IRS wants cloud-based AI to sniff out insider threats

EDITOR'S NOTE: This article appeared first on

The IRS is looking for a cloud-based artificially intelligent analytical platform that can identify and mitigate cyber-related and insider threats within the agency.

The cybersecurity division of the IRS put out a request for information June 27 seeking private industry examples of an AI-based platform, machine learning analytics and a customized user interface.

The findings will "help to shape the path forward for potential acquisitions" down the line, according to the RFI.

The agency wants a solution that can continuously learn, provide real-time monitoring of cyber threats across networks and process data across a range of IT sources and devices, including internet-of-things devices and industrial control systems. The solution should be able to "identify unknown threats using unsupervised analytic techniques and behavioral-based analytics, along with known threats using external threat intelligence."

In conjunction, the IRS wants to host it all in a big data cloud that has been approved by the Federal Risk and Authorization Management Program and that can support forensic research and centralize collection, aggregation and storage of security log files.

Responses are due August 10, 2018.

The IRS has faced pressure from Congress and its inspector general over the past few years to improve cybersecurity protections and better protect taxpayer data in the wake of the 2016 Get Transcript breach. A 2017 audit found that IRS was not effectively implementing three of the five core functions (Identify, Protect, Detect, Respond and Recover) listed in the Cybersecurity Framework, including identifying and detecting malicious activity on its networks.

IRS contracting officials have also stated a desire over the past year to collaborate more with industry in advance of procurements. The agency has begun holding annual reverse industry days and is working to establish an enterprisewide dashboard to provide agency officials with better visibility of the acquisition lifecycle and canvass the contracting community for ideas and feedback.

"Once we understand what's being planned, then we can help with that industry engagement much earlier in advance," Chief Procurement Officer Shanna Webbers said in an interview in April.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here


  • POWER TRAINING: How to engage your customers

    Don't miss our Aug. 2 Washington Technology Power Training session on Mastering Stakeholder Engagement, where you'll learned the critical skills you need to more fully connect with your customers and win more business. Read More


    In our latest Project 38 Podcast, editor Nick Wakeman interviews Tom Romeo, the leader of Maximus Federal about how it has zoomed up the 2019 Top 100. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.