Loading...
The URL can be used to link to this page
Your browser does not support the video tag.
Home
My WebLink
About
QCM TECHNOLOGIES INC; 2024-04-03;
DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 April 3rd DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 AGREEMENT FOR LOGRHYTM TRUSOC SERVICES QCM TECHNOLOGIES INC THIS AGREEMENT is made and entered into as of the ______ day of __________ ___J 2024, by and between the City of Carlsbad, California, a municipal corporation {"City") and QCM Technologies, Inc., an Arizona corporation ("Contractor"). RECITALS A. City requires the professional services of a managed security provider that is experienced in information technology managed security services. B. Contractor has the necessary experience in providing professional services and advice related to information technology managed security services. C. Contractor has submitted a proposal to City and has affirmed its willingness and ability to perform such work. NOW, THEREFORE, in consideration of these recitals and the mutual covenants contained herein, City and Contractor agree as follows: 1. SCOPE OF WORK City retains Contractor to perform, and Contractor agrees to render, those services (the "Services") that are defined in attached Exhibit "A," which is incorporated by this reference in accordance with this Agreement's terms and conditions. 2. STANDARD OF PERFORMANCE While performing the Services, Contractor will exercise the reasonable professional care and skill customarily exercised by reputable members of Contractor's profession practicing in the Metropolitan Southern California area, and will use reasonable diligence and best judgment while exercising its professional skill and expertise. 3. TERM The term of this Agreement will be effective for a period of two (2) years from the date first above written. The City Manager may amend the Agreement to extend it for one (1) additional two (2) years or parts thereof. Extensions will be based upon a satisfactory review of Contractor's performance, City needs, and appropriation of funds by the City Council. The parties will prepare a written amendment indicating the effective date and length of the extended Agreement. 4. TIME IS OF THE ESSENCE Time is of the essence for each and every provision of this Agreement. 5. COMPENSATION The total fee payable for the Services to be performed during the initial Agreement's two-year term shall not exceed one hundred forty-six thousand nine hundred thirty-two dollars and fifty-six cents ($146,932.56) or seventy-three thousand four hundred sixty-six dollars and twenty-eight cents ($73,466.28) per Agreement year. No other compensation for the Services will be allowed except for items covered by subsequent amendments (if any) to this Agreement. If the City elects to extend the Agreement, the amount shall not exceed seventy-three thousand four hundred sixty-six dollars and twenty-eight cents Page 1 City Attorney Approved Version 12/22/2023 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 ($73,466.28) per Agreement year. The City reserves the right to withhold a ten percent (10%) retention until City has accepted the work and/or Services specified in Exhibit "A." Incremental payments, if applicable, should be made as outlined in Exhibit "A." 6. STATUS OF CONTRACTOR Contractor will perform the Services in Contractor's own way as an independent contractor and in pursuit of Contractor's independent calling, and not as an employee of City. Contractor will be under control of City only as to the result to be accomplished, but will consult with City as necessary. The persons used by Contractor to provide services under this Agreement will not be considered employees of City for any purposes . . The payment made to Contractor pursuant to the Agreement will be the full and complete compensation to which Contractor is entitled. City will not make any federal or state tax withholdings on behalf of Contractor or its agents, employees or subcontractors. City will not be required to pay any workers' compensation insurance or unemployment contributions on behalf of Contractor or its employees or subcontractors. Contractor agrees to indemnify City within thirty {30) days for any tax, retirement contribution, social security, overtime payment, unemployment payment or workers' compensation payment which City may be required to make on behalf of Contractor or any agent, employee, or subcontractor of Contractor for work done under this Agreement. At the City's election, City may deduct the indemnification amount from any balance owing to Contractor. 7. SUBCONTRACTING Contractor will not subcontract any portion of the Services without prior written approval of City. If Contractor subcontracts any of the Services, Contractor will be fully responsible to City for the acts and omissions of Contractor's subcontractor and of the persons either directly or indirectly employed by the subcontractor, as Contractor is for the acts and omissions of persons directly employed by Contractor. Nothing contained in this Agreement will create any contractual relationship between any subcontractor of Contractor and City. Contractorwill be responsible for payment of subcontractors. Contractor will bind every subcontractor and every subcontract.or of a subcontractor by the terms of this Agreement applicable to Contractor's work unless specifically noted to the contrary in the subcontract and approved in writing by City. 8. OTHER CONTRACTORS The City reserves the right to employ other Contractors in connection with the Services. 9. INDEMNIFICATION Contractor agrees to defend (with counsel approved by the City), indemnify, and hold harmless the City and its officers, elected and appointed officials, employees and volunteers from and against all claims, damages, losses and expenses including attorney's fees arising out of the performance of the work described herein caused by any negligence, recklessness, or willful misconduct of the Contractor, any subcontractor, anyone directly or indirectly employed by any of them or anyone for whose acts any of them may be liable. The parties expressly agree that any payment, attorney's fee, costs or expense City incurs or makes to or on behalf of an injured employee under the City's self-administered workers' compensation is included as a loss, expense or cost for the purposes of this section, and that this section will survive the expiration or early termination of this Agreement. Page 2 City Attorney Approved Version 12/22/2023 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 10. INSURANCE Contractor will obtain and maintain for the duration of the Agreement and any and all amendments, insurance against claims for injuries to persons or damage to property which may arise out of or in connection with performance of the services by Contractor or Contractor's agents, representatives, employees or subcontractors. The insurance will be obtained from an insurance carrier admitted and authorized to do business in the State of California. The insurance carrier is required to have a current Best's Key Rating of not less than "A-:VII"; OR with a surplus line insurer on the State of California's List of Approved Surplus Line Insurers (LASLI) with a rating in the latest Best's Key Rating Guide of at least "A:X"; OR an alien non-admitted insurer listed by the National Association of Insurance Commissioners (NAIC) latest quarterly listings report. 10.1 Coverages and Limits. Contractor will maintain the types of coverages and minimum limits indicated below, unless Risk Manager or City Manager approves a lower amount. These minimum amounts of coverage will not constitute any limitations or cap on Contractor's indemnification obligations under this Agreement. City, its officers, agents and employees make no representation that the limits of the insurance specified to be carried by Contractor pursuant to this Agreement are adequate to protect Contractor. If Contractor believes that any required insurance coverage is inadequate, Contractor will obtain such additional insurance coverage, as Contractor deems adequate, at Contractor's sole expense. The full limits available to the named insured shall also be available and applicable to the City as an additional insured. 10.1.1 Commercial General Liability (CGL) Insurance. Insurance written on an "occurrence" basis, including personal & advertising injury, with limits no less than $2,000,000 per occurrence. If a general aggregate limit applies, either the general aggregate limit shall apply separately to this project/location or the general aggregate limit shall be twice the required occurrence limit. 10.1.2 Automobile Liability. If the use of an automobile is involved for Contractor's work for City, insurance coverage shall be no less than $2,000,000 combined single-limit per accident for bodily injury and property damage. 10.1.3 Workers' Compensation and Employer's Liability. Workers' Compensation limits as required by the California Labor Code. Workers' Compensation will not be required if Contractor has no employees and provides, to City's satisfaction, a declaration stating this. 10.1.4 Professional Liability. Errors and omissions liability appropriate to Contractor's profession with limits of not less than $1,000,000 per claim. Coverage must be maintained for a period of five years following the date of completion of the work. 10.1.5 Cyber Insurance. Coverage limit in the amount of $2,000,000 per occurrence with a $2,000,000 aggregate. 10.2 Additional Provisions. Contractor will ensure that the policies of insurance required under this Agreement contain, or are endorsed to contain, the following provisions: 10.2.1 The City will be named as an additional insured on Commercial General Liability which shall provide primary coverage to the City. Page 3 City Attorney Approved Version 12/22/2023 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 10.2.2 Contractor will obtain occurrence coverage, excluding Professional Liability, which will be written as claims-made coverage. 10.2.3 This insurance will be in force during the life of the Agreement and any extensions of it and will not be canceled without thirty (30) days prior written notice to City sent by certified mail pursuant to the Notice provisions of this Agreement. 10.3 Providing Certificates of Insurance and Endorsements. Prior to City's execution of this Agreement, Contractor will furnish certificates of insurance and endorsements to City. 10.4 Failure to Maintain Coverage. If Contractor fails to maintain any of these insurance coverages, then City will have the option to declare Contractor in breach, or may purchase replacement insurance or pay the premiums that are due on existing policies in order to maintain the required coverages. Contractor is responsible for any payments made by City to obtain or maintain insurance and City may collect these payments from Contractor or deduct the amount paid from any sums due Contractor under this Agreement. 10.5 Submission of Insurance Policies. City reserves the right to require, at any time, complete and certified copies of any or all required insurance policies and endorsements. 11. BUSINESS LICENSE Contractor will obtain and maintain a City of Carlsbad Business License for the term of the Agreement, as may be amended from time-to-time. 12. ACCOUNTING RECORDS Contractor will maintain complete and accurate records with respect to costs incurred under this Agreement. All records will be clearly identifiable. Contractor will allow a representative of City during normal business hours to examine, audit, and make transcripts or copies of records and any other documents created pursuant to this Agreement. Contractor will allow inspection of all work, data, documents, proceedings, and activities related to the Agreement for a period of three (3) years from the date of final payment under this Agreement. 13. OWNERSHIP OF DOCUMENTS All work product produced by Contractor or its agents, employees, and subcontractors pursuant to this Agreement is the property of City. In the event this Agreement is terminated, all work product produced by Contractor or its agents, employees and subcontractors pursuant to this Agreement will be delivered at once to City. Contractor will have the right to make one (1) copy of the work product for Contractor's records. 14. COPYRIGHTS Contractor agrees that all copyrights that arise from the services will be vested in City and Contractor relinquishes all claims to the copyrights in favor of City. Ill Ill Ill Page4 City Attorney Approved Version 12/22/2023 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 OocuSign Envelope ID: 62937366-8AOB-4E92-98DE-FED5C37EB342 15. NOTICES The name oft.he persons who are authorized to give written notice or to receive written notice on behalf of City and on behalf of Contractor under this Agreement are: For Citv: For Contractor: Name Maria Callander Name Timothy Kinnerup Title Title Vice President Sales & Business IT Director Development Dept Information Technology Address 9060 E Via Linda, Ste 220 CITY OF CARLSBAD Scottsdale, AZ 85258 Address 1635 Faraday Ave Phone (480) 483-4371 Carlsbad, CA 92008 Email tkinnerup@qcmtech.com Phone 760.442.2454 Each party will notify the other immediately of any changes of address that would require any notice or delivery to be directed to another address. 16. CONFLICT OF INTEREST Contractor shall file a Conflict of Interest Statement with the City Clerk in accordance with the requirements of the City of Carlsbad Conflict of Interest Code. The Contractor shall report investments or interests as required in the City of Carlsbad Conflict of Interest Code. Yes □ No IZI If yes, list the contact information below for all individuals required to file: Name Email Phone Number 17. GENERAL COMPLIANCE WITH LAWS Contractor will keep fully informed of federal, state and local laws and ordinances and regulations which in any manner affect those employed by Contractor, or in any way affect the performance of the Services by Contractor. Contractor will at all times observe and comply with these laws, ordinances, and regulations and will be responsible for the compliance of Contractor's services with all applicable laws, ordinances and regulations. Contractor will be aware of the requirements of the Immigration Reform and ~antral Act of 1986 and will comply with those requirements, including, but not limited to, verifying the eligibility for employment of all agents, employees, subcontractors and consultants whose services are required by this Agreement. Page 5 City Attorney Approved Version 12/22/2023 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 18. CALIFORNIA AIR RESOURCES BOARD (CARB) ADVANCED CLEAN FLEETS REGULATIONS Contractor's vehicles with a gross vehicle w_eight rating greater than 8,500 lbs. and light-duty package delivery vehicles operated in California may be subject to the California Air Resources Board (CARB) Advanced Clean Fleets regulations. Such vehicles may therefore be subject to requirements to reduce emissions of air pollutants. For more information, please visit the CARB Advanced Clean Fleets webpage at https://ww2.arb.ca.gov/our-work/programs/advanced-clean-fleets. 19. DISCRIMINATION AND HARASSMENT PROHIBITED Contractor will comply with all applicable local, state and federal laws and regulations prohibiting discrimination and harassment. 