportation. Phase One supported the DOT Chief Information Security

Officer (CISO) with strategic planning in order to plan the implementation of cyber-

security initiatives. We supported the prioritization of initiatives using a cost vs. risk

approach, developed a plan for implementation based on current resources to achieve

Departmental goals and CISO objectives. Additionally, we supported the development of

DOT’s departmental cyber-security policy and compendium. The compendium provides

the ability for DOT to make updates to the cyber-security content to keep up with the

latest technology and threat trends. We planned and supported the development of the

compendium content, communications and circulation of drafts, comment adjudication

and negotiations across modal offices and approvers. We regularly support annual

updates to ensure currency and relevancy of the content.

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the cover page. State of Florida RFI, Page 5

Commodities Futures Trading Commission. Phase One helped the CFTC improve their

incident response and threat detection capabilities, through unifying disparate system and

application logs into a centralized SIEM. Through tuning the SIEM, threat correlation

and intrusion alerts have been unified under a single web interface for our clients Security

Operation Team and incident detection and response times have been improved. With the

new SIEM system in place, access to specific information in the SIEM can be assigned to

certain team members to allow for a role based security model and security team

monitoring assignments.

4.1.4 Developing Cyber-Security Incident Response Plans

Yes, Phase One is able to provide this service. Phase One has extensive experience developing

cyber-security incident response plans for a wide range of clients.

Department of Transportation. At the National Highway Traffic Safety Administration

(NHTSA), Phase One reported progress to the system manager/owner and NHTSA

stakeholders and identified any critical issues or risks which could pose an immediate

security threat and provided recommendations for remediation as well as an overall

recommendation to the certifier and accreditor for making a determination for signing the

authority to operate. This task demonstrates Phase One’s ability adhere to standards and

guidelines for performing certification and accreditations and delivering all necessary

documentation as a complete package. Phase One was able to deliver the certification and

accreditation package on time enabling the system to achieve ATO without disruption to

the end user. Additionally, Phase One provided guidance to NHTSA on the controls

which may be impacted if the system were to be upgraded to include personally

identifiable information. This Certification and Accreditation (C&A) was an important

step for NHTSA to maintain its overall mission of highway safety.

United States Department of Agriculture. At the Animal and Plant Health Inspection

Service (APHIS), a sub-agency to USDA, the Phase One team has been a key component

to updating multiple System Security Plans (SSPs) to meet FISMA reporting

requirements and to continuously assess how each applicable NIST SP 800-53 control is

implemented on a given system. The Phase One team was responsible for updating the

APHIS Investigation Tracking and Enforcement Management System (ITEMS) SSP after

their development team moved the application to a new platform. The Phase One team is

also responsible for the implementation of multiple technical, operational, and

management controls to help remediate and close multiple Plan of Action and Milestone

(POA&M) items that align with 800-53 controls. This allows them to provide the APHIS

CISO with a report on a regular basis of all user activity within these applications.

4.1.5 Training

Yes, Phase One is able to provide this service.

Federal Aviation Administration. In order for the customers to meet the compliance and

reporting requirements set forth by FISMA, it is crucial to have a well-trained staff that

understands and has deep knowledge of the guidance in the NIST Special Publications

library. By understanding and properly implementing the guidance and methodologies

presented in the NIST documentations, Federal agencies can efficiently meet FISMA

compliance requirements, bolster the security of their sensitive information systems, and

avoid disrupting day-to-day operations that rely on those information systems. Phase One

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the cover page. State of Florida RFI, Page 6

has a deep understanding of these special publications and knows how to apply them in a

unique and effective manner.

Department of Transportation. Phase One provided support to NHTSA by performing

C&A in accordance with NIST SP 800-53A by following the NIST Risk Management

Framework as described in NIST SP-800-37 Rev1 for a cloud-hosted, externally facing,

web-based system. This system has limited access to authorized law enforcement

officials and criminal justice systems users and provides a repository for tracking

standardized field sobriety testing training and materials as well as field data for sobriety

related investigations into suspected persons. Phase One assessed the current state of the

C&A package, performed a gap analysis of the existing assessment, conducted an

updated C&A including Security Testing and Evaluation (ST&E), conducted an

independent risk assessment, and ensured all system security documentation was

complete and in compliance with DOT policies and guidelines. As deliverables, Phase

One prepared and submitted the following:

o Information and System Security Categorization based on FIPS 199 and SP 800-60

o Risk Assessment (RA), based on SP 800-30

o System Security Plan (SSP), based on SP 800-18 and SP800-53

o Information Technology Contingency Plan (ITCP), based on SP 800-34

o Plan of Actions and Milestones (POA&M), based on OMB Memo 06-20

o Security Test Plan (STP) based on SP 800-42, and SP 800-53A

o Vulnerability scanning results

o Security Assessment Report (SAR)

4.2 Post-Incident Services

4.2.1 Breach Services Toll-free Hotline

Phase One does not currently support these services.

4.2.2 Investigation/Clean-up

Yes, Phase One is able to provide this service. Phase One has extensive experience with

planning and implementing technologies to help agencies meet the Continuous Monitoring

requirements set forth in NIST Special Publication 800-137. Implementing these monitoring

tools provides us with the skillsets needed to conduct rapid evaluations of cyber-security-related

incidents and quickly assess what is needed to return to pre-incident levels:

Commodity and Futures Trading Commission. Phase One designed a Vulnerability

Management process and procedure at CFTC that has become the central point for

vulnerability remediation. The process included performing an inventory on all endpoints

in the environment and assessing their vulnerability status with the use of an automated

scanner. Remediation in the environment is performed via software patching, or

correcting configurations that have drifted on endpoints. The process of discovery and

remediation is performed weekly by a security manager.

United States Department of Agriculture. At APHIS the Phase One team is also regularly

involved with vulnerability remediation. By utilizing vulnerability reports that are

outputted regularly by RetinaCS, the Phase One team is aware of all vulnerabilities on the

servers they are responsible for maintaining. They are required to remediate these

vulnerabilities by installing new patches, updating software, and making tweaks in code

in a timely manner to avoid shutting down the server itself.

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the cover page. State of Florida RFI, Page 7

4.2.3 Incident Response

Phase One does not currently support these services.

4.2.4 Mitigation Plans

Yes, Phase One is able to provide this service. Phase One works with clients to establish

thorough terms and conditions, unique to each organization, as to what activities to undertake

with concern to cyber security. By examining the possible scenarios that might take place,

vulnerabilities in systems can be addressed preemptively, and recommendations for responses

will be developed using industry best-practices and case studies.

US Department of Transportation. Phase One has assisted DOT, one of the largest US

Government Departments, with Cyber-Security policy development, keeping it aligned

with the requirements of the FISMA, and ahead of the latest threats facing critical

organizations such as FAA. By establishing terms and conditions for incident response

ahead of time, in keeping with federal standards and requirements, DOT was enabled to

respond more rapidly in the event of a cyber-security breach.

4.2.5 Identity Monitoring, Protection, and Restoration

Phase One does not currently support these services.

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-1

Appendix A: IT-70 Schedule

The Phase One IT-70 Schedule is presented on the following pages.

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-2

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-3

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-4

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-5

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-6

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-7

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-8

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-9

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-10

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-11

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-12

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-13

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-14

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-15

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-16

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-17

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-18

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-19

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-20

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-21

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-22

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-23

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-24

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-25

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-26

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-27

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-28

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-29

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

The information on this page is subject to the nondisclosure statement on the proposal cover page. Attachment A: IT-70 Schedule, Page A-30