Purpose and Objectives
The purpose of this engagement is to provide the New York Board of Elections with Vendor's Pro Offering, a comprehensive Managed Security Service designed to deliver advanced monitoring, detection, response, and risk management across the environment. The objective is to:
- Ensure 24x7x365 montioring of entire environment.
- Detect and respond to cyber threats in near real-time.
- Provide measurable improvements in cyber resilience through AI-driven SOC automation, vulnerability management, and cloud security coverage.
- Deliver reporting and governance aligned with NYBOE standards.
Scope of Services
Vendor's offering inlcudes the following services:
- Sapphire AI Insights - Sapphire AI is the intelligent core of Vendor's platform and next-generation AI, delivering autonomous investigation, decision-making, and response with over 98% accuracy.
- Sapphire AI gathers, analyzes, and correlates security data across all digital assets. Using advanced machine learning, it detects anomalies, prioritizes alerts, and applies context-driven intelligence to minimize false positives and mitigate risk in real time.
- Upon detecting a threat, Sapphire AI automatically triggers response playbooks.
- Sapphire AI delivers autonomous threat response, backed by Vendor's 24/7 security team for expert guidance whenever needed ensuring continuous protection with a human touch.
- Sapphire AI SOC Analyst - Providing assistance with customer interactions and handling Tier 1 and 2 support.
- Sapphire AI SOC Assistant delivers a personalized customer experience, responding promptly to queries with natural language understanding and contextual awareness to provide accurate, relevant solutions.
- By analyzing user interactions, common issues, and FAQs, our team built an extensive knowledge base, ensuring that Sapphire AI delivers superior virtual assistance for seamless security support.
- Vulnerability Scanning - Continuous vulnerability management, real-time protection, and rapid remediation.
- Vendor, in partnership with Nodeware, offers integrated vulnerability scanning to proactively identify all network assets and detect existing vulnerabilities, including IoT devices, with real-time monitoring and intuitive dashboards displaying critical issues.
- Vendor's continuous scanning technology with low network utilization runs autonomously and silently behind-the-scenes, providing full internal and external coverage to detect vulnerabilities in real-time.
- SIEM - AI-powered SIEM optimizes threat detection, investigation, and response.
- Data Log Management
- Real-Time Event Correlation
- Threat Intel Integration
- User Activity Monitoring
- Alerting & Notification
- Normalization
- Cerulean XDR - Secures endpoints, networks, apps, and cloud with AI and top-tier threat intelligence.
- Extended Detection & Response (XDR)
- Endpoint Detection & Response (EDR)
- Next-Gen Antivirus (NGAV)
- Cyber Risk & Posture Scoring - Identify gaps, monitor risks, and reduce cyber threats by 75%.
- Internal Risk Scoring with Best Practices
- External Risk Scoring Security Scorecard
Due date:10/01/2025
Contract term: Upon approval and will be in effect for one year
County(ies): All NYS counties
Background
The New York Board of Elections is seeking to engage a vendor to provide a comprehensive Managed Security Service through Vendor’s Pro Offering. The goal of this contract is to enhance the agency's cybersecurity posture by ensuring continuous monitoring, detection, and response to cyber threats, thereby improving overall cyber resilience.
Work Details
The services to be provided under this contract include:
1. **Sapphire AI Insights**: An AI-driven platform for autonomous investigation and threat response with over 98% accuracy. It gathers and analyzes security data across digital assets, detects anomalies, prioritizes alerts, and triggers response playbooks upon threat detection.
2. **Sapphire AI SOC Analyst**: Provides Tier 1 and Tier 2 support with personalized customer interactions using natural language understanding.
3. **Vulnerability Scanning**: Continuous management and real-time protection against vulnerabilities in network assets, including IoT devices, through integrated scanning technology.
4. **SIEM (Security Information and Event Management)**: AI-powered capabilities for data log management, real-time event correlation, threat intelligence integration, user activity monitoring, alerting, and normalization.
5. **Cerulean XDR**: A solution that secures endpoints, networks, applications, and cloud environments with advanced threat intelligence.
6. **Cyber Risk & Posture Scoring**: Identifies gaps in security posture and monitors risks to reduce cyber threats by up to 75%. This includes internal risk scoring based on best practices and external risk scoring via Security Scorecard.
Period of Performance
The contract will be effective for one year upon approval.
Place of Performance
Services will be performed across all counties in New York State.
Bidder Requirements
Bidders must comply with ethical standards as per Sections 73 and 74 of the Public Officers Law of New York State.
