The URL can be used to link to this page

Home My WebLink AboutRES 18-217RESOLUTION NO. 18-217 BE IT RESOLVED BY THE CITY COUNCIL OF THE CITY OF BEAUMONT: THAT the City Manager be and he is hereby authorized to execute an Agreement with the United States Department of Homeland Security, National Cybersecurity & Communications Integration Center (NCCIC) to allow NCCIC to conduct continuous network and vulnerability scanning of the City's publicly accessible networks and systems. Said Agreement is substantially in the form attached hereto as Exhibit "A" and made a part hereof for all purposes. The meeting at which this resolution was approved was in all things conducted in strict -compliance with the Texas Open Meetings Act, Texas Government Code, Chapter 551. PASSED BY THE CITY COUNCIL of the City of Beaumont this the 11th day of September, 2018. a OOCUMENr VMMON SLTT 3.2-7/3/2012 CYBER HYGIENE Authorization to Conduct Continuous Scans of Public -Facing Networks and Systems The National Cybersecurity & Communications Integration Center (NCCIC) of the Department of Homeland Security (DHS), under authority of the Homeland Security Act (6 U.S.C. § 101 et seq., esp. 6 U.S.C. § 148) would like to gain authorization from City of Beaumont, TX Beaumont ) to conduct continuous network and vulnerability scanning of Beaumont's publicly accessible networks and systems. The goals of these activities are to: 1. Catalog Beaumont Is publicly accessible networks and systems, including services running and version/patch levels 2. Identify vulnerabilities on Beamont's publicly accessible networks and systems 3. Identify potential configuration issues with Beaumont IS public facing networks and systems 4. Maintain tactical awareness of the operational risks and cyber health of individual entities 5. Inform the government's common operational view of cyberspace 6. Integrate relevant information, analysis, and vulnerability assessments, in order to identify priorities for protective and support measures regarding potential or actual threats 7. Provide "early warning" of specific actionable vulnerabilities to Beaumont DHS activities will originate from IP addresses or other identifiers that will be made known to Beaumont) DHS will also notify Beaumont should the IP addresses or other identifiers change. Scanning will be openly attributable to the authorized scanning source, and should be detected by Beaumont,s network monitoring solutions. Data will be sent to Beaumont Is networks and systems corresponding to the public facing IP addresses, domain names, or other identifiers provided by Beaumont for scanning. The process has been designed to be as unobtrusive as possible: scheduling, intensity and frequency have been carefully planned to minimize the possibility of service disruption. Activities under this authorization will be limited to scanning; no attempts to connect to Beaumont 15 internal network, penetrate Beaumont's systems, or monitor Beaumont Is network traffic will be made under this authorization. Page 1of3 EXHIBIT "A" 00 MMMSIONSLM.2-7/3/2038 If a third -party, such as a cloud service provider, operates or maintains the Beaumont networks or systems to be scanned pursuant to this authorization, Beaumont will make sure that such third parties are promptly notified of this authorized DHS scanning activity and authorize it in writing. If any such third party should -fail to -authorize in writing the scanning activity, Beaumont will promptly notify the DHS point of contact listed below. In a separate Appendix to this authorization Beaumont will provide the following information: the point of contact for activities performed under this authorization; an email address for the delivery of reports; identification information for the Beaumont networks and systems to be scanned pursuant to this authorization; and any other relevant information. Beaumont may provide updates to this information from time to time, in writing, using an updated Appendix or other method. Beaumont must promptly update DHS of changes to the identifying information used to scan Beaumont networks and systems pursuant to this authorization. DHS acknowledges that Beaumont may withdraw this authorization at any time for any reason. The DHS Point of Contact for this activity can be reached at NCATS info@hq.dhs.gov. All notifications, updates, or other communications regarding this authorization and any related activity should be sent to this DHS Point of Contact. By signing below, the approving Beaumont official agrees to the following: • Beaumont has authority to authorize scanning of the networks and systems submitted pursuant to this authorization; • Beaumont authorizes DHS to conduct the scanning activities described above; • Beaumont agrees to promptly update DHS of changes to the information used to identify the Beaumont networks and systems to be scanned pursuant to this authorization; • Beaumont agrees to promptly notify and secure written authorization for the scanning activities described above from any third -party that operates or maintains the Beaumont networks or systems to be scanned pursuant to this authorization; • Beaumont accepts that, while DHS teams will use their best efforts to conduct scans in a way that minimizes risk to Beaumont's systems and networks, the scanning activities described above create some risk of degradation in performance to Beaumont's systems and networks; • Beaumont accepts all risks to its systems and networks for the activities described above; • Beaumont acknowledges that DHS provides no warranties of any kind relating to any aspect of the assistance provided under this authorization; Page 2of3 DOCUMENT VERSION SLTT 3.2-7/3/70 Beaumont • accepts the risk of any damage that may result from implementing any guidance provided by DHS; Beaumont • hereby holds harmless the U.S. Government and those acting on its behalf from any and all claims arising out of or in any way related to this authorization; and Beaumont • has authorized you to make the above certifications on its behalf. Signature: Name: Title: Entity: City of Beaumont, TX City: Beaumont County: Jefferson Page 3of3 Date: State: TX a DOCUMENT VERSION SLTT 3.2-7/3/2DID AppendixA Authorization to Conduct Continuous Scans of Public -Facing Networks and Systems Beaumont provides the following information to facilitate the authorized scanning activities: Beaumont Please provide a technical point of contact at for the NCCIC team to follow-up with: Name: Email: Phone: We recommend your organization create and use a distribution list email address to receive our reports. This allows your organization to manage the recipients of our report. We will only deliver reports to a single address. Distro email: Your report will be encrypted with a password which we will provide to you. How would you like this password delivered (select one)? Phone (tech POC) i Email Text SMS / ®Tech POC Call, leave voicemail Distro POC Call, but don't leave a voicemail DOCUMENT VERSION SM3.2-7/3/20M When should scans begin? (e.g., "as soon as possible:, or "time, Eastern @ mm/dd/yyyyl Identification of Your Public -Facing Networks and Systems: Enter your organization's public IPv4 addresses in CIDR notation to be scanned: