GSA adds new cybersecurity HACS to Schedule 70

The General Services Administration launched four new highly adaptive cybersecurity services, HACS, to the IT Schedule 70.

The new HACS Special Item Numbers (SINs) will offer agencies services that include penetration testing, incident response, cyber hunt, and risk and vulnerability assessment.

GSA said agencies will be able to purchase these services by Oct. 1.

GSA has already established the SINs, and officials expect to begin supplier evaluations Sept. 12. All current IT Schedule 70 suppliers that offer these same services must move their services to the HACS.

“These new SINs will provide government agencies with quicker and more reliable access to key, pre-vetted support services that will expand agencies’ capacity to test their high-priority IT systems, rapidly address potential vulnerabilities, and stop adversaries before they impact our networks,” said GSA Administrator Denise Turner Roth.

GSA plans to continue to work with the Homeland Security Department to ensure the service offerings are scrutinized and readily support the Obama administration’s Cybersecurity National Action Plan. The White House released the action plan in February, following signing the Cybersecurity Act of 2015 into law in December. The plan directs agencies to take short-term actions and fosters the conditions for long-term improvements to cybersecurity throughout government.

Federal CIO Tony Scott said the Office of Management and Budget will encourage agencies to buy cybersecurity services through IT Schedule 70 contracts.

“OMB will partner with GSA to provide new capabilities and add more vendors as these SINs evolve and grow more robust in their offerings,” Scott said.

GSA released its draft solicitation in August to GSA’s Interact website.