Attend the 2024 Annual ITVMO Summit on June 11, 2024

Last year, the governmentwide IT Vendor Management Office (ITVMO) worked with the American Council for Technology (ACT) and Industry Advisory Council (IAC) to host the first annual government-industry ITVMO Summit. Back by popular demand, this premier in-person event is the gathering place for anyone involved in the Federal IT Marketplace.

From government procurement officials, to industry IT solution providers, to small businesses and more, this is where we come together to review best practices, discuss new solutions, and form valuable connections. At the summit, we will decide on the next steps to take together as we build a more equitable, accessible, and secure Federal IT Marketplace.

This year we have a PACCKed agenda, where you’ll gain access to:

  • Peer networking
  • Actionable insights
  • Community building
  • 4 Continuous Learning Points (CLP) for eligible attendees
  • Knowledge of the latest resources and advances

Bringing together government and industry, this year’s 2024 Annual ITVMO Summit will focus on uniting technology, people, and processes to transform Federal IT acquisitions.

We want your voice in the conversation, so register now!

If you have questions about the summit or are interested in learning more about our IT Buyers Community of Practice of the ITVMO, please contact

Follow ITVMO and ITC on LinkedIn and subscribe for blog updates.

Alliant 2 Industry Partners: Meeting the Federal Government’s AI Needs

Artificial intelligence (AI) is actively transforming the way we personally and professionally complete tasks of varying complexity. Noted for its ability to enhance productivity, the AI we know today is built on decades of groundbreaking work and has many practical applications. From virtual assistants to smart automobiles to business processes and workflows, artificially intelligent systems are making our lives easier.

GSA is at the forefront of leveraging emerging technologies like AI to enhance the efficiency and accessibility of federal services for the American public. By prioritizing safety and privacy, GSA ensures that AI advancements help improve government operations while mitigating risks. GSA also plays a vital role in supporting the AI Executive Order, reinforcing the federal government’s commitment to the responsible and effective use of AI​​​​​​​​​​​​​​.

While recent advances in generative AI have brought renewed attention to the importance of safe and effective AI deployment, it’s worth noting that for years, GSA’s industry partners have been helping agencies responsibly work with previous generations of AI technologies.

GSA’s industry partners delivering AI solutions

Since its 2018 inception, the Alliant 2 Governmentwide Acquisition Contract (GWAC), one of the most successful IT Services GWACs in federal government history – and a designated Best-in-Class (BIC) vehicle – has delivered high-value IT services to our customer agencies. Alliant 2 is well-positioned to bring critical, real-world AI solutions to the federal government, particularly regarding national defense, health care, and environmental protection.

We recently polled our Alliant 2 Shared Interest Group to learn about some AI projects they’ve implemented for federal agencies. Let’s take a look at a few of those examples.

A more efficient defense

The general welfare of citizens and their protection from external threats is among the federal government’s greatest duties — a confident and stable national defense is critical.
Federal agencies can now take advantage of notable advancements in the AI space of wargaming and simulation training tools. These training methods rely on realistic simulations to perform varied wartime exercises using diverse war zones, equipment, strategies, and conflict scenarios. For context, think of a military simulator home video game on super steroids – adding to it prospective real-world consequences.

Rapid retraining of computer vision modeling is another AI process that can support national interests. It involves the use of AI to markedly increase the accuracy of those models, eliminating potential issues. The Department of Defense has employed this technology to improve the performance of autonomous reconnaissance vehicles.

Our talented Alliant 2 industry partners also offer geospatial intelligence (GEOINT) and systems intelligence (SIGINT) experience. GEOINT blends machine learning with visualizations to analyze activities on Earth for national security purposes, and SIGINT involves the monitoring and interception of signals from systems used by adversarial targets. Both of these intelligence functions are independently significant. However, as a unit, GEOINT and SIGINT offer a robust approach to national security.

Impacts on health outcomes

Alliant 2’s AI capabilities extend beyond national defense; they also include protections for the health and welfare of U.S. residents. Our industry partners have contributed to many advancements in health care, including the use of AI for COVID-19 research and development. They are also involved in efforts to improve cancer diagnostics and drug labeling review processes using AI.

Different approaches to environmental protection

Executive Order (EO) 14096, Revitalizing Our Nation’s Commitment to Environmental Justice for All, directs the federal government to protect the environment. The EO expressly states that “an environment that is healthy, sustainable, climate-resilient, and free from harmful pollution and chemical exposure” is a fundamental responsibility of the federal government on behalf of its citizens.

