The Next Phase for HACS (Cyber) — Modernization

By Kay Ely, Assistant Commissioner, Office of Information Technology Category

Cybersecurity incidents and on-going emerging threats to our data, networks, and systems over the last few years have significantly changed how we approach cybersecurity. GSA remains committed to ensuring the government’s long-term security, responsiveness, and efficiency when it comes to monitoring and protecting our valuable digital assets and IT systems.

We’re always proactively focusing on the products, services, and vehicles needed to help carry out agency missions. We’re also sharpening our focus on cyber acquisition solutions, so security is integrated into the system acquisition process. This means that we’re constantly evaluating and improving our solutions.

With this in mind, our Highly Adaptive Cybersecurity Services (HACS) program is entering its next phase: HACS Modernization.

Today’s HACS Portfolio on IT Schedule 70 consists of four Special Item Numbers (SINs):

  • Cyber Hunt
  • Incident Response
  • Penetration Testing
  • Risk and Vulnerability Assessment

Feedback from the expert providers in the cybersecurity services market can help us further enhance our current array of HACS offerings. Enhancements to GSA’s cybersecurity acquisition solutions will not only help us drive more use by agencies, it will also lead to improved outcomes and safer IT systems for federal, state, local, tribal, and territorial governments.

To that end, our team is working to make it easier for industry to provide feedback through two RFIs and a stakeholder event in June.

HACS Modernization Requests for Information (RFI)

To determine the best course of action, we released two HACS Modernization Requests for Information (RFI) on May 22, 2018, one for agencies and the other for industry partners. We encourage our current HACS suppliers and agency partners to participate in those RFIs. We particularly want feedback from those agencies that have not yet used the HACS SINs.

The RFIs are open until June 23, 2018 at 5 p.m. EDT

June 18 Stakeholder Event

We’re also hosting a HACS Stakeholder Event on Monday, June 18, 2018, from 9 a.m. to 1 p.m. EDT at GSA headquarters to discuss the HACS program’s past, present, and future.

We welcome both in-person and virtual attendees. We’ll be featuring guest speakers from Department of Homeland Security (DHS), Office of Management and Budget (OMB), and GSA’s Office of IT Category and GSA’s Office of Small Business Utilization (OSBU).

Let’s Work Together

We want to hear what you think about the cybersecurity landscape and how effective you think GSA’s current services are now, where we can improve them for the future, and the best ways to enhance our delivery to agencies.

Please respond to the relevant RFIs and attend our Stakeholder Event. Together we can enhance our HACS program and deliver a total package that helps agencies securely accomplish their mission.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government I

Modernizing Federal IT — The Path Forward

By Kay Ely, Assistant Commissioner, Office of Information Technology Category

IT modernization is one of the biggest challenges facing the federal government today — it’s a complex issue with a lot of moving parts. Fortunately, with the IT Modernization Report, Modernizing Government Technology (MGT) Act and its Technology Modernization Fund (TMF), and the President’s Management Agenda (PMA) and Cross-Agency Priority Goals, the stars are really aligned with support and tools to get the job done.

We’ve been talking about modernization for a long time and now, with all of this support and leadership, we’re in the best position I’ve ever seen to take on this challenge.

Here’s my take on what all of this means for agency partners.

IT Modernization Resources

Developed in response to Executive Order 13800, the Federal IT Modernization Report outlines an agile process to help the government harness American innovation to deliver better services to its citizens.

Additionally, the MGT Act authorizes agencies to tackle IT system modernization and establish working capital funds. GSA is also responsible for administering the TMF as part of the MGT Act through a project management office we’ve established. These funds are designed to:

  • improve, retire, or replace existing IT systems to enhance cybersecurity and to improve efficiency and effectiveness;
  • transition legacy IT systems to cloud computing and other innovative platforms and technologies;
  • assist and support efforts to provide adequate, risk-based, and cost-effective IT capabilities that address evolving threats to information security; and
  • reimburse amounts transferred to the agency from the TMF with the approval of each agency’s Chief Information Officer.

Further, the PMA lays out a long-term vision for modernizing the federal government across many fronts. One of the key drivers of transformation is updating and modernizing our legacy IT systems and networks. Helping the federal government adopt and acquire commercially available modern IT products and services is an important priority for GSA, and agencies rely on us to help them get there.

Cross-Agency Priority Goals

Cross-Agency Priority (CAP) Goals drive PMA implementation and tackle critical governmentwide challenges that cut across agencies.

ITC is directly supporting the following CAP Goals:

  • IT Modernization
  • Sharing Quality Services
  • Category Management
  • Federal IT Spending Transparency
  • Improvement Management of Major Acquisitions
  • Security Clearance, Suitability and Credentialing Reform

These goals drive what we do as the government’s acquisition experts, so we’re developing and refining acquisition solutions to address these areas.

Supporting IT Modernization

GSA is supporting governmentwide modernization in four ways.

  1. In partnership with the White House’s Office of American Innovation, GSA’s Technology Transformation Services (TTS) team is standing up IT Modernization Centers of Excellence.
  2. We are tasked, in whole or in part, with half of the 50 key initiatives identified in the IT Modernization Report.
  3. We are well positioned to support the operation and administration of the recently approved Technology Modernization Fund.
  4. We are making it easier to navigate the systems we use to serve our agency customers and help them with their IT acquisitions.

