To: Board of Supervisors
From: County Administrative Office
Agenda Section: Consent
SUBJECT:
title
Request to Purchase Tenable Nessus Software for Fiscal Year 2022-2023
end
RECOMMENDATION(S):
Recommendation
That the Board of Supervisors:
1. Approve, and authorize the Humboldt County Purchasing Agent, or a designee thereof, to execute, the attached quote regarding the purchase of Tenable Nessus software; and
2. Authorize the Humboldt County Purchasing Agent, or a designee thereof, to execute future Tenable Nessus software licensing renewals.
Body
SOURCE OF FUNDING:
Information Technology (3550-118)
DISCUSSION:
On September 17, 2019, the Humboldt County Board of Supervisors (Board) approved an annual software licensing, hosting and maintenance for Tenable Nessus Vulnerability Management Software for the Clerk-Recorder, Registrar of Voters office. The Clerk-Recorder, Registrar of Voters collaborated with Information Technology to identify cyber security software to be utilized by Elections. As the County of Humboldt’s cybersecurity posture continues to develop and mature, the Tenable coverage footprint increased to cover all departments.
The Tenable Nessus Vulnerability Management Software increases cyber security protections and reduces vulnerabilities for all departments as required by Section 2.7 of the Humboldt County Information Security Charter. The Multi-State Information Sharing and Analysis Center (MS-ISAC) suggested the purchase of web application scanning software to identify vulnerabilities on the County of Humboldt’s external-facing websites. On June 14, 2022, the County of Humboldt purchased an additional Tenable product, Tenable.io Web Application Scanning Software.
Currently before the Board is a new purchase that includes the Web Application Scanning Software for 1 year, 2-day training for the Department of Health and Human Services, Department of Child Support Services and Information Technology staff, a block of 500 additional asset licenses, and the renewal cost for the period October 2022 through October 2023 in the amount of $89,946.80. This item comes to your Board after the start date due to determinations on licensing and vender service support needs.
FINANCIAL IMPACT:
The total purchase amount of the Tenable Nessus Vulnerability software is $89,946.80. Funding for this software has been included in the approved fiscal year 2022-2023 budget for Information Technology budget unit 3550118.
STRATEGIC FRAMEWORK:
The recommended actions support the Board of Supervisors’ Strategic Framework by providing for and maintaining infrastructure.
OTHER AGENCY INVOLVEMENT:
None
ALTERNATIVES TO STAFF RECOMMENDATIONS:
The Board may choose not to approve the purchase of Tenable Nessus software. However, this alternative is not recommended as it would increase the risk for compromise and reduce the County of Humboldt’s cyber security protections and reduce the capability to identify vulnerabilities for all departments.
ATTACHMENTS:
1. Quote NBDQ816
PREVIOUS ACTION/REFERRAL:
Board Order No.: C-10, C-06
Meeting of: 9/17/2019, 2/23/2021
File No.: 19-1345, 20-1573