Our industry partners actively support the resolution of climate-related concerns addressed in EO 14096. One effort involves the use of AI to accelerate the speed and accuracy of weather forecasts. During the process, scientists at the National Aeronautics and Space Administration evaluated data collected from the climate models to predict weather events that could occur weeks to decades into the future. This is significant, as this technology is also helpful in disaster preparedness and forecasting natural disasters.

Winning partnerships

Alliant 2’s BIC status signifies its relevance as a top-tier IT services vehicle that is propelled by the best and brightest in the industry. We are very honored to partner with companies that are well-vetted and highly qualified to move us into the future of IT services, always keeping us ahead of the curve.

Moving forward with AI

AI is beginning to play a significant role in how the federal government gets things done. Its significance is becoming more evident by the day. Whether improving the effectiveness of our military, improving health outcomes for U.S. citizens, or keeping our water safe, federal agencies are using AI to enhance our well-being. GSA and our Alliant 2 industry partners continue to move that needle, and we look forward to continuing to serve the AI and IT services needs of our customer agencies. To become familiar with other federal government AI projects, please visit

For more information on the Alliant 2 GWAC, please click here.

Follow ITC on LinkedIn and subscribe for blog updates.

It’s survey season! Help us improve your experiences in 10 minutes

Every year, the General Services Administration sends out the Federal Acquisition Service (FAS) Customer Survey and Industry Satisfaction Survey to our partners to gauge your experiences working with us.

Many of you will receive a personalized link to complete one of the surveys in the coming weeks – it takes ten minutes to complete, and the intelligence we gather from your responses will be used to improve your experiences moving forward.

For example, the data collected from the 2023 customer and industry surveys led to:

  • Improvements on the IT category and Multiple Award Schedule web pages.
  • The addition of USAccess locations to get your PIV cards activated – a governmentwide program that GSA manages.
  • Updates to our Buyer’s Guides and Fact Sheets to help you find and understand our solutions better.

We greatly appreciate the time you take to share your experience. Surveys like this, along with feedback you provide through other channels like webinars, trainings, and direct conversations with GSA staff, helps us understand where the pain points are so we can address them with urgency.

If you have questions about the survey or our improvement initiatives, please contact

Thank you for your continued partnership.

Follow ITC on LinkedIn and subscribe for blog updates.

Generative AI and Specialized Computing Infrastructure Acquisition Resource Guide now available

Goal: Help agencies buy Generative AI

Artificial Intelligence (AI) is one of the most profound technological shifts in a generation or more. If we learn how to harness its power correctly, AI tools could significantly strengthen how the federal government serves the public.

Seeing AI’s potential – and its risks –  the president signed Executive Order 14110 on Safe, Secure, and Trustworthy Artificial Intelligence (AI EO) on October 30, 2023. 

Since it was signed, there has been a lot of activity around highlighting AI use cases and increasing the AI talent and skills in the federal workforce.

I blogged about the procurement considerations it emphasized and we explored the pivotal role of the chief AI officer

The AI EO also sparked an ongoing effort to guide responsible artificial intelligence development and deployment across the federal government. 

Section 10.1(h) of the AI EO asks GSA to create a resource guide to help the acquisition community procure generative AI solutions and related specialized computing infrastructure.

In this post, I’ll describe our new Generative AI and Specialized Computing Infrastructure Acquisition Resource Guide and highlight some of the specific content.

A Focus on Generative Artificial Intelligence

As many of you know, some of the most popular promising tools in the broader field of artificial intelligence are in the field called generative AI.

Fundamentally, generative AI tools are software. It is starting to show up in our email and word processing programs, the search engines we use every day, and the more sophisticated software that agencies rely on. These tools can be helpful for many agencies trying to automate simple tasks or solve complex problems. We’ve seen agencies using generative AI tools to write summaries of rules, create first drafts of memos, and make more helpful chatbots. And many more uses are spooling up right now including using generative AI tools to write computer code and develop new training scenarios for agency staff.

These generative AI tools are getting better and more agencies are asking their contracting officers to help procure the right solutions. 

At the most basic level, because generative AI tools are software, acquiring them must follow the same acquisition policies and rules as other IT and software purchases. Contracting officers should consider cybersecurity, supply chain risk management, data governance and other standards and guidelines just as they would with other IT procurements.

