SR 05-11-2021 3E
City Council Report
City Council Meeting: May 11, 2021
Agenda Item: 3.E
1 of 5
To: Mayor and City Council
From: Joseph Cevetello, Chief Information Officer, Information Services Department
Bill Walker, Fire Chief, Fire Department
Subject: Award Professional Services Agreement to RSI Systems Inc. for Cyber-
Security Resource
Recommended Action
Staff recommends that the City Council:
1. Award Cybersecurity Resource RFP to RSI Systems Inc., to assist with the
continued development of a robust cybersecurity program to properly safeguard
City assets.
2. Authorize the City Manager to negotiate and execute an agreement with RSI
Systems, in an amount not to exceed $525,000 over a three-year period, with
future year funding contingent on Council budget approval and additional grant
funding.
3. Authorize budget changes as outlined in the Financial Impacts & Budget Actions
section of this report.
Summary
Staff recommends that the City Council authorize the City Manager to execute an
agreement with RSI Systems Inc., California based company, to assist the Information
Services Department (ISD) cybersecurity staff with the continued development and
deployment of a comprehensive cybersecurity program to safeguard City assets. RSI
Systems, Inc. services shall not exceed $175,000 for one year, with two additional one-
year renewal options for subsequent years, not to exceed $525,000 over a three-year
period. ISD has identified grant funding from the U.S. Department of Homeland
Security (DHS), Federal Emergency Management Agency's Urban Area Security
Initiative (UASI) grant for year 1; future year funding has been identified as part of the
2021 UASI grant funding.
3.E
Packet Pg. 38
2 of 5
In 2020 grant year, $2,164,108 was awarded to the City of Santa Monica as a part of
the UASI grant to enhance regional preparedness for disasters, emergencies,
cyberattacks and other threats to homeland security.
Staff recommends utilizing $175,000 of the 2020 UASI grant funds of the subrecipient
agreement with the City of Los Angeles for the performance period of September 1,
2020 to May 31, 2023 to fund RSI Systems Inc. to assist the information security team
with implementing measures to protect the City’s newly developed website, improve
governance controls over the City’s cloud solutions, safeguard City data stored with
cloud-based providers, improve identity management, and identify and block malicious
cyberattacks. The additional funding of $525,000 has been awarded in the UASI 2021
grant process to fund the remaining contract. Staff will return to Council to accept this
2021 award and appropriate the funds once the UASI 2021 agreement is received.
Discussion
UASI Grant Funding
The UASI program focus is on enhancing regional preparedness and capabilities in
major metropolitan areas. The Santa Monica Fire Department requested funds to send
staff to trainings that support its core public safety missions as well as regional
homeland security goals, and to purchase equipment and funds for a city-wide
cybersecurity project. The following are the four major regional homeland security focus
areas of the UASI grant program, known as Investment Justifications:
1. Strengthen interoperable and communications capabilities
2. Strengthen information sharing, collaboration capabilities, and law enforcement
investigations
3. Protection of critical infrastructure and key resources
4. Catastrophic incident planning response and recovery
The UASI program directly supports the national priority of expanding regional
collaboration within the National Preparedness Goal, which defines what it means for
the whole community to be prepared for all types of disasters and emergencies. The
3.E
Packet Pg. 39
3 of 5
UASI grant is intended to assist participating jurisdictions in developing integrated
regional systems for prevention, protection, response, and recovery from natural or
man-made disasters. The Fire Department will allocate $175,000 of the UASI grant
funds to ISD for the purposes of purchasing professional services to aid in the
continuous development of a comprehensive cybersecurity program to better protect the
City data and systems as it continues to extend its digital ecosystems. Procurement for
projects funded by the UASI grant will follow Santa Monica’s policies regarding
competitive procurement processes.
City Digital Security Program
The City’s digital infrastructure and data are core to the reliability, effectiveness, and
efficiency of all the core services that the City provides to residents, business, and
visitors. Since COVID19, information technology dependency has only accelerated as
Santa Monica continues to ensure it meets the digital needs of staff and the community.