20. DISPUTE RESOLUTION If a dispute should arise regarding the performance of the Services the following procedure will be used to resolve any questions of fact or interpretation not otherwise settled by agreement between the parties. Representatives of Contractor or City will reduce such questions, and their respective views, to writing. A copy of such documented dispute will be forwarded to both parties involved along with recommended methods of resolution, which would be of benefit to both parties. The representative receiving the letter will reply to the letter along with a recommended method of resolution within ten (10) business days. If the resolution thus obtained is unsatisfactory to the aggrieved party, a letter outlining the disputes will be forwarded to the City Manager. The City Manager will consider the facts and solutions recommended by each party and may then opt to direct a solution to the problem. In such cases, the action of the City Manager will be binding upon the parties involved, although nothing in this procedure will prohibit the parties from seeking remedies available to them at law. 21. TERMINATION In the event of the Contractor's failure to prosecute, deliver, or perform the Services, City may terminate this Agreement for nonperformance by notifying Contractor by certified mail of the termination. If City decides to abandon or indefinitely postpone the work or services contemplated by this Agreement, City may terminate this Agreement upon written notice to Contractor. Upon notification of termination, Contractor has five (5) business days to deliver any documents owned by City and all work in progress to City address contained in this Agreement. City will make a determination of fact based upon the work product delivered to City and of the percentage of work that Contractor has performed which is usable and of worth to City in having the Agreement completed. Based upon that finding City will determine the final payment of the Agreement. City may terminate this Agreement by tendering thirty (30) days written notice to Contractor. Contractor may terminate this Agreement by tendering thirty (30) days written notice to City. In the event of termination of this Agreement by either party and upon request of City, Contractor will assemble the work product and put it in order for proper filing and closing and deliver it to City. Contractor will be paid for work performed to the termination date; however, the total will not exceed the lump sum fee payable under this Agreement. City will make the final determination as to the portions of tasks completed and the compensation to be made. 22. COVENANTS AGAINST CONTINGENT FEES Contractor warrants that Contractor has not employed or retained any company or person, other than a bona fide employee working for Contractor, to solicit or secure this Agreement, and that Contractor has not paid or agreed to pay any company or person, other than a bona fide employee, any fee, commission, City Attorney Approved Version 12/22/2023 Page 6 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 percentage, brokerage fee, gift, or any other consideration contingent upon, or resulting from, the award or making of this Agreement. For breach or violation of this warranty, City will have the right to annul this Agreement without liability, or, in its discretion, to deduct from the Agreement price or consideration, or otherwise recover, the full amount of the fee, commission, percentage, brokerage fees, gift, or contingent fee. 23. CLAIMS AND LAWSUITS By signing this Agreement, Contractor agrees that any Agreement claim submitted to City must be asserted as part of the Agreement process as set forth in this Agreement and not in anticipation of litigation or in conjunction with litigation. Contractor acknowledges that if a false claim is submitted to City, it may be considered fraud and Contractor may be subject to criminal prosecution. Contractor acknowledges that California Government Code sections 12650 et seq., the False Claims Act applies to this Agreement and, provides for civil penalties where a person knowingly submits a false claim to a public entity. These provisions include false claims made with deliberate ignorance of the false information or in reckless disregard of the truth or falsity of information. If City seeks to recover penalties pursuant to the False Claims Act, it is entitled to recover its litigation costs, including attorney's fees. Contractor acknowledges that the filing of a false claim may subject Contractor to an administrative debarment proceeding as the result of which Contractor may be prevented to act as a Contractor on any public work or improvement for a period of up to five (5) years. Contractor acknowledges debarment by another jurisdiction is grounds for City to terminate this Agreement. 24. JURISDICTION AND VENUE This Agreement will be governed by the laws of the State of California regardless of conflict-of-laws principles. Any action at law or in equity brought by either of the parties for the purpose of enforcing a right or rights provided for by this Agreement will be tried in a court of competent jurisdiction in the County of San Diego, State of California, and the parties waive all provisions of law providing for a change of venue in these proceedings to any other county. 25. SUCCESSORS AND ASSIGNS It is mutually understood and agreed that this Agreement will be binding upon City and Contractor and their respective successors. Neither this Agreement nor any part of it nor any monies due or to become due under it may be assigned by Contractor without the prior consent of City, which shall not be unreasonably withheld. 