Approve the annual renewal of Mimecast email security services for the City of Billings at the Critical Protection service level for a one-year term at a cost not to exceed $108,133.

The City of Billings Information Technology Department requests approval to renew its Mimecast email security services at the Critical Protection service level. Email remains the City’s primary communication platform and is the most common entry point for cybersecurity threats, particularly phishing, impersonation, and business email compromise. After evaluating available renewal options, IT staff determined that the Critical Protection tier provides the most effective mitigation of these risks while maintaining fiscal responsibility. This renewal continues the City’s use of a proven and effective email security platform while enhancing protections against human-targeted attacks.

The City of Billings has used Mimecast for several years as its enterprise email security platform. Mimecast provides a secure email gateway and related services that filter spam, block malicious attachments and links, protect against impersonation and fraud attempts, and prevent users from accessing dangerous websites. These capabilities are critical to protecting City systems, data, employees, elected officials, and residents.

Last year, the City spent $92,528 on Mimecast services. As part of the current renewal cycle, IT staff reviewed multiple service-level options provided through SHI, ranging from maintaining the current configuration to higher-tier protection levels. Cybersecurity threats have increasingly shifted toward social engineering and impersonation attacks that exploit human trust rather than technical vulnerabilities. The Critical Protection tier directly addresses this risk by strengthening defenses against business email compromise, executive impersonation, and fraudulent payment requests.

The quoted cost for the Mimecast Critical Protection renewal is $108,133.31 for a one-year term. The City expects the final cost to be lower than this amount due to the planned removal of certain optional components that are no longer needed. The request before Council is for approval not to exceed $108,133, with the final contract amount to be executed at a reduced cost once adjustments are finalized.

The increase over the prior year reflects enhanced protection against business email compromise and impersonation attacks, which are not included in the City’s current service level. Funding for this expense is included in the Information Technology Department’s approved budget.

1. Approve the renewal as recommended

2. Do not approve the renewal