At the same time, generative AI tools are unique. We are all hearing about the risks of generative AI solutions, some of which we talk about in the guide – from bias in how the systems were trained… to “hallucinations” where a generative AI tool states wrong information that it just made up. 

Contracting officers play a critical role in ensuring commercial generative AI offerings conform with federal and agency guidance, laws and regulations and have the right safeguards and protections while enabling their agencies to get the most out of generative AI projects.

We put together the Generative AI and Specialized Computing Infrastructure Acquisition Resource Guide to help contracting officers and their teams understand how to do just that.  

Practical Tips for the Acquisition Community

Because the field is emerging and the use cases are diverse, it’s impossible to provide guidance that applies to every situation. So the guide offers questions that contracting officers should ask and a process to use when scoping a generative AI acquisition. 

The guide also makes a few specific recommendations of other actions the acquisition workforce should take to procure generative AI solutions effectively. Many generative AI tools may already be available to agency staff in tools they use every day or through government cloud platforms they already have accounts on. And these tools may be available through professional service and system integrator contracts the agencies already have in place. In that way, the fastest acquisition may be no acquisition, or as simple as adding more “credits” to an existing cloud platform account. 

Before embarking on a large scale or complex new acquisition for generative AI tools, see if there is a simpler route. Work with your agency’s chief information officer, chief artificial intelligence officer, and chief information security officer to determine what you already have in place and whether you can just use an existing solution or contract.

Here are a few other recommendations in the guide:

  • Start with Your Agency’s Needs. Rather than starting with solutions and specifications, define the problem that the agency wants generative AI tools to help solve.
  • Scope and Test Solutions. Given the evolving nature of most generative AI tools, it is essential for agencies to use testbeds and sandboxes to try solutions before committing to large scale buys with too many unknowns about product performance.
  • Manage and Protect Data. Generative AI relies on data “inputs” to create content “outputs” so it is critical to know where data is coming from, what are its limitations and how data will be used and protected.
  • Control Costs. Generative AI is very often billed like other Software as a Service so usage costs can really grow quickly if not appropriately monitored and managed.

Acquisition staff also benefit from knowing what procurement actions their agency and others have already taken. You’ll also find a searchable data dashboard to give information about recent AI-related contract actions.

Specialized Computing Infrastructure

The guide also talks about “specialized computing infrastructure” per the AI EO. Specialized computing infrastructure can be thought of as the high-performance computers, powerful chips, software, networks and resources made specifically for building, training, fine-tuning, testing, using and maintaining artificial intelligence applications. Computing infrastructure can be on-premise, cloud based or a combination of both.

While most agencies will likely access generative AI tools through the cloud, some agencies may need to build some light specialized computing infrastructure to support their specific requirements.

This is the start.

The biggest challenge to producing any sort of guidance around a technology is anticipating and accommodating change. To do it, we organized a working group, gathered input from a wide array of acquisition specialists and technical experts, and collaborated with our IT Vendor Management Office to inform and support faster, smarter IT buying decisions across the federal community. We welcome your feedback at

Generative AI technology will continue to evolve. The risks and benefits will shift over time. Agencies will experiment with generative AI tools. And contracting officers will play a critical role by working closely with program and IT staff to find, source and acquire the right generative AI solutions for agencies’ needs. We hope the Generative AI and Specialized Computing Infrastructure Acquisition Resource Guide helps the acquisition community enable their agencies to start to responsibly harness the power of this promising technology and better serve the American people.

Follow ITC on LinkedIn and subscribe for blog updates.

Without you, we can’t make IT happen!

March marks National Procurement Month, a period to honor procurement professionals and the acquisition workforce across industry and government. Professionals like you who give your all to serve the public interest and make things happen.

Whether it’s making the most of emerging technologies like artificial intelligence or securing contracts to improve an agency’s cloud solutions and emergency mobile services, procurement professionals have tangible effects on the American public.

I want to take a moment to acknowledge the acquisition professionals across all levels of government and industry that work with GSA to deliver Best-in-Class service.

Key to successful organizations

Government acquisition professionals are out there every day doing the hard work of evaluating requirements to determine what’s possible, what’s working, and what could be improved. From reviewing offers and making awards, to monitoring the contract progress with a focus on transparency and accountability, you continue to make a difference and ensure taxpayer dollars are spent responsibly.