26. ENTIRE AGREEMENT This Agreement, together with any other written document referred to or contemplated by it, along with the purchase order for this Agreement and its provisions, embody the entire Agreement and understanding between the parties relating to the subject matter of it. In case of conflict, the terms of the Agreement supersede the purchase order. Neither this Agreement nor any of its provisions may be amended, modified, waived or discharged except in a writing signed by both parties. This Agreement may be executed in counterparts. City Attorney Approved Version 12/22/2023 Page 7 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 Senior DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 27. AUTHORITY The individuals executing this Agreement and the instruments referenced in it on behalf of Contractor each represent and warrant that they have the legal power, right and actual authority to bind Contractor to the terms and conditions of this Agreement. Executed by Contractor this_2_0_t_h ___ day of March CONTRACTOR QCM Technologies, Inc, an Arizona corporation (sign here) Tim Kinnerup (print name/title) (sign here) Tim Knight (print name/title) VP controller 2024. CITY OF CARLSBAD, a municipal corporation of the State of California By: . City Manager ATTEST: SHERRY FREISINGER, City Clerk By: j~ R_.. ~ ~ Deputy City Clerk I{:_ ! If required btCity, proper notarial acknowledgment of execution by contractor must be attached. ]li corporation, Agreement must be signed by one corporate officer from each of the following two groups. Group A Chairman, President, or Vice-President Group B Secretary, Assistant Secretary, CFO or Assistant Treasurer Otherwise, the corporation must attach a resolution certified by the secretary or assistant secretary under corporate seal empowering the officer(s) signing to bind the corporation. APPROVED AS TO FORM: CINDIE K. McMAHON, City Attorney BY:U~tli~ Assistant City Attorney City Attorney Approved Version 12/22/2023 Page 8 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 EXHIBIT A SCOPE OF SERVICES AND FEE Descripti on of Service(s) Contractor's Managed Security Service (MSS) provides real-time analytics and advanced correlation to identify suspicious or malicious activity in your enterprise. Our trained security analysts have eyes on glass 24x7x365 to evaluate real time security event notifications from across your networks, servers, email, endpoints, and cloud environments, eliminate false positives, and deliver high fidelity managed threat identification, providing visibility and context in the identification and handling of cyber threats. Scope The scope of this engagement is: • City-owned on-premises LogRhythm SIEM • Support for up to 750 MPS Engagement Approach The activities and deliverables for this service are logically grouped in the following categories: • Monitoring and Alerting • Operational Support • Platform Administration and Maintenance Monitoring and Alerting Contractor's security analysts will monitor City's environment for significant security events and will alert City regarding these events according to the processes and procedures established during our initial Project Kickoff and Implementation planning that was completed during initial onboarding. This renewal of services will not require on boarding, but will include review of services with City's team after execution of renewal contract. Activities • Contractor will do the following to deliver the Monitoring and Alerting portion of your managed security services: o Monitor SIEM activity 24x7x365. City Attorney Approved Version 12/22/2023 Page 9 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 o Investigate alerts and alarms to eliminate false positives and determine if an alert or alarm requires escalation. o Create and send a corresponding ticket to City regarding credible alerts and alarms. o Respond to City if City updates ticket. • Contractor will incorporate cyber threat intelligence from STIX/TAXll- compliant providers, along with commercial and open-source feeds into our proprietary SOAR platform to reduce false-positives, detect hidden threats, and prioritize the most concerning alarms ·and utilize a variety of threat exchanges to enrich and enhance services. • Contractor will regularly update detection rules to look for Indications of Compromise (IOCs) from emergent threats or those observed across our customer base. Deliverables • • • • Timely notification of alerts that require City's investigation to determine final disposition and potential need for remediation Daily Reports o Login Failure o Allowed Threat List Traffic Weekly Reports o Silent Log Source o Pending Log Source o Log Source by Host Monthly Reports o Log Volume Report Summary o Log Volume by Log Source Type Operational Support Activities Contractor goes tleyond basic threat detection and response to deliver customer-centric managed security services. In addition to Monitoring and Alerting, Contractor will provide the following as part of regular service operations: • Named Service Delivery Manager (SOM) will act as primary support contact. SOM will provide reporting and meet regularly with City throughout the duration of the term of Services to review services, ensure health of the platform, and discuss tactical, strategic, and technical needs. Required attendance from City includes project sponsor, project manager, engineering lead, and other key personnel as needed. • Upon reaching full operating capacity, Contractor's Customer Experience Team (CX) will schedule periodic check-ins with City to gauge City satisfaction of ongoing services by conducting client satisfaction surveys, monitoring feedback and corresponding with City's named SOM to track progress of client relationship. City