The Defense Counterintelligence and Security Agency (DCSA) is looking for a tool to create a searchable database of social media posts and other publicly available information, actions, and interactions used in insider threat investigations.
DCSA manages the Department of Defense Threat Management and Analysis Center (DITMAC), which focuses on detecting and responding to behaviors by government personnel indicative of a potential insider threat.
The organization’s data sweep includes social media and other public online sources, and DCSA said DITMAC analysts need “an automated capability to receive publicly available information [and] social media data on referred individuals to contextualize behavior that may be indicative of a potential insider threat,” according to a request for information (RFI) posted to SAM.gov.
The tool must automate open-source electronic information and allow DITMAC analysts to search the database by name. The results should include “photos, text, and actions taken by the primary actor(s) online without requiring DITMAC analysts to visit the social media site themselves,” the RFI states.
The RFI lays out seven criteria for the search tool:
- Broadly scan the internet based on a known primary actor.
- Conduct accurate identity resolution based on limited data sets to validate results.
- Scan the internet for text, photos, and videos of the primary actor and behaviors of concern.
- Deliver both screenshots of relevant materials and view the information surrounding it more broadly to ensure appropriate context is captured.
- Conduct a single check on an individual for existing information and maintain continuous reviews on a known primary actor while the investigation remains open.
- Meet all Defense Department and Federal information technology standards to ensure use and capability on DCSA networks.
- Access all data without creating a fake user account or creating affiliations with the known primary actors.
Moreover, DITMAC said it is not looking for information that would otherwise be kept private. The RFI specifies that the agency only wants to collect “information that is available to the public, under privacy settings set to ‘public.’”
Responses to the RFI are due on August 24.