Posts

Posted on

GSA’s VETS 2 GWAC Open for Business

By Kay Ely, Assistant Commissioner, Office of Information Technology Category

Veterans Technology Services 2 (VETS 2) Governmentwide Acquisition Contract (GWAC) is now open for business and ready to accept task orders.

VETS 2 is the only GWAC in the federal government set aside exclusively for Service-Disabled, Veteran-Owned Small Businesses (SDVOSB).  It’s designed to meet diverse agency IT services requirements, including new and emerging technologies. SDVOSBs are foundational to helping the government make important changes to modernize aging and legacy IT systems.  GSA is committed to ensuring we tap into their expertise through contracts like VETS 2.

Like its successful predecessor, VETS 2 provides agencies with access to customized IT solutions from a highly qualified pool of industry partners.  The original VETS contract helped participating SDVOSB businesses deliver $2.1 billion in services and solutions to the federal government. We’d like to match or exceed that on VETS 2.

In developing the new VETS 2, we performed an unprecedented amount of market research that centered around customer and industry feedback.  In addition to issuing a request for information (RFI) and draft request for proposal (RFP), we also surveyed hundreds of past and current GWAC ordering contracting officers, created a government customer working group, and used the feedback to enhance the offering.

VETS 2 GWAC highlights include:

  • Best-in-Class – VETS 2 is a Best-in-Class (BIC) contract designated by the Office of Management and Budget as a preferred governmentwide solution
  • Comprehensive Scope – VETS 2 meets a variety of diverse agency IT requirements, including new and emerging technologies
  • Flexible Contract Types – fixed price, cost reimbursement, time & materials, and labor hour orders are all allowed
  • Allows for Long-Term Planning – VETS 2 has a five-year base period and one five-year option period
  • Robust Contractor Pool – VETS 2 provides access to 70 highly qualified SDVOSB firms
  • Socioeconomic Impact – VETS 2 helps federal agencies support our veteran community while achieving their prime contract goals using SDVOSBs

IT Services Scope

In addition to common IT services that the federal government regularly purchases, VETS 2 also fulfills projects that require new or emerging IT services.

Scope includes, but is not limited to:

  • Data management
  • Information and communications technology
  • IT operations and maintenance
  • IT security
  • Software development
  • Systems design

We look forward to working with you through the VETS 2 GWAC as we continue our commitment to providing IT solutions with the ongoing help of the veteran community.

For more information, including how to order, please visit www.gsa.gov/VETS2 or contact us at VETS2@gsa.gov.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.

Posted on

GSA’s Enterprise Mobility Program Continues to Drive Agency Benefits and Savings

By Kay Ely, Assistant Commissioner, Office of Information Technology Category

GSA continues to help shape governmentwide IT acquisition through our strong industry partnerships and collaboration with agencies across government. The operating principles of “Standardization, Simplification, and Savings” guide how we talk about, develop requirements for, and buy mobile products and services.

One of our more productive efforts is the governmentwide Mobile Services Category Team (MSCT). This cross-government group fosters effective collaboration and advancements among government IT and acquisition professionals through a membership base of almost 200 agency and 80 industry participants. Through the MSCT, we’re working with these stakeholders to improve and streamline how the government buys mobile technologies.

Established in 2015, the team consists of the departments of Defense, Homeland Security, and State, as well as the General Services Administration (GSA) and the Office of Management and Budget (OMB).

Shaping Governmentwide IT Acquisition

The MSCT’s mission is to advance adoption of mobile technology to support an agile and evolving government workforce. MCST helps government agencies learn from each other how to most effectively meet their missions and do their work securely, anywhere, anytime, and on any device.

The MSCT gives agencies the tools they need to implement various aspects of mobility more effectively and efficiently through:

  • Unified acquisition: Consolidates the number and variety of dispersed contracts to reduce life-cycle management costs and drive better volume discounts via existing government-wide solutions.
  • Improved information management: Simplifies management and enables centralized access to requirements, standards, and data to easily identify opportunities for cost savings.
  • Center of excellence: Uses best practices and collaboration across stakeholders to optimize performance and increase value.