Attorney Approved Version 12/22/2023 Page 10 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 • Contractor will provide periodic threat reports to the City as part of normal operations. These reports will cover recent threats, vulnerabilities, and security trends, and are delivered in two forms: o Threat Intelligence Reports (TIRs): Weekly in-depth reports based on a specific threat actor, attack campaign, TTP, etc. TIRs include Indicators of Compromise (IOCs) which are shared with the Cyber Fusion Center (CFC) to keep detection and threat hunting services up to date with the latest threat intelligence. o Flash Notices: Out-of-band email notices sent directly to customer contacts specified during the onboarding process to alert City to emergent threats which satisfy two or more of the following criteria: • Zero-day vulnerability ■ Active exploitation in the wild ■ No available patch • Contractor will support City requests for audit evidence for annual or semi - annual compliance audits. Deliverables • Weekly Threat Report • Flash Notices as needed • Cyber threat intelligence Platform Administration and Maintenance Maintaining City platform health is crucial for optimal performance. Contractor engineering will assist City in managing and maintaining the LogRhythm solution. Activities These tasks include: • Conducting monthly platform health checks to ensure that the platform is operating as expected. • Assisting City in maintaining the console entity structure in a manner that facilitates continued tuning and performance related exclusions as needed. • Onboarding new data sources that are supported by LogRhythm (examples include new firewalls, security technologies, and applications). • Assisting City with troubleshooting software and hardware issues when log sources are interrupted or fail to report log events. • Troubleshooting Log Rhythm in the event of system component problems and work with the vendor as needed. • Updating system configuration settings on solution components for general updates, maintenance, or performance tuning • Providing data source tuning and filtering. • Updating the LogRhythm software within City change management City Attorney Approved Version 12/22/2023 Page 11 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 guidelines. • Ongoing tuning of active rules to reduce false positives and improve threat detection. • Providing up to sixteen (16) hours per month of engineering support for custom rule creation for Log Rhythm supported log sources and custom reporting. Hours do not carry over from month to month. • Working with City to ensure ongoing connectivity as needed (e.g., firewall & VPN). • Performing LogRhythm System Health Maintenance including: o Keeping LogRhythm software up to date to the latest most stable release. o Confirming Knowledge Base has been downloaded and applied successfully, and that the Open Threat Exchange (OTX) feeds have the latest updates. o Monitor the Log Rhythm databases to maintain health of the overall system. • Installing API for integration with Contractor's CFC. • Assisting City with setting appropriate audit policies for remote log collection (WEC/WEF). • Providing City with support for evidence collection during a compliance audit (e.g., for the PCI DSS). Deliverables • Up-to-date optimally performing LogRhythm platform Assumptions and Declarations City agrees to perform the obligations and acknowledges and agrees that Contractor's ability to perform its obligations and its responsibilities depend on City's compliance with the following: • Unless otherwise agreed, only LogRhythm supported log sources will be collected for processing and correlation. Custom log parsing is available through additional engineering hours at an additional cost. • Requests for searches that include logs that have been archived (compressed, encrypted, and moved to cold storage) may require several days or weeks to decrypt, decompress, and re-index into the searchable database depending on the amount of data to be restored to the hot storage searchable database. The more specific the request, the faster the data can be restored. • Contractor monitored security services of City's network does not guarantee that intrusions, compromises, or any other unauthorized activity will not occur · on a City network. • Contractor will not undertake any management of any of the devices subject to this service for intrusions, compromises, or any other unauthorized activity. City is solely responsible for acting upon the events and alerts presented to City Attorney Approved Version 12/22/2023 Page 12 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 City for the devices subject to this service. Contractor shall not have any liability or responsibility in connection with or arising out of City's actions, failure to act or delay in acting on such events and/or alerts as and when presented. • Contractor uses third -party vendors' products to deliver its services, (Log Rhythm TM, Sophos TM, etc.). Contractor and City shall comply with the vendor specifications of their product and any modifications to those specifications during the term of this service. • City currently hosts open collectors and will continue to do so. Out-Of-Scope Declaration • Out-of-scope issues will be reviewed throughout the term of Services. If necessary, an amendment to the Services