GSA is committed to leading the way to help modernize IT across government. We’ve created a multi-pronged strategy to enhance mission effectiveness and reduce cyber risks through a series of complementary activities between now and 2022.

Mission effectiveness activities include modernizing the IT stack by retiring legacy systems and embracing cloud through implementing cost-effective, cloud-based, commercial IT solutions.

Activities around reducing cyber risks include; managing asset security by implementing capabilities that provide observational, analytical, and diagnostic data of an agency’s cybersecurity; and protecting networks and data by implementing advanced protection capabilities. Another is helping government limit “personnel access” by implementing credential and access management (ICAM) capabilities that ensure users only have access to the resources necessary for their job function. Additional activities are outlined within the Modernizing IT CAP Goal action plan.

What Success Looks Like

To succeed, agencies should work toward several key milestones this fiscal year:

  • using new opportunities to drive foundational technology changes that will improve critical citizen services and increase efficiency by modernizing their networks as they shift to our Enterprise Infrastructure Solutions (EIS) contract.
  • submitting their EIS Agency Transition Plans (ATPs) to OMB this fiscal year.
  • using the TMF and working capital funds to support their modernization plans.

GSA Resources

We have several resources that agencies can use to help them acquire and adopt modern IT products and services.

For example, GSA is home to the Technology Transformation Services (TTS), 18F, and the Centers of Excellence that can help implement modernization. We work with OMB and agencies to create acquisition solutions that support modernization efforts, many of which are Best-in-Class (BIC) solutions that produce 10-15 percent savings, so agencies can divert money into their working capital funds.

Some of GSA’s BIC solutions for IT modernization include:

We recognize that modernizing federal IT won’t be easy; it will take working together, sharing best practices, and using resources available to achieve the goals that the PMA has set.

Both ends of Pennsylvania Avenue, from The Hill to the White House, have shown their support for modernizing the federal government, and I am confident that together we can collectively seize this unprecedented opportunity to make real and lasting improvements to federal IT.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.

Achieving IT Modernization Through EIS

Author: Crystal Philcox, Deputy Assistant Commissioner, IT Category

The federal government is in the middle of an unprecedented opportunity to modernize and create an infrastructure that works to help agencies deliver services to today’s workforce and the American people — that means more reliable, efficient, and mobile networks.

The Enterprise Infrastructure Solutions (EIS) contract is specifically designed to help agencies achieve this goal. With its recent Best-In-Class (BIC) designation, agencies can leverage the contract to meet established goals to modernize their networks and deliver better, faster services as well as gain significant cost savings.

EIS Has Everything You Need: Complete Solution for IT Modernization

EIS isn’t just a telecom contract, its a total solution to help agencies modernize. Agencies benefit through cost savings and the ability to tap a common contract instead of cobbling together their own solutions. EIS can be used for managed services, security and telecom services — it has everything agencies need to modernize their networks.

Modernized networks mean higher bandwidth, better performance, and more network reliability. And, bandwidth is dramatically cheaper in modernized networks. Furthermore, modernized networks can embed cybersecurity features that adapt to changing threat models.

The potential savings with fully taking advantage of modernizing networks using EIS are huge. Because of the consolidated buying power we have under GSA contracts, we realized a savings with EIS prices that average 21 percent lower than our current contract, Networx. That’s real money that agencies can put back into application modernization or cloud migration.

To achieve the advantages of EIS through modernization, agencies should consider the following keys to success:

  • Make transition a high priority. Treat it as a critical project.
  • Modernize, wherever possible.
  • Budget for transition and modernization.
  • Ask for GSA’s help, as needed.

Next Steps

There are several opportunities for both agencies and industry to engage in this continuing conversation. Throughout the lead-up to transition, GSA has provided extensive assistance to help agencies prepare for this and we conducted educational sessions on how to structure solicitations so modernized networks can be purchased efficiently.  Over the past few weeks, we’ve spent more time with agencies listening to their concerns. What we heard was that a lot of agencies want to modernize, but need more time. We are interested in hearing from any agency that is experiencing that, or any, concern.

We’ve held workshops to help industry share their perspectives on how agencies can modernize legacy enterprise networks. Also, we’ve collected agencies’ forecasts of solicitations and provided detailed timelines to EIS contractors to help them plan their response strategies.

Industry has a significant customer agency outreach effort. EIS suppliers have scheduled numerous meetings with agencies to showcase their capabilities and how they can assist in modernization efforts. Agencies are also hosting “industry days” for the EIS supplier community.

In partnership with government, ACT-IAC has established the Transition/Modernization Working Group. All EIS suppliers and a significant number of agency representatives make up this important initiative.

On May 24, GSA is hosting a “Meet Your EIS Industry Partners Day” at GSA Headquarters. This will provide another avenue for agencies to meet and discuss their individual mission needs with EIS suppliers. We want agencies to come with their ideas about what they want to achieve through network modernization and talk to the EIS industry partners about those ideas and how best to get them done. Register here!

And on June 19, ACT-IAC is hosting an IT Modernization Conference focusing on how the transition from Networx offers an opportunity to transform and modernize legacy network architecture.

We encourage you to join us at these events and look forward to hearing your ideas on modernizing networks.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.