GSA worked with the MSCT to build a library of resources available to government agencies. These new resources help federal buyers address a broad scope of mobile technologies and capabilities to include:

  • telecommunications expense management (TEMs)
  • virtual mobile infrastructure (VMI)
  • mobile device/enterprise mobility management
  • mobile identity management
  • mobile backend, and
  • mobile threat protection

Each resource includes a technology definition, service overview, and buying guidance that can be used for education, solution design, and acquisition support. Consolidating these resources will help agencies develop a mobile strategy that supports their purchasing.

GSA’s Contracts Drive Savings and Growth

GSA’s Mobility Team continues to increase savings for buyers in the mobile space through the Federal Strategic Sourcing Initiative (FSSI). On average, GSA customers saved 26% in 2017 through FSSI Wireless solutions.

To drive more savings across the mobile category, we’re extending the FSSI Wireless Blanket Purchase Agreements (BPAs) for six more months to November 2018.

This extension will help government agencies finalize their agreements this fiscal year.

As we plan for the next generation of buying tools for the wireless space, rather than develop a replacement for the current BPAs, GSA’s Enterprise Mobility Program is working with the MSCT to develop a Request for Quote (RFQ) engine that agencies can use to buy wireless services through existing contracts in a flexible, cost-effective, smart, and simple way.

We’re proud that federal agencies are getting great savings and results through the FSSI Wireless solution. We’re also thrilled with the work our GSA Enterprise Mobility Program is doing with the MSCT. The MSCT has set the bar for successful and productive cross-agency and industry engagement, demonstrating that government-industry partnerships and collaboration across agencies can help federal agencies meet their mission in government’s day-to-day mobile operations.

Want to know more? Visit the MSCT website.

Have questions or want to provide feedback? Contact wireless@gsa.gov.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.

Posted on

Recent Successes Inspire Our Way Forward

By Kay Ely, Assistant Commissioner, Office of Information Technology Category

As the end of the year approaches, I’m full of pride looking back on the accomplishments of the Office of Information Technology Category (ITC) in 2017.

Our team has achieved best-in-class (BIC) designations on a number of important contract vehicles and we’re continuing to work towards BIC on others. We launched — or are on the verge of launching — a number of significant contract vehicles, including Enterprise Infrastructure Solutions (EIS), Alliant 2, Alliant 2 Small Business, and Veterans Technology Services 2 (VETS 2). We further advanced our offerings for cybersecurity, geospatial, wireless solutions, and many others.

Each of these efforts will help our customers accomplish their missions with greater efficiency and lower costs in 2018.

Since taking the reins of ITC, I’ve challenged the team to follow three guiding principles:

  • Achieve breakthrough performance
  • Be a catalyst for customer mission success
  • Shape government-wide IT acquisition

As we wrap up 2017, I’d like to share just a few stories of how ITC has done this, working with agencies and our industry partners.

Using Innovative Solutions to Achieve Breakthrough Performance

We recently completed our proof of concept to use Distributed Ledger Technology (DLT) to further enhance the Making it Easier FASt Lane proposal review process. DLT will allow us to automate many of the manual business processes and steps required to award a new IT Schedule 70 contract. Including time-intensive things like financial reviews and developing the pre-negotiation memoranda.

Using innovative technologies such as DLT will have a major impact on making it easier to do business with GSA. It will make the award process more efficient for new contract holders by not only reducing the award timeline but also decreasing industry’s burden. Additionally, we expect this to significantly lower the direct cost to award a contract. This is just one example of our breakthrough performance over the last year.

Helping Agencies Achieve their Missions

The Small Business Administration (SBA) Office of Disaster Assistance (ODA) supported hurricane relief efforts. To achieve their mission, the team needed 1,000 laptops — and they needed them fast.

GSA’s IT hardware team quickly connected with the SBA to help. Our BIC Government-wide Strategic Solutions (GSS) Laptop/Desktop program, that offers pre-negotiated standard pricing for laptop configurations, was just what SBA needed. They placed the order for laptops in less than one week.

It resulted in a reduced delivery time of approximately two weeks and saved the SBA nearly $75,000. The order was awarded to an 8(a) small, women-owned business under IT Schedule 70.

SBA was so pleased with GSA’s price, performance, and quality of goods, they issued follow on orders for an additional 1,500 laptops and 2,140 monitors.

Shaping Government-wide IT Acquisition Everyday

The IT world is always changing, with advances in technology, shifting buying patterns and delivery methods, and a growing competitive landscape.  We strive everyday to improve how government buys IT.

