Artificial Intelligence - Machine Learning Capabilities

REQUEST FOR INFORMATION The Defense Information Systems Agency (DISA), Emerging Technology (EM) Directorate is seeking information from industry to assist with the development and planning of a potential new requirement. THIS IS A REQUEST FOR INFORMATION (RFI) NOTICE ONLY. THIS IS NOT A REQUEST FOR PROPOSALS (RFP). NO SOLICITATION IS AVAILABLE AT THIS TIME. 1. Overview/Purpose/ Description of Procurement The purpose of this RFI is to enhance DISA’s Defensive Cyber Operations (DCO) using Artificial Intelligence (AI) and Machine Learning (ML) models, tools, and services. DISA is a United States Department of Defense combat support agency that is composed of more than 7,000 military and civilian employees. DISA provides, operates, and assures command, control, information-sharing capabilities, and a globally accessible enterprise information infrastructure in direct support to joint warfighters, national-level leaders and other mission and coalition partners across the full spectrum of

military operations. A critical mission of DISA is to conduct defensive cyber operations consisting of passive and active activities intended to preserve the ability to utilize DoD cyberspace capabilities and to protect DoD data, networks, and systems. As cyber threats proliferate - both in terms of numbers and sophistication - the ability of DISA to successfully perform the defensive cyber operations becomes more and more challenging. To overcome these challenges, DISA is interested in exploring the potential of applying commercial AI/ML models, tools, services, and best practices to augment and enhance its current DCO capabilities and methods. 2. Scope of Effort A prominent issue DCO analysts face today is dealing with the huge volumes of cyber data. DISA is seeking information on identifying AI-powered solutions that can analyze vast amounts of log, sensor, alert, and telemetry data to identify anomalous and potentially malicious activity. Instead of manual data exploration, correlation, and log analysis, DISA is interested in exploring how AI based approaches can be applied to proactively detect unknown cyber threats from cyber sensor data and real-time threat intelligence that generates actionable, prioritized leads for cyber DCO analysts. 3. Technical Characteristics DISA desires a complete AI/ML platform to include a data acquisition and processing solution, a model development pipeline, and an operations and sustainment strategy. This AI/ML platform can be on-premises, in the cloud, or a hybrid approach. 4. Requested Information 4.1 What is Your Experience in Applying AI/ML to DCO? Provide information about what you believe are the best opportunities and approaches for applying AI/ML to improve DCO. Describe the DCO use cases that you believe are best suited to achieving significant improvements through the application of AI/ML, Include what operational benefits would be expected or have been seen. List the types of data that you believe are most important to developing AI/ML models for supporting DCO and indicate why. Discuss your perspective on whether supervised or unsupervised learning methods are best suited to addressing DCO use cases. If you are a proponent of supervised machine learning for DCO, explain your experience labeling data for training and address how your data labeling can keep pace with the speed at which cyber threats and attacks are constantly changing. Discuss your experience with keeping your AI/ML models up to date, given the rapid rate of change of cyber threats. 4.2 What DCO AI/ML Models can You Provide to DISA? Provide information about the AI/ML models your organization can provide to enhance defensive cyber operations. Describe the AI/ML models you have available to address DCO problems. For each model answer the following: What specific capability does the model provide? What types and formats of cyber data did you use to train, test, or optimize your AI/ML model(s)? Has the model ever run on any DoD networks or systems? If so, indicate for which DoD organization and provide a POC. Briefly describe your process for how DISA could acquire your models. AI models are usually trained with a specific dataset. Do your AI/ML models allow for the customer to retrain or fine-tune the model using onsite, private data sets? 4.3 What DCO AI/ML Tools and Services can You Provide to DISA? Provide information about the AI/ML models, tools, and services your organization can provide to enhance defensive cyber operations. Describe AI/ML tools and services you have available to address DCO problems. For each tool/service answer the following: What specific capability does the tool/service provide? Is it a tool (can it be delivered as software and installed on DISA systems) or a service (runs in the cloud)? Is the tool/service currently being used by other DoD or Federal customers in support of DCO? If so, describe the application and provide a POC. Has the tool/service ever run on any DoD network or system? If so, indicate for which DoD organization and provide a POC. Briefly describe your method for how DISA could acquire the tool/service. 4.4 Corporate Information Provide the following information about your company. If submitting a team response, please include the requested information for all companies on the team. Company Name Physical Address Point of Contact (Name, phone, email address) Business Type (if Small Business include what types) Specify your company’s facility clearance level details. Your contract vehicles that would be available to the Government for the procurement of your products and/or services. Response Guidelines: Interested parties are requested to respond to this RFI with a white paper. Submissions cannot exceed 10 pages (excluding diagrams or illustrations), single spaced, 12-point type with at least one-inch margins on 8 1/2” X 11” page size. The response should not exceed a 25 MB e-mail limit for all items associated with the RFI response. Responses must specifically describe the contractor’s capability to meet the requirements outlined in this RFI. Oral communications are not permissible. SAM.gov will be the sole repository for all information related to this RFI. Companies who wish to respond to this RFI should send responses via email no later than April 30, 2024, at 16:00 PM EDT to melissa.j.redd.civ@mail.mil, and nathan.l.sterling3.civ@mail.mil. Industry Discussions: DISA representatives may choose to meet with potential offerors and hold one-on-one discussions. Such discussions would only be intended to obtain further clarification of potential capability to meet the requirements, including any development and certification risks. Questions: Questions regarding this announcement shall be submitted in writing via e-mail to Melissa Redd, melissa.j.redd.civ@mail.mil, and Nathan Sterling nathan.l.sterling3.civ@mail.mil. Verbal questions will NOT be accepted. Answers to questions will be posted to SAM.gov. The Government does not guarantee that questions received after April 12, 2024, by 1600 PM EDT will be answered. The Government will not reimburse companies for any costs associated with the submissions of their responses. Disclaimer: This RFI is not a Request for Proposal (RFP) and is not to be construed as a commitment by the Government to issue a solicitation or ultimately award a contract. Responses will not be considered as proposals, nor will any award be made as a result of this RFI. All information contained in the RFI is preliminary as well as subject to modification and is in no way binding on the Government. FAR clause 52.215-3, “Request for Information or Solicitation for Planning Purposes”, is incorporated by reference in this RFI. The Government does not intend to pay for information received in response to this RFI. Responders to this invitation are solely responsible for all expenses associated with responding to this RFI. This RFI will be the basis for collecting information on capabilities available. This RFI is issued solely for information and planning purposes. Proprietary information and trade secrets, if any, must be clearly marked on all materials. All information received in this RFI that is marked “Proprietary” will be handled accordingly. Please be advised that all submissions become Government property and will not be returned nor will receipt be confirmed. In accordance with FAR 15.201(e), responses to this RFI are not offers and cannot be accepted by the Government to form a binding contract.