will be executed as mutually agreed on to address pertinent out-of-scope changes. Any corresponding changes to the Services, scoping assumptions, pricing, and other essential elements will be included in the amendment. Changes or additions that may affect the scope of Services include but are not limited to: o A material change in the number or amount of logs to be collected. o The number of locations from which logs are to be collected (e.g., additional data centers, office locations, or cloud environments). o Revised (expedited or delayed) implementation timeline. • Unless specifically identified as a contracted service, this service does not include digital forensics or incident response (DFIR) services in response to an identified threat. Contractor offers superior DFIR services, which City may elect to utilize. Such services are outside the scope of this agreement. • In the event that Contractor needs to deliver additional professional services to City, which is beyond the scope noted herein, City may procure that engagement at Contractor's then current rate. Contractor's account executive can assist and provide City with pricing for the proposed solution. When possible, Contractor will provide a recommended block of hours to purchase for budgetary estimate purposes. City will be invoiced for the actual hours used during the engagement. Prior to the start of the engagement, both organizations will confirm acceptance of the arrangements via a written amendment. City Responsibilities • Prior to the core implementation phase launch, City will complete the following tasks and convey details to Contractor in writing: o Ensure supporting infrastructure is prepared for implementation. o Power on server(s) and perform initial operating system configuration when prompted. o Assign static IP address(es). o Assign a host name. o Ensure RDP/SSH access. o Ensure access and permission to install on Windows/Linux host(s). City Attorney Approved Version 12/22/2023 Page 13 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8A0B-4E92-98DE-FED5C37EB342 o Provide log source documents, prerequisites and collection methods for any additional required log sources . . o Configure antivirus exclusions. o Open relevant firewall ports. o Create/provide service accounts required for solution. o Ensure any required change control approvals are in place. In addition, City is responsible for the following: • • • • • • Making changes in its own environment to allow every Contractor managed device the continuous connectivity required for the complete operation and management of the device. These include, for example, incoming and outgoing firewall permissions, VPN connectivity, and physical connections to the network. A complete listing, based on purchased service(s), will be provided during the initial kick-off process and can also be provided in advance upon request. Maintaining appropriate levels of hardware support, maintenance and connectivity to prevent network performance degradation and maintain communications between the City's contracted devices and Contractor's managed security service. Making any configuration changes to their own environment required for Contractor to receive log data including: o Deploying agents in their network or cloud environment including any virtual environments supporting log collection. o Implementing any tools required to convert proprietary log formats into syslog or other standard output Supplying Contractor with a maintenance window for updating the Log Rhythm software. City will provide dates and times to Contractor no less than one (1) week prior to the change window. Providing a designated point of contact (POC) to facilitate access to information required for Contractor to perform the services noted. It is preferred that the POC have system and network administration skills. Notifying Contractor within three (3) business days when employees with logins to Contractor systems are no longer employed with the City or are no longer authorized to have access to Contractor systems. Contractor Responsibilities Contractor is responsible for the following: • Keeping the LogRhythm system current on the most recent, stable version of the LogRhythm software. • Monitoring the LogRhythm environment's health and tuning the environment for efficient processing of logs and providing effective correlation. • Performing timely analysis of alerts and alarms, eliminating false positives when possible, and providing timely notification to the City. • Keeping up to date on improvements in the LogRhythm software. City Attorney Approved Version 12/22/2023 Page 14 DocuSign Envelope ID: 37F13C70-A55E-4CB7-B709-7410B7E97E33 DocuSign Envelope ID: 62937366-8AOB-4E92-98DE-FED5C37EB342 Fees Code MSS- • Keeping LogRhythm rules and alerts current to enable effective threat detection. • Maintaining networks and systems under Contractor's control to enable connectivity to the LogRhythm system and enable timely notification of alerts and alarms. • Notifying City within three (3) business days when employees with logins to City systems are no longer employed or are no longer authorized to have access to City systems. Name Billing Monthly Fee # of Total Price Frequency Months Managed Security Monthly $6,122.19 24 $146,932.56 LR-On-Services for Prem LogRhythm On- Premise Invoicing The first month's charge for these