In 2017, we made great progress with implementing category management. This has changed the way we operate and has helped us to better meet market demands, improve our operations, and enhance our customer solutions.

Everywhere you look in ITC you’ll see innovations in acquisition. We’ve baked in the ability to rapidly onboard new technologies into new contracts from the beginning. Startups are finding it easier than ever to deliver innovative solutions thanks to our Startup Springboard program.  And, our work to provide constructive input into the IT modernization process will help usher in a new era of modern government.

Paving the Way Forward

We’re leading the way in helping the government buy IT smarter. 2017 was an incredible year, marked by a number of important milestones — 2018 is looking just as promising.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.

Posted on

GSA’s Startup Springboard Speeds Access for Small Businesses to Government

By Kay Ely, Assistant Commissioner, Office of Information Technology Category

Just a few years ago you’d be hard pressed to find a tech startup with a GSA contract.  But that’s a thing of the past, thanks in part to GSA’s innovative IT Schedule 70 Startup Springboard, which offers new and smaller IT businesses an easier and faster way to get a Multiple Award Schedule (MAS) contract.

What is the Startup Springboard?

An integral part of GSA’s Making It Easier initiative, the IT Schedule 70 Startup Springboard offers tech startups and young companies an alternative to the two-year professional experience requirement traditionally required of a company trying to get on a GSA Schedule.

With Springboard, prospective industry partners can use their executives’ professional backgrounds, key personnel’s project experience, and related financial documents to complete their IT Schedule 70 proposals.

Making It Easier

For years we heard from industry that the unique government requirement of two-years of corporate experience before becoming a schedule contractor caused problems for small businesses, and were particularly challenging for startups. Vendors had previously found it very difficult to navigate the complex path to getting on the schedule while customer agencies were not able to access the emerging technologies available in the market particularly from startups.

The Startup Springboard addresses our customers’ emerging technology needs by getting companies and their innovative solutions onto IT Schedule 70 and into the hands of customer agencies faster, increasing acquisition and operational efficiencies, providing greater opportunities for small businesses, and saving taxpayers money.

Success Stories

As of September 2017, 14 companies, 13 of them small businesses, have been awarded IT Schedule 70 contracts under the Startup Springboard initiative. Among them is Vricon, a provider of imagery solutions to the intelligence and military communities. Vricon had its first deal within a week of getting on IT Schedule 70: a $2 million contract with the U.S. Special Operations Command (USSOCOM). And with $5 million in sales to the government to date, the young company quickly helped us prove the Springboard really does what it was designed to do: make it easier for new and innovative companies to start working with government.

Security Solutions Technology (SST) had only been in business eight months before joining IT Schedule 70 through the Springboard program. SST provides IT and cybersecurity services and solutions to federal, state, and local government agencies and has more than $1.8 million in sales so far.

Springboard has also helped HUBZone and certified veteran-owned small businesses (VOSB) and woman-owned small businesses (WOSB) get on IT Schedule 70. See the complete list of businesses now on IT Schedule 70 that went through the Springboard process at the end of this blog post.

Bringing it All Together

The success of the IT Schedule 70 Startup Springboard and our other tools is a direct result of our commitment to addressing longstanding concerns of industry partners and government agencies. We’re addressing our customers’ emerging technology needs by getting companies — and their innovative solutions — onto IT Schedule 70 faster.

For general information about the program, visit the IT Schedule 70 Startup Springboard page.

The following companies have been added to IT Schedule 70 via the Startup Springboard since the program began in April 2016:

  • Alpine Consulting Partners, LLC — providing computer systems design services
  • Cambridge Federal, LLC — a HUBZone VOSB providing IT and Investigations and Security (I&S) Security: providing commercial IT equipment, software, and services
  • Coffmatech — an economically disadvantaged minority woman owned small business (EDWOSB) providing commercial IT equipment, software, and services
  • Concept to Integration Technologies,LLC — a service disabled veteran-owned small business (SDVOSB) providing commercial IT equipment, software, and services
  • The Crevalle Group, LLC — providing commercial IT equipment, software, and services
  • Nala Digital Solutions, Inc. — a SDVOSB providing commercial IT equipment, software, and services
  • Planet Defense, LLC — a woman owned business providing commercial IT equipment, software, and services
  • Resilient Solutions 21 LLC — providing commercial IT equipment, software, and services
  • Security Solutions Technology ,LLC — a veteran owned a VIP-certified SDVOSB providing commercial IT equipment, software, and services
  • Spathe Systems, LLC — an 8(A), small business, and SDVOSB-certified business providing commercial IT equipment, software, and services
  • Tangent Technologies, Inc. — a woman owned SDVOSB providing commercial IT equipment, software, and services
  • TrussWorks, Inc. — providing commercial IT equipment, software, and services
  • Vricon, Inc. — providing commercial IT equipment, software, and services

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.