Team acquisition

Acquisition is a team sport, and as we continue to build IT acquisition vehicles, we recognize how important it is to be engaged and transparent with our agency and industry partners and to embrace innovative acquisition solutions, while learning from stakeholder feedback and expert procurement professionals in the IT field. Each group is instrumental to the success of our mission.

Evolving and improving

New technologies are rapidly changing and improving how we do procurement. Promising new tools such as Robotic Process Automation (RPA), machine learning, and AI are set to further streamline procurement processes and improve supply chain visibility. Credit for much of procurement’s quick tech evolution over the last couple of years can also go to members of the acquisition workforce: Data analysts, chief information officers, and emerging tech subject matter experts who have developed, found, tested and deployed IT solutions that make procurement more efficient and less risky, expanding our ability to directly impact the bottom line and drive successful outcomes for agencies.

Buy, sell — Be part of the procurement picture

Without YOU, we can’t make IT happen! Thank you for your unwavering dedication.
Do you want to continue your professional development as an IT procurement professional? Learn more at GSA’s Information Technology Acquisition University or sign up for a training session and earn CLPs at

Are you ready to be part of the vendors who support the American public? Find out how to work with GSA and become a vendor at the Vendor Support Center

Follow ITC on LinkedIn and subscribe for blog updates.

Post-Quantum Cryptography — What is it and where to start?

We all know cybersecurity is a dynamic field that is constantly evolving to protect people from the malicious use of technology. As we’ll explore in this post, cybersecurity professionals may soon be called to defend against technologies that blur the limits of classical physics.

What we know

Think back to high school physics, old episodes of the TV show “Nova,” or even the latest superhero movies, and you’ll recall the term “quantum” or “quantum mechanics.” Quantum, simply speaking, refers to what goes on at the subatomic level.

For decades, our friends at the National Institute of Standards and Technology (NIST) marshaled the resources of the federal government in applying the principles of quantum mechanics to information processing. They helped shape the field of quantum information science and birth an entirely new class of devices: quantum computers.

Right now, when a computer tries to solve a complex problem it has to check every possible solution one by one. That takes an enormous amount of time and computational power. Here’s where quantum computers shine. Because they operate at the subatomic level, they can actually explore and check multiple solutions simultaneously, drastically reducing the time needed to find the right answer. This means that tasks that would take classical computers years or even centuries to complete could be done by quantum computers in a matter of minutes or hours. It’s mind-boggling!

The problem

Here’s the catch: quantum computers could also break many of the encryption algorithms we currently rely on to protect sensitive data. We rely on encryption to keep information and data transfers safe both in our government work and everyday life – everything from logging into networks and websites to paying with credit cards. Quantum computers put all of that encryption at risk.

In 2022, the National Security Council issued a warning that certain quantum computers could “jeopardize civilian and military communications, undermine supervisory and control systems for critical infrastructure, and defeat security protocols for most Internet-based financial transactions.”

The Office of Management Budget then issued M-23-02 advising agencies how to take the threat seriously. Importantly, OMB said agencies should prepare to protect their data from quantum computers trying to break their encryption. Such stronger data protections became known as Post-Quantum Cryptography (PQC).

So what technologies and services will agencies need to transition to PQC?

Where to start

The first step, per M-23-02, is for agencies to inventory their active cryptographic systems and re-inventory them annually through 2035. That includes looking at all deployed cryptographic systems used for creating and exchanging encryption keys, providing encrypted connections, or creating and validating digital signatures. GSA has multiple acquisition vehicles ready to help you find the right resources to do that.

  • The Highly Adaptive Cybersecurity Services (HACS) Special Item Number (SIN) also offers quick access to vendors who have been technically evaluated to do such inventories.
  • If an agency has Enterprise Infrastructure Solutions (EIS) Managed Services awarded, it can tap into those suppliers to conduct these assessments.

The way forward

The experts at NIST are leading the effort to develop algorithms designed to withstand quantum computer attacks. NIST has begun the process of standardizing these algorithms — named CRYSTALS-Kyber, CRYSTALS-Dilithium, SPHINCS+, and FALCON. This is the final step before making these mathematical tools available so that organizations can integrate them into their encryption infrastructure. NIST also notes that there will be more post-quantum encryption standards to follow.

Some agencies may wish to start testing the PQC algorithms before they are standardized by NIST. Hardware, web browsers, content delivery networks, cloud service providers, devices and endpoints, and enterprise devices that initiate or terminate encrypted traffic all rely on encryption and might be areas to test pre-standardized PQC algorithms.

