Cybersecurity Services RFI 2025

1. 
   

   Introduction
   
   This is a Request for Information (RFI), as defined in Federal Acquisition Regulation (FAR) 15.201(e). Army Contracting Command - Aberdeen Proving Ground (ACC-APG), in support of the Program Manager (PM) Intelligence Systems and Analytics (IS&A) Aberdeen Proving Ground (APG), is conducting market research to services as defined in Section 2 below. The Government invites all types of businesses and academic organizations to respond to this RFI notice.
   
   This RFI is issued solely for information and planning purposes - it does not constitute a Request for Proposal (RFP) or a promise to issue an RFP in the future. The Government may request additional information in the future; there is no intent to proceed with a procurement. Solicitations are not available at this time. Requests for a solicitation will not receive a response. This notice does not constitute a commitment by the United States Government to contract for any supply or service whatsoever. This RFI is not an authorization to begin work, and the Government will not pay any costs that contractors may incur in response to this RFI.
   
   Contractors are not required to respond to this announcement but may do so at their own cost. The United States Government will not pay for information requested nor will it compensate any respondent for any cost incurred in developing information provided to the United States Government.

   
   


2. 
   

   Background
   
   PM IS&A fields a plethora of intelligence collection, processing, and dissemination systems to all Military Intelligence formation in the Army. All of these systems have requirements to be connected to a network, so they must achieve an Authority to Operate (ATO) from the proper Authorizing Official (AO), to include but not limited to DoD and Intelligence Community (IC) authorizations. This requires PM staff to closely collaborate with DA G-2 & PEO IEW&S to both achieve and maintain system authorizations for the entire life-cycle of a product. The government requires support with Risk Management Framework (RMF) oversight and cybersecurity engineering efforts to include design, implementation, fielding, and training of cross-domain solutions.

   
   


3. White Paper and Supporting Documentation
   
   Responses to this RFI are due no later than 1700 EDT on 16 May 2025 and must address the following information requests listed below in a white paper format. The white paper shall not exceed 5 pages, not including cover sheet or cover letter.
   
   Section 1: Past Performance with Risk Management Framework (RMF)
   
   Provide a narrative on how you have supported the government in the past building RMF packages. Include mention of how controls were addressed, if automated tools such as eMASS, were used, and which organizations the packages were processed by (NETCOM, IC, and others). Also, discuss the networks for which the solutions were authorized.
   
   Section 2: Past Performance with Cross-Domain Solutions
   
   Describe past experience designing, configuring, implementing, testing, and securing cross-domain hardware and/or software. Include which networks were linked, and which organizations you worked with to achieve the authorization.
   
   Section 3: Key Resources
   
   Describe what kind of resources your company can bring to bear; such as unique skills or training and novel processes to achieve and monitor authorizations.
   
   Section 4: CLIN Structure/Contract Type(s)
   
   The government is open to flexible contract line item number (CLIN) structures to meet efficient and traceable performance. Please suggest how your vision of this requirement would be structured in regard to CLIN structure and cost tracking for base and option periods.
   
   Section 5: Facility and Security Clearance Requirements
   
   Does your company have a Top Secret facility clearance, either as a prime contractor or through subcontracting partnerships? Please explain.
   
   Is your company able to provide employees who are capable of obtaining a Top Secret/SCI clearance, either as a prime contractor or through subcontracting partnerships? Please explain.
   
   Section 6: Cybersecurity Personnel Qualifications
   
   Describe the cybersecurity personnel qualifications your company can bring to bear, specifically to meet DFAR 252.239.7001, DoDD 8140.01, DoD 8570.01-M and Army Regulation (AR 25-2) requirements.
   
   Privileged accounts require DoD 8570 IAT II and IAT III. Is your company able to provide personnel to meet DoD 8570 IAT II and IAT III, either as a prime contractor or through subcontracting partnerships? Please explain.

Notes:

This notice is part of Government Market Research, a continuous process for obtaining the latest information on the commercial status of the industry. This RFI is for planning purposes, and does not constitute a commitment, implied or otherwise, that a procurement action will follow.

The Government will use the information submitted in response to this notice at its discretion and will not provide comments to any submission; however, the Government reserves the right to contact any respondent to this notice for the sole purpose of enhancing understanding of the notice submission. Information received will not be considered confidential/proprietary unless marked accordingly. Company proprietary data will be reviewed by Government employees and authorized representatives only. Responses to this notice are not offers and cannot be accepted by the Government to form a binding contract. Responders are solely responsible for all expenses associated with responding to this RFI, including any market research product demonstrations.

Responses to this RFI must be submitted by 1700 EDT 16 May 2025. All interested parties shall respond in as clear manner as possible to each of the areas listed above. Information is preferred in soft-copy form in Microsoft Word/Excel and shall not exceed 5 pages. You may submit your responses via email address to:

Subject Line: “Cybersecurity RFI 2025”

Point of Contact: nicholas.m.mitrocsak.civ@army.mil

All information must be submitted in writing via email; telephone requests for additional information will not be honored. Acknowledgement of receipt will be issued. If you choose to submit proprietary information, mark it accordingly.