The Department of Veterans Affairs is in the market for a federal contractor to help it incorporate innovative cybersecurity technologies into its defenses, according to a July 13 sources-sought notice.
The VA’s Office of Information Security (OIS) aims to launch a Cybersecurity Innovation Program that will cultivate relationships with nontraditional suppliers, according to an attached performance work statement.
The initiative calls for outsourcing the task of analyzing the market for promising technologies and “incubating” startup vendors by providing expert guidance and financial support. The VA’s ideal pick for the role is a contractor with “strong alliances with Silicon Valley” and other U.S. technology hubs, a deep understanding of the startup landscape, and partnerships with academia and think tanks, according to the notice.
The impetus for the Cybersecurity Innovation Program is twofold. First, an “evolving cyber threat landscape” puts the department and its data at risk of increasingly sophisticated attacks by nation-states and cyber criminals. Second, unforeseen events like the Covid-19 pandemic have pushed OIS’s security capabilities to their limits in terms of providing secure access to telework and telemedicine services. Solutions to these cybersecurity challenges are “inaccessible through the traditional procurement process,” according to the PWS.
At the top of the OIS wish list are solutions that offer:
- Natural-language processing and artificial intelligence to extract information from structured and unstructured data sources;
- Custom data science models to perform keyword extraction, relevancy scoring, and document deduplication; and
- The ability to ingest and analyze cyber threat intelligence, technology news, patents, and other open-source data feeds.
The contract will carry a 12-month period of performance with four option years.
Due to the nature of the program — identifying and developing nontraditional vendors — the winning contractor will be barred from pursuing related systems integration contracts on the basis of organizational conflict of interest (OCI).
Although many traditional IT contractors may possess the capabilities to compete, the OCI provision makes the contract a more attractive option for research organizations, such as the Rand Corp., the Institute for Defense Analysis, or the MITRE Corp. MITRE, for example, already runs a number of cybersecurity-related federally funded research and development centers for the departments of Homeland Security, Commerce, and the Treasury.
Interested parties must respond to the notice with a two-page capabilities statement and responses to an OIS questionnaire by July 21.
To contact the analyst on this story: Chris Cornillie in Washington at firstname.lastname@example.org