If your agency is ready to test or explore quantum computing further, GSA has contracts for that too:

Together, we’re on it

Quantum computers are advancing quickly, increasing the need for reliable PQC solutions. GSA works in close collaboration with NIST and the Cybersecurity and Infrastructure Security Agency (CISA) to keep our contracts aligned with the latest technical and security requirements including emerging PQC standards.

Agencies will need to protect their information systems and data from growing threats. The right suppliers can complement an agencies’ IT and information security staff and resources with relevant products, services and solutions to assess cryptographic risks, test safeguards and identify needed investments.

We look forward to working with more agencies to help them prepare for this imminent post-quantum future. We’re planning to host an in-person Quantum Summit at GSA headquarters on April 16, 2024 from 9-12 EST where you can learn more about quantum resilience from Federal practitioners, so save the date! And while we probably won’t be able to help you traverse time and multiverses like a movie superhero, we are ready to help you get your systems prepared for what comes next. Contact us with your needs and we will help guide you to a solution.

Follow ITC on LinkedIn and subscribe for blog updates.

Acknowledging our Veterans, their contributions to the IT Category

In celebration of Veterans Day, I want to thank our Veterans for their service and dedication. I’m grateful for the sacrifices they have made for us. Our Veterans exemplify the qualities that enable our country to overcome the greatest obstacles.

GSA partnering with Veterans

GSA is dedicated to supporting Service-Disabled Veteran-Owned Small Businesses (SDVOSBs) in the federal IT market. ITC currently has hundreds of highly skilled SDVOSBs between our Multiple Award Schedule – IT (MAS-IT) and the Veterans Technology Services 2 (VETS 2) and 8(a) STARS III IT services Governmentwide Acquisition Contracts (GWAC).

While SDVOSBs have many opportunities to participate in the IT marketplace, VETS 2 is currently the government’s only GWAC set aside exclusively for SDVOSBs.

I’m happy to say that the VETS 2 option was exercised earlier this year in February 2023. In total, 45 industry partners received their option. This will provide federal agencies with continued use of this best-in-class solution for their long-term IT service project needs, with the performance of task orders extending out through 2033. As of August 2023, VETS 2 has had more than 200 task order awards with over $1.4 billion in Obligated Sales and a Total Estimated Sales of over $3B.

The VETS 2 team has been hard at work training government agencies on the use of VETS 2, with more than 3,000 customers trained so far. If you’re interested, visit for a list of upcoming training opportunities.

SDVOSBs bringing real mission impact

Last year at this time, I shared several examples of the great work of our Veteran partners and I’m happy to bring fresh ones this year:

  • One of the DoD agencies recently awarded a $404 million order through VETS 2 to provide Enterprise IT Support Service for their Combat Capabilities Development Command Aviation and Missile Center (AvMC). Through these IT support services, the SDVOSB will fill the agency’s need to provide the personnel, services, and supplies necessary to enable the full lifecycle of IT support requirements across AvMC.
  • Another DoD agency also awarded a $24M task order award for extensive cybersecurity services. Our VETS 2 industry partners provided the defense agency with a service that is essential to protecting our nation’s security. Cybersecurity has become a fundamental IT service needed to keep our country safe and secure and VETS 2 can deliver these mission-critical national security services.

Veterans, looking to the future

Our commitment doesn’t stop with our existing contracts. Our next small business GWAC, Polaris, will have an SDVOSB pool as well. Polaris is being designed to assist agencies in acquiring customized IT services and IT services-based solutions while expanding opportunities for SDVOSB firms. Stay tuned to our Small Business Community of Practice Interact page for updates.

I’m grateful for the meaningful partnership we have with our SDVOSBs and for their continued hard work and dedication to helping agencies achieve their missions every day. I’m really excited for what the future holds.

Visit our website to learn more about VETS 2, MAS-IT, and Polaris or use our IT Solutions Navigator to find the vehicle that’s right for you.

Follow ITC on LinkedIn and subscribe for blog updates.

Find cybersecurity solutions in IT Services GWACs

In a post earlier this month, I talked about the Cybersecurity Battle Ground with various Administration strategies, executive orders, and some of the resources that we’ve developed to help you navigate this guidance. If you haven’t read that post yet, I suggest you check it out.

Today, I thought I’d talk about some of the acquisition contracts that we’ve developed to help you get on-the-ground support with your cybersecurity efforts.

