Have thoughts on how government buys cybersecurity? GSA is listening

(Getty Images)


Written by

The General Services Administration is looking for honest feedback on its acquisition vehicle developed specifically for agencies to buy modern cybersecurity services.

GSA issued a request for information looking to improve a series of specialized contracting categories — what it calls special item numbers (SINs) —for “Highly Adaptive Cybersecurity Services (HACS),” featured on its massive governmentwide IT Schedule 70 contract vehicle.

Launched in October 2016, the HACS SINs “feature high quality cybersecurity vendors that provide Penetration Testing, Incident Response, Cyber Hunt and Risk and Vulnerability Assessment services,” the RFI says. But GSA wants to stay current with the times and is looking to modernize the contracts to “provide a more comprehensive assortment of cybersecurity services and expedite their discovery and acquisition” and “allow for enhancements to the HACS as technology and industry best practices continue to evolve.”

In the RFI, GSA is asking vendors approved to sell through the HACS SINs as well as those that aren’t for information on how cybersecurity services are and should be sold to federal agencies. GSA gives a shortlist of goals for the RFI:

    • Improve the customer and supplier experience by making it easier to work with GSA’s Federal Acquisition Service;

    • Provide expertise that enables agencies to strengthen security, improve citizen service, and reduce legacy IT costs;

    • Gain feedback from industry regarding the commissioning of cybersecurity services onto Federal networks and systems;

    • Better understand how industry partners are providing cybersecurity services today on IT Schedule 70;

    • Determine the best route for offering cybersecurity services through GSA; and

    • Ascertain what cybersecurity provider evaluation scheme(s) would be best for new IT Schedule 70 entrants, current awardees, and modification requesters.

“GSA believes the cybersecurity services market is sufficiently mature to further enhance the current array of available HACS and to attract greater participation among industry partners and Government buyers,” the RFI says.

Vendors have until June 9 to respond.

-In this Story-

Cybersecurity, General Services Administration (GSA), HACS, Highly Adaptive Cybersecurity Services, IT Schedule 70, SINs