Posted on

Art of the Possible in Innovative Acquisition Solutions

(Note: This is a guest blog post by Keith Nakasone, Deputy Assistant Commissioner for Acquisition Operations within ITC in GSA’s Federal Acquisition Service (FAS). In this capacity, he oversees ITC’s acquisitions workforce.)

Over the past 25 years, I’ve learned that textbook or classroom education alone won’t do the job. Staying on top of the IT acquisition curve also requires staff to regularly use IT innovation labs, environments where bleeding-edge technology has been successfully used to solve day-to-day business challenges.

As we explore the Art of the Possible by using artificial intelligence (AI) within acquisition solutions, I took a small team to visit a company that develops and delivers AI capabilities. Exposing government acquisition professionals directly to new technologies helps our staff to more fully understand what AI can do. In turn, they can help program managers develop even better contracts to more effectively help deliver mission requirements and desired outcomes in government.

As we continue to build IT procurement vehicles, we recognize how important it is to understand the technology, what it can do, and how we can inject new and innovative solutions into our acquisition vehicles not only for now, but for the future.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.

GSA’s Jasmine Alexander, Brendan Mahoney, Brian Whitaker, Giovanni Onwuchekwa, and Keith Nakasone visiting IPsoft in New York City.

 

Our staff was greeted by Amelia, IPsoft’s cognitive agent. According to our industry partner, Amelia can take on a wide variety of service desk roles and transform customer experience.

 

Posted on

Veterans Technology Services 2 (VETS 2) GWAC Awarded

If small businesses are the backbone to our economy, then veterans of the armed forces are the backbone of our country. Even after their sacrifices through military service, many veterans continue to serve our great nation by providing innovative information technology (IT) solutions to government.

GSA prides itself on delivering mission critical IT solutions that make a meaningful difference to the agencies we support and the citizens that count on them. This philosophy is at the center of our development of new IT contract vehicles and I’m proud that it played a vital role as GSA created our new Veterans Technology Services 2 (VETS 2) Governmentwide Acquisition Contract (GWAC).

VETS 2 – a unique acquisition vehicle

The new VETS 2 GWAC is a unique contribution to the federal acquisition community — the only GWAC set-aside exclusively for Service-Disabled, Veteran-Owned Small Businesses (SDVOSB). VETS 2 is designed to be flexible enough to meet diverse agency IT requirements, including new and emerging technologies. VETS 2 also enables GSA to continue its support of the SDVOSB Procurement Program, while helping federal agencies achieve their socio-economic goals.

Contract development at its best

Lessons learned from our original VETS contract played a big role in building VETS 2, as did extensive market research. In conjunction with issuing a request for information (RFI) and draft request for proposal (RFP), we also surveyed hundreds of past and current GWAC ordering contracting officers, created a government customer working group, and utilized a GSA Interact page to collaborate with more than 1,000 members from industry and government to design VETS 2. The result is a multiple award indefinite delivery, indefinite quantity (IDIQ) contract with a best-in-class designation and 70 of the world’s premier SDVOSB IT service providers.

What’s new with VETS 2

All of the team’s research and due diligence, coupled with VETS success resulted in a VETS 2 contract that is even better than its predecessor. New key features include:

  • The ability for cost-type contracts
  • An expanded scope for virtually any IT services-based solution – including cybersecurity and new, emerging technologies
  • An overall simplified contract through the elimination of functional areas – a simplified scope covering all IT services
  • A larger pool of suppliers — an even greater proportion of which now hold International Organization for Standardization (ISO)/Capability Maturity Model Integration (CMMI) certifications, facility clearances levels, audited/approved cost accounting systems, and experience working with multiple agencies.

We couldn’t be more thrilled about the launch of VETS 2 as we continue our commitment to providing IT solutions with the ongoing help of the veteran community.