MAS and beyond

When you think cybersecurity, and you think GSA, the Multiple Award Schedule (MAS) for Information Technology (IT) probably comes to mind. We have a lot of great cybersecurity solutions there, including the Highly Adaptive Cybersecurity Solutions (HACS) Special Item Number (SIN), a variety of Continuous Diagnostics and Mitigation (CDM) tools, and Zero Trust Architecture (ZTA) solutions.

True, MAS-IT is a great place to cover your cybersecurity needs, but it’s not the only place. Depending on your overall acquisition goals, GSA’s Governmentwide Acquisition Contracts (GWACs) are a great path as well. These IT Services-first contracts are considered by the Office of Management and Budget to be Best-in-Class and have a host of capabilities to meet cybersecurity needs; from ZTA to IPv6, to insider threat detection and mitigation services.

I thought it would be interesting to analyze the data in our GWAC Dashboard to see what I could find by simply pulling the data by contract and searching for ‘Cyber’*. This is definitely not a comprehensive review of our cybersecurity offerings on the GWACs, but this gives a great sense of the work that’s happening.

* This can be done by going to the “DATA Feed” tab, clicking on the “Choose a format to download” icon at the bottom right, and selecting “Crosstab.” This will result in an Excel file with more information than can be easily displayed in the web dashboard.


Federal agencies have leveraged the 8(a) STARS III GWAC, for example, to protect against cyber threats. 8(a) STARS III industry partners have supported America’s government by creating cyber risk assessments, performing enterprise penetration testing, and establishing security assessment reports. 8(a) STARS III has 23 task orders with an estimated value of more than $141.8 million for cyber-related activities. The Department of Treasury and the Department of Homeland Security are among the biggest users of 8(a) STARS III for cybersecurity services.


The VETS 2 GWAC is another great example. This Service-Disabled Veteran-Owned Small Business GWAC currently has more than $118 million in estimated value from 10 task orders ranging from IT Security Risk Management Framework (RMF) and Assessment and Authorization (A&A) Services to cybersecurity architecture and engineering services. Some of VETS 2’s biggest cybersecurity customers are the Department of Treasury, the Department of Homeland Security, and the Army.

Alliant 2

Alliant 2 data shows a similar story. There, we find 25 task orders for a total estimated value of $2.2 billion. These task orders relate to Federal Public Key Infrastructure (FPKI) support services to cybersecurity – supply chain risk management (C-SCRM) support services and beyond.

Again, these are just task orders with the term ‘cyber’ in the description field. Even more come through when we add the term ‘IT security’.

The right cybersecurity solutions

As we continue to observe Cybersecurity Awareness Month, I wanted to bring attention to the ‘where’ of conveniently getting the cybersecurity solutions agencies need to protect their systems as agencies move to create a safer and more secure digital future.

Visit our website to learn more about cybersecurity or use our IT Solutions Navigator to find the vehicle that’s right for you.

Follow ITC on LinkedIn and subscribe for blog updates.

The Cybersecurity Battleground

Reflecting on the past, envisioning the future

This month marks the 20th anniversary of Cybersecurity Awareness Month, as well as the beginning of a new government fiscal year. I’d like to take this milestone opportunity to delve into some recent notable cybersecurity events, the broader implications for government agencies, and my vision as GSA continues to play a pivotal role in positioning agencies to create a safer and more secure digital future.

The 2023 Verizon Data Breach Investigations Report shows external actors were responsible for 83% of breaches. Continued cyber breaches, such as Volt Typhoon and the MOVEit application exploit not only cause disruption and pose a serious threat to our national security, but lay the groundwork for more sophisticated cyber attacks. Hackers will leverage any flaw in the cyber environment to gain access to sensitive information. Our adversaries are not resting, and neither can we.

In March 2023, the White House released an updated National Cybersecurity Strategy with ongoing initiatives aimed at enhancing the nation’s cybersecurity capabilities and comprehensive approach. It aligns numerous strategic objectives under five pillars:

  1. Defend Critical Infrastructure
  2. Disrupt and Dismantle Threat Actors
  3. Shape Market Forces to Drive Security and Resilience
  4. Invest in a Resilient Future
  5. Forge International Partnerships to Pursue Shared Goals

The White House later published its National Cybersecurity Strategy Implementation Plan which includes specific guidance for agencies as they implement the strategy’s requirements and key objectives.

