IT Service Catalog FY 23-24

INFORMATION TECHNOLOGY ADMINISTRATIVE SERVICES

IT Cyber Security IT Cyber Security develops and implements information security controls to protect the confidentiality, integrity, and availability of City of Greensboro systems and information and ensures compliance with data privacy laws and industry regulations. In addition, IT Cyber Security develops and implements frameworks for categorizing data collected, stored, and managed by the City of Greensboro, and securing this data from risks including unauthorized access, modification, disclosure and use.

INCLUDES: • Risk assessments • Cyber security awareness training • Vulnerability management • Forensics analysis • Cyber security incident management • Security monitoring and analysis • Audits and compliance • Intrusion detection and prevention • Dark web monitoring • Third party vendor assessments

How do we charge? Included in monthly Network charge (Appendix A) Major cost drivers • Vulnerabilities • Cyber Security Threats • Cyber Security Risks • Business Need or Organizational Requirements • Malware • Ransomware • HIPPA Compliance • PCI Compliance • ISO 27001 Compliance What should you expect? Service availability: 8 am - 5 pm, Monday - Friday

SERVICE DESK LINES Main Support Line

336-373-2322 Public Safety IT 336-373-3375 GM-911 Support 336-373-4350

RESPONSE TIME Priority Time Critical 2 Hours High Same Day Medium 2 Days Low 3 Days

Tasha Swann Holsey Cyber Security & Compliance Manager 336-335-5686

FACT:

The City achieved ISO/IEC 27001 re certification. ISO/ IEC 27001 is a globally recognized standard for the establishment and certification of cyber security management program to protect systems and confidential information against threats and cyber attacks.

How can you help?

1. Never click on links or open attachments in emails from people you do not recognize. Be very suspicious of links inside Word or PDF attachments. Hackers put malicious links inside documents in an effort to bypass some of our security controls. 2. Never provide your City credentials (username and password) to access documents through links in emails. 3. Always hover over links in emails to see if the link points to the company that sent the email – “love to hover”. 4. Check to make sure the link is not malicious – Use www.virustotal.com to verify links in emails. 5. If you click on a link in a phishing email or provide your credentials by mistake, contact the Cyber Security Team immediately so that we can take action to limit the impact to your account and the City’s network.

5 IT SERVICE CATALOG • FY 2024