CYBERSECURITY ADDENDUM
Effective as of April 11, 2024 (Version Number: 45393)
All terms not defined herein shall have the meaning ascribed to them in the DAS Standard Incorporated Terms and Conditions.
Cybersecurity Bundled Packages: All services within the applicable Cybersecurity Bundled Package will be offered to Client upon purchasing, Client retains the right to decline or delay implementation of any specific service due to business needs, however, payment will not be adjusted or prorated to accommodate any of those delays or declination to implement a particular included service, and Client accepts all risk for any such delay or declination. Cybersecurity is NOT included with any other service unless one of the following services is specifically purchased on a COF, in which case DAS will use reasonable commercial efforts to provide the purchased service.
- Managed Security Essentials incudes:
- Enterprise Grade Endpoint Detection and Response (EDR)
- Extended Detection and Response (XDR)
- Anti-Ransomware, Deep Learning Technology, Exploit Prevention, Managed Threat Response, and Active Adversary Mitigations
- Discounted Standard Cybersecurity Hourly Support such as: assistance with completing Cybersecurity Insurance, NIST or PCI Compliance Questionnaires
- Managed Security Advanced incudes:
- Managed Security Essentials plus
- Annual Advanced Technical Security Audit
- HIPAA Security Risk Analysis (Healthcare Clients Only)
- Security Awareness Training (Annual and Micro)
- Email Phishing Campaigns
- Dark Web Scanning
- Standard Cybersecurity Support which includes assistance with completing Cybersecurity Insurance, NIST or PCI Compliance Questionnaires (up to 2 hours per month, per practice) Advanced notice must be provided and work to be completed within 2 weeks of the original request.
- Managed Security Complete includes:
- Managed Security Advanced plus
- Virtual CISO Services which includes priority assistance with Board Meetings, Tabletop Exercises, Policy and Procedure Review (up to 1 hour per month, per practice). Advanced notice must be provided and work to be completed within 2 weeks of the original request.
- MFA App (Tokens must be purchased separately)
- On-going Vulnerability and Compliance Management with Annual Penetration Test
- Protective DNS
- SOC Services
- Pricing for Cybersecurity “Managed Security Essentials” purchased prior to April 10th, 2024, is charged on a per Device basis and will be retroactively increased based on actual managed Devices included for any portion of a calendar month. Retroactive adjustments will not exceed three (3) months.
- Pricing for Cybersecurity “Managed Security Advance”, “Managed Security Complete”, and pricing for “Managed Security Essentials” purchased on or after April 10th, 2024, is charged on a per User basis and will be retroactively increased based on actual managed Users included for any portion of a calendar month. Retroactive adjustments will not exceed three (3) months.
Unless otherwise specifically contracted, the Cybersecurity Bundled Package does not cover the Client website.