Department of Veterans Affairs Office of Information & Technology Office of Enterprise Cyber Security Cyber Security Policy Compliance Analytics Support (CSPCAS)
CSPCAS RFI
2
Cyber Security Policy Compliance Analytics Support (CSPCAS)
Request for Information
March 21, 2017
Introduction
This is a Request for Information (RFI) only. Do not submit a Proposal. This notice is not to be construed as a commitment on the part of the Government to award a contract, nor does the Government intend to pay for any information submitted as a result of this request. The Government does not reimburse respondents for any costs associated with submission of the information being requested or, reimburse expenses incurred for responses to this RFI. The information provided may be used by the VA in developing its acquisition strategy and Performance Work Statement (PWS). Interested parties are responsible for adequately marking proprietary, restricted or competition sensitive information contained in their response. This is a request for information and does not obligate the Government in any way, nor does it commit the Government to any specific course of action.
Please provide responses to the questions below and any additional comments or information to clearly identify the capabilities of your suggested solution. Partial responses are not acceptable. The Government is seeking as much information as possible and a complete response to this RFI during this market research activity.
Questions
Please submit the below requested information by 12PM EST on March 30, 2017 via email to Mark Mezger, Contract Specialist, at mark.mezger@va.gov and Juan Quinones, Contracting Officer, at juan.quinones@va.gov. VA reserves the right to not respond to any, all, or select responses or materials submitted. All VA current requirements identified herein are subject to change at any time. If you experience any problems or have any questions concerning this announcement, please contact Mark Mezger at mark.mezger@va.gov or 732-440-9639.
General Company Information
Include the following identification information
Company Name
CAGE/DUNS Number under which the company is registered in SAM/VetBiz.gov
Company Address
Point of contact name
Telephone number
Email address
Are you a Service-Disabled Veteran-Owned Small Business (SDVOSB) or Veteran Owned Small business (VOSB)? Confirm your company will not pay more than 50 percent of the amount paid by the Government to you to firms that are not similarly situated. Any work that a similarly situated subcontractor further subcontracts will count towards the 50 percent subcontract amount that cannot be exceeded. Are you able to comply with VAAR 52.219-10/11 in completion of this effort?
Are you a small or large business under NAICS 541512 ($27.5M)? If you believe there is a more appropriate NAICS code, please provide that to the Government with your rationale.
If a small business, what type of small business are you? Are you able to comply with FAR 52.219-6 and FAR 52.219-14 in completion of this effort?
Has the draft PWS provided sufficient detail to describe the technical and functional requirements that encompass the requirement?
______ YES _______ NO
If NO , please provide your technical and functional comments/recommendations/questions on elements of the draft PWS that may contribute to a more accurate proposal submission and efficient, cost effective effort.
Capability Statement
Submit a capability statement of your company s ability and understanding of providing the requirement in the attached PWS. In addition, the capability statement must address the questions below.
For each of the questions 1 through 9 and questions 12 through 23, if the answer is yes, please also provide a description and specific narrative describing the time your organization has demonstrated this capability, place of performance, name of the company and contact information of the program manager for the company.
For questions 10 and 11, please provide a brief summary description and specific narrative describing each of the currently employed and credentialed staff capabilities available today in your company with the requisite expertise described in the question including their labor category, years of experience performing those duties, and the number of staff who have that capability.
Each narrative shall be no more than one page, with the exception of questions 10 and 11 which cannot exceed 2 pages in total.
1. Do you have a currently running, high-performance computing environment performing data discovery over computer network data in excess of 100s of billions of records as a managed service?
2. Can you provide 1000 processors, 8 terabytes of RAM and 150 TB of disk space on a high-performance computing based data-discovery platform on award of the contract?
3. Do you currently have high-performance network sensors (10 Gb/s+) performing full metadata generation for netflow or netflow-like activity, HTTP, DNS, SMTP and SSL?
4. Are you currently managing a high-performance computing environment performing data discovery over computer network data as a managed service?
5. Can you provide sufficient network sensors to collect traffic from all clients Trusted Internet Connections on award of contract?
6. Do you currently have demonstrated experience writing real-time streaming network parsing and behavioral analytics at 10Gb/s+?
7. Do you currently have a library of behavioral analytics identifying network-based infection, network beaconing, lateral-movement, internal infection, and data exfiltration proven on networks in excess of 500,000 hosts?
8. Do you currently have a catalogue that maps compliance to the VA-6500 handbook standards through passive network observation?
9. Do you currently have a catalogue of behavioral analytics that com bine internal and external networks traffic data sources with internal VA network knowledge to prioritize identified alerts based on risk to the client s reputation, sensitive personnel data, network infrastructure, and medical devices?
10. Do you currently have a team of data scientists with demonstrated experience developing behavioral analytics on computer network data in excess of 100s of billions of records and 500,000 hosts?
11. Do you currently have a team of data scientists with demonstrated experience developing machine learning (naC/ve-bayes, unsupervised clustering, vector-cosine similarity, supervised clustering), graph (subgraph isomorphism, Jacquard scoring, bipartite graph, and community of interest identification), and statistical (mann-whitney U, Kolmogorov-Smirnov, threshold-random walk) based behavioral analytics workflows on computer network data in excess of 100s billions of records and 500,000 hosts?
12. Do you currently have a data analysis environment with tabular and link chart display capabilities that interacts with a high-performance computing-based data discovery environment?
13. Do you currently have a data analysis environment that elicits and captures analyst feedback and stores it in a high-performance computing-based data discovery environment?
14. Has your organization developed a framework (e.g., NIST Risk Management Framework) for an organization of similar size and complexity to that of the VA (or at the VA)?
15. Has your organization provided project management support for a multi-year cybersecurity strategy that encompasses more than 3,000 line items in an integrated master schedule that is comprised of over 50 discrete cybersecurity projects for an organization of similar size and complexity of the VA (or at the VA)?
16. Has your organization coordinated across geographically dispersed individuals supporting a cybersecurity strategy?
17. Has your organization built and executed against a robust outreach strategy (i.e., encompasses multiple initiatives in support of the organization s cybersecurity strategy) that has fundamentally changed the cybersecurity culture of an organization of similar size and complexity to that of the VA (or at the VA)?
18. Has your organization directly supported government-wide cybersecurity compliance and reporting requirements on a recurring basis?
19. Has your organization assisted a client of similar size and complexity to that of the VA (or at the VA) in maintaining, updating and aligning cybersecurity documentation, updating based upon government-wide guidance such as OMB 16-04 and the NIST Cyber Security Framework)?
20. Has your organization provided project management support for an organization of similar size and complexity of VA (or at the VA) wherein the Office of Inspector General (OIG) has provided year over year recurring recommendations in information security?
21. Has your organization created executive-level reporting (i.e., dashboards) that provide information on an organization s cybersecurity posture that is of similar size and complexity of the VA (or at the VA)?
22. Has your organization developed a reporting process, mechanism, and infrastructure to provide executive level and granular views for an organization of similar size and complexity to that of the VA (or at the VA) on a recurring basis?
23. Has your organization utilized a network analysis framework that enables site-specific monitoring policies, operates efficiently across high-performance networks, is not restricted to any particular detection approach, is signature agnostic, provides a high level archive capability, comes loaded with protocol analyzers, and allows for real-time exchange of information?
Mark Mezger
Contract Specialist
732-440-9639
Contract Specialist
