GSA consolidates cybersecurity vehicles into a single, expansive contract

The four HACS SINs would become a single cybersecurity offering, GSA says.
(Getty Images)

Citing the expanding role of cybersecurity in safeguarding federal networks, the General Services Administration said late Wednesday that it is consolidating its cybersecurity services contract vehicles and providing more features.

GSA currently provides cybersecurity tools across four Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers, or SINs. These SINs allow agencies to buy services like penetration testing, incidence response, cyber hunting, and risk and vulnerability assessment.

But with more emphasis placed on data and infrastructure protection, GSA wants to condense the four HACS SINs into a single offering to broadly provide more services.

“Federal agencies use large complex network and data systems to maintain and manage varying types of data and information, including [high-value assets] that hold sensitive information critical to national and economic security,” officials from GSA’s Office of Information Technology Category said in a Wednesday post on the agency’s Interact page. “As a result, GSA ITC is proposing to restructure the HACS SINs, 132-45 (A-D), into a single HACS SIN, 132-45, with sub-categories of cybersecurity services.”


The combined contract will continue to provide the original HACS services, plus high value asset (HVA) assessment services. Those HVA assessment services will include offerings like network mapping, vulnerability scanning, phishing assessment, wireless assessment, web application assessment, operating system security assessment (OSSA), database assessment, penetration testing, security architecture review and systems security engineering.

The HACS SINs debuted in 2016 as part of the then-Obama administration’s Cybersecurity National Action Plan to make it easier for agencies to procure those services through vehicles on GSA’s IT Schedule 70.

GSA officials noted that the cybersecurity needs of the federal government have shifted in the past two years and that the HACS consolidation falls in line with several White House initiatives centered on increasing the government’s cyber posture, like last year’s IT Modernization Report and the recent White House cybersecurity strategy.

GSA had been looking for a way to freshen up the HACS SINs as far back as spring, when it asked for industry input in a May request for information on how to make the service vehicles more modern.

The current HACS SINs will be deleted from any solicitation and incorporated into SIN 132-45 as subcategories. GSA will hold an informational webinar on the consolidation Nov. 19.

Carten Cordell

Written by Carten Cordell

Carten Cordell is a Senior Technology Reporter for FedScoop. He is a former workforce and acquisition reporter at Federal Times, having previously served as online editor for Northern Virginia Magazine and Investigative Reporter for, Virginia Bureau. Carten was a 2014 National Press Foundation Paul Miller Fellow and has a Master’s degree from the Medill School of Journalism at Northwestern University. He is also a graduate of Auburn University and promises to temper his passions for college football while in the office.

Latest Podcasts