The Department of Defense (“DoD”) is seeking information related to potential sources for the implementation of Cloud Infrastructure for its “Acropolis” cyber defense program. The Acropolis is a secure and consolidated environment for cybersecurity analysts within the DoD’s information network. The program collects a variety of cybersecurity data and materials from sources across the DoD’s information network and combines it into a centralized repository known as the “Data Brokering Service,” which can translate, enrich, and distribute data. The Acropolis uses a highly-specialized “cross-domain solution” that enables the use of classified analytics on unclassified data.
The Defense Information Systems Agency (“DISA”) issued a request regarding the availability and technical capability of businesses “to blend Department of Defense owned and operated Defensive Cyber Operations (“DCO”) infrastructure with a commercially hosted Virtual Private Cloud” at both Information Impact Levels 5 and 6. As defined by DISA, cloud security Information Impact Levels 5 and 6 cover (i) controlled unclassified information that requires a higher level of protection as deemed necessary by the information owner, public law, or other government regulations; (ii) classified information; and (iii) secret information.
The envisioned Acropolis cloud environment will be designed so that the Data Brokering Service and the cross-domain solution remain within the DoD’s control, while other services, databases, and ancillary servers will be transferred to the dedicated cloud infrastructure.
The opportunity to respond is limited to a short timeframe. DISA requests that businesses submit a statement of capabilities, containing no more than five pages, by email no later than August 2, 2018. The winning business must have an Information Impact Level 6 authorization prior to the project award, which is anticipated to occur in either FY2018 or FY2019.