services shall be thirty (30) calendar days following execution of the Agreement. Invoicing shall occur monthly at the beginning of the month. Pricing The pricing for the Agreement was quoted using the following GSA Contract: Subscription Services GSA Contract# 47QTCA21 D00BD SIN# 54151 SIT Service Management Consultant City Attorney Approved Version 12/22/2023 Page 15 INSR ADDLSUBRLTRINSR WVD DATE (MM/DD/YYYY) PRODUCER CONTACTNAME: FAXPHONE(A/C, No):(A/C, No, Ext): E-MAILADDRESS: INSURER A : INSURED INSURER B : INSURER C : INSURER D : INSURER E : INSURER F : POLICY NUMBER POLICY EFF POLICY EXPTYPE OF INSURANCE LIMITS(MM/DD/YYYY) (MM/DD/YYYY) COMMERCIAL GENERAL LIABILITY AUTOMOBILE LIABILITY UMBRELLA LIAB EXCESS LIAB WORKERS COMPENSATION AND EMPLOYERS' LIABILITY DESCRIPTION OF OPERATIONS / LOCATIONS / VEHICLES (ACORD 101, Additional Remarks Schedule, may be attached if more space is required) AUTHORIZED REPRESENTATIVE INSURER(S) AFFORDING COVERAGE NAIC # Y / N N / A (Mandatory in NH) ANY PROPRIETOR/PARTNER/EXECUTIVEOFFICER/MEMBER EXCLUDED? EACH OCCURRENCE $ DAMAGE TO RENTED $PREMISES (Ea occurrence)CLAIMS-MADE OCCUR MED EXP (Any one person) $ PERSONAL & ADV INJURY $ GENERAL AGGREGATE $ GEN'L AGGREGATE LIMIT APPLIES PER: PRODUCTS - COMP/OP AGG $ $ PRO- OTHER: LOCJECT COMBINED SINGLE LIMIT $(Ea accident) BODILY INJURY (Per person) $ANY AUTO OWNED SCHEDULED BODILY INJURY (Per accident) $AUTOS ONLY AUTOS AUTOS ONLYHIRED PROPERTY DAMAGE $AUTOS ONLY (Per accident) $ OCCUR EACH OCCURRENCE $ CLAIMS-MADE AGGREGATE $ DED RETENTION $$ PER OTH-STATUTE ER E.L. EACH ACCIDENT $ E.L. DISEASE - EA EMPLOYEE $If yes, describe under E.L. DISEASE - POLICY LIMIT $DESCRIPTION OF OPERATIONS below POLICY NON-OWNED SHOULD ANY OF THE ABOVE DESCRIBED POLICIES BE CANCELLED BEFORE THE EXPIRATION DATE THEREOF, NOTICE WILL BE DELIVERED IN ACCORDANCE WITH THE POLICY PROVISIONS. THIS IS TO CERTIFY THAT THE POLICIES OF INSURANCE LISTED BELOW HAVE BEEN ISSUED TO THE INSURED NAMED ABOVE FOR THE POLICY PERIOD INDICATED. NOTWITHSTANDING ANY REQUIREMENT, TERM OR CONDITION OF ANY CONTRACT OR OTHER DOCUMENT WITH RESPECT TO WHICH THIS CERTIFICATE MAY BE ISSUED OR MAY PERTAIN, THE INSURANCE AFFORDED BY THE POLICIES DESCRIBED HEREIN IS SUBJECT TO ALL THE TERMS, EXCLUSIONS AND CONDITIONS OF SUCH POLICIES. LIMITS SHOWN MAY HAVE BEEN REDUCED BY PAID CLAIMS. THIS CERTIFICATE IS ISSUED AS A MATTER OF INFORMATION ONLY AND CONFERS NO RIGHTS UPON THE CERTIFICATE HOLDER. THIS CERTIFICATE DOES NOT AFFIRMATIVELY OR NEGATIVELY AMEND, EXTEND OR ALTER THE COVERAGE AFFORDED BY THE POLICIES BELOW. THIS CERTIFICATE OF INSURANCE DOES NOT CONSTITUTE A CONTRACT BETWEEN THE ISSUING INSURER(S), AUTHORIZED REPRESENTATIVE OR PRODUCER, AND THE CERTIFICATE HOLDER. IMPORTANT: If the certificate holder is an ADDITIONAL INSURED, the policy(ies) must have ADDITIONAL INSURED provisions or be endorsed. If SUBROGATION IS WAIVED, subject to the terms and conditions of the policy, certain policies may require an endorsement. A statement on this certificate does not confer any rights to the certificate holder in lieu of such endorsement(s). COVERAGES CERTIFICATE NUMBER:REVISION NUMBER: CERTIFICATE HOLDER CANCELLATION © 1988-2015 ACORD CORPORATION. All rights reserved. The ACORD name and logo are registered marks of ACORDACORD 25 (2016/03) ACORDTM CERTIFICATE OF LIABILITY INSURANCE Hartford Fire Insurance Company Hartford Casualty Insurance Company Technology Insurance Company, Inc. Endurance American Specialty Ins Co Trumbull Insurance Company 1/12/2024 USI Southwest 9811 Katy Freeway, Suite 500 Houston, TX 77024 855 874-1450 Sarah L. Armenta 602-749-4122 sarah.armenta@usi.com QCM Technologies, Inc. 9060 E Via Linda Suite 220 Scottsdale, AZ 85258 19682 29424 42376 41718 27120 A X X X X X 59UUNAY6W9P 01/01/2024 01/01/2025 1,000,000 1,000,000 10,000 1,000,000 2,000,000 2,000,000 E X X X X 59UENBB9742 01/01/2024 01/01/2025 1,000,000 B X X X 10,000 59XHUBA1L05 01/01/2024 01/01/2025 5,000,000 5,000,000 C N TWC4354048 01/01/2024 01/01/2025 X 1,000,000 1,000,000 1,000,000 D Technology Serv. Liability/Privacy &Network Security PRO30051431300 01/01/2024 01/01/2025 $5,000,000 Each / Agg $50,000 Retention Retro Date: 12/01/2001 The General Liability and Automobile Liability Policies include an automatic Additional Insured endorsement that provides Additional Insured status to the Certificate Holder only when there is a written contract that requires such status, and only with regard to work performed by or on behalf of the named insured. The General Liability and Automobile Liability Policies contain a special endorsement with "Primary and Noncontributory" wording, when required by written contract. The General Liability and Automobile Liability (See Attached Descriptions) City of Carlsbad 1635 Faraday Avenue Carlsbad, CA 92008 1 of 2#S43332703/M43235452 QCMTECHNClient#: 909467 BLKZP1 of 2#S43332703/M43235452 SAGITTA 25.3 (2016/03) DESCRIPTIONS (Continued from Page 1) Policies provide a Blanket Waiver of Subrogation when required by written contract. The General Liability includes an endorsement providing that 30 days notice of cancellation will be given to the Certificate Holder by the Insurance Carrier. Umbrella Liability follows over the General Liability, Automobile Liability and Worker's Compensation Policies. Additional Insured Includes: City of Carlsbad 2 of 2 #S43332703/M43235452