This professional service engagement would aid staff in continuing to cultivate a
resilient cybersecurity posture and support the recommendations within the City’s
comprehensive cybersecurity risk assessment of its infrastructure.
With the additional grant assistance, the City’s Information Security Division will
implement digital security requirements set forth by agency regulations such as the
Criminal Justice Agencies (CJA) for access to Federal Bureau of Investigation (FBI)
Criminal Justice Information Services (CJIS) Division systems, Health Insurance
Portability and Accountability Act (HIPAA) and Payment Card Industry – Data Security
Standards (PCI-DSS).
Vendor/Consultant Selection
In October 2020, the City published a Request for Information (RFI) and received
sixteen responses. After evaluating the vendors based on technical competence and
competitive bidding the City invited five of the vendors to bid on the cybersecurity
service. In November 2020, the City published Request for Proposals (RFP) to five
firms to submit proposals on the cybersecurity services in accordance with City
requirements; in addition, the RFI and RFP were both posted on the City’s on-line
3.E
Packet Pg. 40
4 of 5
bidding site. Two proposals were received. The proposals were evaluated based on
competitive pricing, technical competence, references, and prior client experience.
Based on these criteria, staff recommend RSI Systems as the best qualified firm based
on the scope of work, price, and experience configuring and administering web, cloud,
and identity security solutions on similar projects.
Bidder Recommendation
Best Qualified Firm RSI Systems, Inc.
Evaluation Criteria The proposal, was evaluated based on the criteria in SMMC
2.24.190, including experience, credentials, training, capacity to
perform services promptly, stability/references, price, and
compliance with City specifications.
Municipal Code SMMC 2.24.190
RFPs Received
RSI Systems, Inc.
Novacoast Inc.
Bid Data
Date Posted Posted On
Vendors
Downloaded
Vendors Invited
to Bid
# of
Vendors
contacted
# of Submittals
Received
11/19/2020 City’s Online
Bidding Site
16 • Accenture
• Novacoast Inc.
• RSI Systems,
Inc.
• Tier Solution,
Inc.
• AON
5 2
Best Qualified Firm Justification
A team of experts in ISD interviewed the two firms. Based on the criteria above and
criteria in SMMC 2.24.190, the evaluation committee recommends RSI Systems, Inc. as
the best qualified firm with cybersecurity professionals capable of assisting staff with
protecting the City’s newly developed website, administering governance controls over
the City’s cloud solutions, assisting staff with safeguarding City data stored with cloud-
based providers, and improving identity management. RSI Systems, Inc. has over
twelve years’ experience and subject matter experts with years of in-depth knowledge
needed in the requested cybersecurity areas. RSI Systems, Inc. provided excellent
3.E
Packet Pg. 41
5 of 5
references and was within the projected budget set aside for the services. Based on
these criteria, RSI Systems, Inc. is recommended as the best qualified firm to provide
professional services to aid in the continuous development of a comprehensive
cybersecurity program in accordance with City specifications and scope of work.
Financial Impacts and Budget Actions
Staff seeks authority to approve funding from the Miscellaneous Grants Fund to award a
professional services agreement with RSI Systems, Inc. to assist with the continued
development of a robust cybersecurity program to better safeguard the City. Future
years’ funding and contract extensions are contingent on Council budget approval and
future grant funding.
Professional Service Agreement
FY 2020-21 Budget
Request Amount
Department Account # Total Contract Amount
$175,000 20140001.55518E $525,000
Prepared By: Veronica Mitchell, Information Security Officer
Approved
Forwarded to Council
Attachments:
A. City_of_Santa_Monica_Oaks_Initiative_Signed
3.E
Packet Pg. 42
3.E.a
Packet Pg. 43 Attachment: City_of_Santa_Monica_Oaks_Initiative_Signed (4535 : Award Professional Services Agreement for Cyber-Security Resource)
3.E.a
Packet Pg. 44 Attachment: City_of_Santa_Monica_Oaks_Initiative_Signed (4535 : Award Professional Services Agreement for Cyber-Security Resource)