Agenda Item Wording:
title
Cybersecurity Software and Services Renewal - Authorize the City Manager to enter into a (3) year service and software license agreement with ePlus Technology, Inc., a Carahsoft Technology Corporation reseller, to purchase CrowdStrike next-generation antivirus and cyber security protection services under the terms of Carahsoft's existing Agreement with the State of Utah via California Participating Addendum for an amount not to exceed $360,000.
body
Prepared by: Jaime Salazar, IS Supervisor, 559-713-4121, jaime.salazar@visalia.gov;
John Howison, IS Manager, 559-713-4122, john.howison@visalia.gov;
Renee Nagel, Finance & Technology Director, 559-713-4375, renee.nagel@visalia.city
Department Recommendation: It is recommended that the Visalia City Council authorize the City Manager to enter into a (3) year service and software license agreement with ePlus Technology, Inc., a Carahsoft Technology Corporation reseller, to purchase CrowdStrike next-generation antivirus and cyber security protection services under the terms of Carahsoft's existing Agreement No. AR2472, with the State of Utah via California Participating Addendum No. 7-17-70-40-05, for an amount not to exceed $360,000.
Summary:
Cybersecurity software and services provide a critical line of defense for protecting the City's data, systems, and infrastructure from malicious threats like malware, ransomware, and phishing. CrowdStrike, a leading endpoint protection platform, offers advanced capabilities that go beyond traditional antivirus solutions, detecting emerging threats, providing mitigation and remediation services, and constant monitoring. The City has been using CrowdStrike for (3) years and staff are requesting renewing the subscription for another (3) years.
Background Discussion:
Information Services (IS) maintains a threat detection and response system designed to catch and prevent malicious viruses, malware, phishing, and credential theft.
In 2022, Staff evaluated the gap in services provided by the current solution and methodology and developed a list of technical and operational requirements and goals. Primary goals defined include developing better ways to protect data, proactively identify and prevent ransomware infection, provide protection to an increasingly mobile workforce, quick recovery from an infection, and 24x7 monitoring. Staff performed research across the industry seeking solutions to meet these goals. The team utilized analysis from other California cities, school districts, and special districts, along with reviewing technical documentation, participating in product demonstrations, and interviewing technical staff from other agencies to formulate a plan for meeting these goals.
After evaluating several alternatives and collaborating with staff from other agencies, a combined approach of next-gen antivirus, active monitoring and mitigation, and identity monitoring and protection was identified.
CrowdStrike was identified as the best fit and best value for the City. The CrowdStrike solution is offered on an existing competitively bid state contract that allows local agencies to piggyback these contracts. CrowdStrike defends against breaches by combining next-generation antivirus with endpoint detection and response, and managed threat hunting and mitigation. These technologies are managed by the Falcon Complete Team (the Team is included and part of the CrowdStrike operation) which also provide threat response on a 24x7 basis, responding to threats instantly. Additionally, Falcon Spotlight will highlight areas of exposure that helps staff eliminate potential system vulnerabilities early.
CrowdStrike has successfully met the outlined objectives and significantly enhanced the City’s cybersecurity posture. The platform is currently deployed on over (800) City devices and actively monitors and protects nearly (1,000) employee and service accounts.
City staff are well-acquainted with CrowdStrike and have expressed satisfaction with its performance, reliability, and feature set. Based on its proven effectiveness, staff recommend renewing the subscription for an additional (3) year term.
Fiscal Impact:Funds for this purchase have been budgeted in the Information Services division operating budget. 5141-55520. This is a (3) year agreement to be paid annually.
Prior Council Action: 07/18/2022, Council approved the original (3) year CrowdStrike agreement with ePlus Technology, Inc.
Alternatives: Council can choose to deny the recommendation and direct staff to evaluate other options to continue to protect the City’s IT infrastructure with alternative technologies.
Recommended Motion (and Alternative Motions if expected):
recommendation
I move to authorize the City Manager to enter into a (3) year service and software license agreement with ePlus Technology, Inc., a Carahsoft Technology Corporation reseller, to purchase CrowdStrike next-generation antivirus and cyber security protection services under the terms of Carahsoft's existing Agreement No. AR2472, with the State of Utah via California Participating Addendum No. 7-17-70-40-05, for an amount not to exceed $360,000.
Deadline for Action: 7/14/2025
Attachments:
CrowdStrike Quote.pdf
Naspo Agreement.pdf
NASPO_CA_Resellers_2025.pdf