For more information, please visit www.gsa.gov/VETS2 or contact VETS2@gsa.gov.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.

Posted on

OMB Marks More GSA Tech Solutions as “Best in Class”

GSA’s Office of Information Technology Category (ITC) received some exciting news at the end of Fiscal Year (FY) 2017: five more of GSA’s Governmentwide Acquisition Contracts (GWACs) and one Blanket Purchase Agreements (BPA) based on IT Schedule 70 SIN 132-53 have been designated by the Office of Management and Budget (OMB) as “Best-in-Class” (BIC).

BIC designations signal to the acquisition community that these vehicles meet rigorous category management performance criteria and confirm that we’re offering solutions and processes necessary to meet government’s IT requirements not just today, but well into the future.

The six new additions to ITC’s BIC offerings are all pre-vetted, governmentwide contract solutions supporting the governmentwide move to mature, market-proven solutions:

With these additions, GSA has a total of eight BIC IT offerings—our Government-wide Strategic Solution (GSS) Laptop/Desktop and IT Schedule 70’s Hardware & Software SINs were part of the first group OMB recognized in the IT category.

We see these new BIC designations, as proof that GSA is developing the programs and contracts that will shape and lead future IT category management efforts. What’s more, they’re evidence that we use taxpayer funds efficiently and productively, enabling our customers to better fulfill their missions.

BIC Benefits

How does BIC benefit government agencies?

BIC contracts are recognized as being “good-for-government” purchasing solutions which should be used by all agencies. To be named BIC, contract vehicles must satisfy five key criteria defined by OMB:

  1. Rigorous requirements definitions and planning processes
  2. Appropriate pricing strategies
  3. Data-driven strategies to change buying and consumption behavior (i.e., demand management)
  4. Category and performance management strategies
  5. Independently validated reviews

BIC GWACs

Alliant, Alliant SB, and VETS 2 GWACs offer fixed-price, cost-reimbursement, labor-hour, and time-and-materials task order types, providing greater flexibility in procuring a broad range of IT services. These solutions provide access to new and emerging technologies designed to help government agencies meet their mission requirements. Our BIC GWACS can also help agencies save between 4 percent and 19 percent on average. Again, GSA expects to award the second iteration of Alliant and Alliant SB (Alliant 2 and Alliant 2 SB, respectively), by the end of the calendar year.

BIC BPA

Our FSSI Wireless BPAs are based in GSA’s IT Schedule 70 SIN 132-53, which improves the procurement and management of wireless services across government. And the good news is that the market opportunity for government wireless services is currently estimated to be $945 million annually.

Going Forward

These BIC designations let agencies and industry know we are meeting our own high standards of customer service and acquisition expertise. Whether they are using contracts officially recognized as “Best-in-Class” or another solution, our customers and partners can expect the same quality and excellence in all of our products and services. As I wrote in an earlier blog, “We believe a BIC designation is not the end state, but rather an important milestone on a journey to help agencies improve their buying strategies.”

Learn more about GSA’s BIC designations on Acquisition Gateway.

Follow us on LinkedIn and Twitter to join the conversation.

Posted on

Reducing Cybersecurity Risks in Supply Chain Risk Management

Shon Lyublanovits, IT Security Subcategory Manager and Director of the Security Services Division

[Editorial note: This blog is the last of a three part series by Shon Lyublanovits, GSA’s IT Security Subcategory Manager and Director of the Office of IT Security Services for Office of Information Technology Category (ITC). Designed to help build awareness of the Department of Homeland Security’s (DHS) annual October National Cyber Security Awareness Month, this blog series describes a suite of cybersecurity products, services and solutions provided by GSA, outlining the unique benefits each provides to government].

Federal Information and Communications Technology (ICT) systems rely on a complex, globally distributed, and interconnected supply chain ecosystem encompassing geographically diverse routes and multiple tiers of outsourcing. Managing ICT systems is a difficult and complex task for government agencies — especially when these system are affected by various laws, trust models, interests, and national/international supply chains. It becomes even more difficult when criminals constantly introduce proprietary counterfeits and malware, conduct data tampering, and access sensitive information.

To protect ICT systems from criminals, we are working with government agencies to reduce cybersecurity risks through the acquisition of IT hardware and software. We’re also helping government leaders, chief information officers, and IT experts develop and implement sound policy guidance to deploy Supply Chain Risk Management (SCRM) activities throughout the entire acquisition lifecycle.

