The General Services Administration (GSA) announced Wednesday that the GSA Federal Acquisition Service (FAS) Information Technology Category (ITC), IT Schedule 70 program is restructuring its Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers (SINs). In 2016, GSA FAS ITC launched four HACS SINs: Penetration Testing, Incident Response, Cyber Hunt, and Risk and Vulnerability Assessment. Those were intended, GSA said, “to provide agencies quicker access to key support services.” However, since 2016, the cybersecurity field has evolved significantly, and GSA explained in its announcement this week that “in collaboration with Office of Management and Budget and the Department of Homeland Security, GSA has identified several key areas that need to be included in the HACS offerings such as High Value Assets Assessments to include: Risk and Vulnerability Assessment (RVA), System Architecture Review and System Security Engineering.” Under the new plan, GSA will restructure the HACS SINs into a single HACS SIN 132-45 with subcategories of cyber services. GSA noted that the full set of HACS SIN services include: High Value Asset Assessments; Risk and Vulnerability Assessment; Incident Response; Penetration Testing; and Cyber Hunt. The current HACS SINs will be removed from solicitation and added as subcategories under the new HACS SIN 132-45. GSA will hold a webinar on Nov. 19 to discuss the restructuring plan.