The Department of Defense completed its Cyber Strategy in May 2023. The strategy underscores the ongoing advancement of Zero Trust Architecture (ZTA) and the technological solutions and services to fortify critical infrastructure, ensuring vital systems and assets are safeguarded. In August 2023, the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Strategic Plan that aligns with the National Cybersecurity Strategy and lays out how agencies can fulfill their cybersecurity mission over the next three years. As plans are implemented, GSA is prepared to incorporate updated frameworks and standards into our solutions to meet agencies’ needs and requirements.

As we move forward into the new fiscal year, the Office of Management and Budget (OMB) continues to emphasize cybersecurity priorities for civilian agencies to consider when developing FY24 and FY25 budget requests. These include continued implementation of ZTA, investment in Cybersecurity Supply Chain Risk Management (C-SCRM) practices, and most recently Post-Quantum Cryptography (PQC). Details can be found in the OMB Memorandum M-22-16, M-23-18, and the Quantum-Readiness: Migration to Post-Quantum Cryptography fact sheet. Additionally, OMB outlined Research and Development Priorities for the FY25 budget which include addressing cybersecurity risks through resilient architectures. As the cybersecurity landscape is in a constant state of evolution, adapting to new guidance is imperative to Improving the Nation’s Cybersecurity.

How GSA supports agencies

GSA recognizes that every agency has unique needs, but the overarching goals remain. That is why GSA works diligently to support the modernization of security to enhance cyber resilience, protect important information, and maintain systems access and function.

To help agencies meet their goals, GSA developed a suite of resources on cybersecurity topics, such as ZTA and C-SCRM. Buyer’s guides and informational videos are available to help identify which solutions best fit agency IT security needs. In addition, our acquisition templates make procuring the products and services that modernize security and strengthen cyber resilience easy and efficient. Find the guides and more at

Our commitment

At GSA we understand collaboration with other agencies, and our industry partners, is crucial for addressing the evolving and global nature of cybersecurity threats. We are committed to continue our efforts to provide comprehensive and impactful government-centric cybersecurity solutions that address the need for modernization today and protect assets from the cyber threats of tomorrow.

Stay up to date

We are available to agencies throughout the entire acquisition lifecycle. The GSA IT Category team offers subject matter expertise and is available to answer questions related to purchasing a full range of IT products and services. Please contact the IT Customer Service Center at 855-ITaid4U/855-482-4348 or

Follow ITC on LinkedIn and subscribe for blog updates.

Working on a critical acquisition? Start with GSA’s Market Research as a Service

Before making a mission-critical acquisition, agencies can save time and resources in finding compliant suppliers, capabilities, competition levels and more to understand the market landscape. GSA’s Market Research as a Service (MRAS) conveniently delivers meaningful market data at no cost to federal, state, and local agencies.

How does MRAS work with agencies?

Through FAR Part 10-compliant Requests for Information (RFIs), sources sought, industry days, and advanced product research, MRAS collects data to help customers understand where their need fits within the GSA governmentwide marketplace.

MRAS experts partner with federal, state, and local agencies to create customized RFIs and help agencies shape their overall acquisition strategy with a thorough, tailored market research report. These services are available at no cost and can be completed typically in two weeks or less.

Record of success with MRAS

In three years, MRAS has conducted over 3,000 RFIs for customers, including more than 25% specifically for IT Category Special Item Numbers (SIN) on the GSA Multiple Award Schedule (MAS).

Top customers served:

  • U.S. Air Force
  • U.S. Army
  • U.S. Navy

Better techniques, better results, Best in Class

The MRAS team uses extensive technology tools and the latest research techniques to generate the best information for customers, and generates a list of vetted, Best in Class GSA industry partners who can fulfill a customer’s unique requirements. The team also works closely with GSA’s talented Customer Service Directors (CSD) to research and review the category, SIN, or contract that best meets the customer’s requirements while following applicable compliance guidelines and maximizing resources.

Customers can review the results of their MRAS request with a member of GSA’s CSD team to answer questions and consider next steps.

Recently, the MRAS team produced a market research report for a multimillion-dollar Department of Defense (DOD) project at Nellis Air Force Base, Nev. and Fort Irwin, Calif. In less than two weeks, the team identified more than 40 potential sources. DOD ultimately found a winning match on the MAS IT professional services SIN.

GSA’s MRAS – Your free resource to start your agency’s successful acquisition journey

GSA’s MRAS offers customers invaluable help through a key component of the acquisition process. MRAS helps agencies make informed acquisition decisions precisely and efficiently. Contact MRAS to learn more and get started today.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.