Challenges for government and industry

The federal government is facing significant cybersecurity challenges when procuring IT products or services resulting from inadequate in-built cybersecurity controls in the supply chain. An increase in the use of ready made, off-the shelf products, plus a rise in outsourced computer and communications operations make it more difficult to manage the supply chain.

Our industry partners are facing challenges as well. Companies require agile, elastic business models to remain competitive and keep pace with emerging technologies, but they also need to protect themselves against volatile cybersecurity threats, especially in the supply chain. From a national security perspective, when large components of these business models become vulnerable to cyber threats, the private sector becomes a target of nation states.

Enhancement of IT procurement through sound policy drives

Within the global marketplace, particularly the supply networks, criminals have more opportunities to penetrate and potentially manipulate information and technology. In order to mitigate these threats, GSA supports various statutory, regulatory, and policy requirements that address the current challenges of the global marketplace.

We are currently developing a Business Due Diligence Information Service that will give agencies a common government-wide capability for identifying, assessing, and managing cyber and supply chain risk throughout the acquisition process.

GSA is also leading the implementation of an IT policy that enhances IT acquisition vehicles, resulting in increased security of customers systems and networks. We are working with federal agencies to address supply chain risks by:

  • Reviewing base ITC acquisition vehicle contract language
  • Developing an acquisition assurance baseline by identifying provisions and clauses that are related to IT security and SCRM to use in IT product and service solicitations
  • Creating a repeatable, scalable SCRM response process for ICT to effectively respond to SCRM incidents and issues of public interest. This includes a description of various roles, responsibilities, and definitions for six phases of the ICT Supply Chain Threat Event (SCTE) Incident
  • Using Response Life Cycle — i.e., notification, escalation, evaluation and validation, reporting, response, and closure activities
  • Establishing a Vendor Risk Assessment Program to provide a well-defined process and robust capability to evaluate known or potential risks related to suppliers of products and services using open source information

Comprehensive SCRM cybersecurity regulations and requirements

ICT systems need the best IT solutions to protect against proprietary counterfeits and malware, data tampering, and unauthorized access to sensitive information. We ensure that our IT products and services in the supply chain are deemed cyber low-risk by complying with cybersecurity regulations and requirements specific to SCRM. This will establish sound policy safeguards, so that when government agencies purchase IT products and develop systems, they do so knowing that we worked with suppliers to determine if SCRM capabilities have been applied to acquired products and services.

We’re also establishing a comprehensive SCRM capability that will ensure government agencies procure IT hardware and software from original equipment manufacturers, including authorized resellers or other trusted sources. Furthermore, GSA is:

  • Managing incidents within IT contracts
  • Establishing and maintaining contact with both internal GSA stakeholders and external agencies on cyber incidents
  • Maintaining awareness of government-wide supply chain policy/trends

GSA remains committed to helping government leaders, chief information officers, and IT experts improve cybersecurity through SCRM. Read the first and second blogs in this series to learn more about our cybersecurity products, services and solutions and how they can help you focus on your mission, while maintaining quality, reducing costs, and minimizing duplications and redundancies.

Follow us on Twitter @GSA_ITC to join the conversation.

Posted on

Helping Agencies Strengthen Cyber Networks through Strategically Sourced Tools and Services

Shon Lyublanovits, IT Security Subcategory Manager and Director of the Security Services Division

[Editorial note: This blog is the second of a three part series by Shon Lyublanovits, GSA’s IT Security Subcategory Manager and Director of the Office of IT Security Services for Office of Information Technology Category (ITC). Designed to raise awareness of the Department of Homeland Security’s annual October National Cyber Security Awareness Month campaign, this blog series highlights a suite of cybersecurity enhancing products, services and solutions provided by GSA, outlining the unique benefits each provides to government].

In today’s cyber ecosystem many, if not all, government mission requirements depend upon IT systems. Government agencies need to go beyond simply knowing who and what is on their networks. Senior leaders, chief information officers, and IT experts across government must be ready to face all potential cyber threats and it is critical that all information be secure. The latest IT tools and associated services are essential if agencies are to effectively and proactively identify, manage, and respond to new vulnerabilities and evolving threats. Agencies must also be able to keep up with and anticipate constant change in the enterprise architecture and operational environment.

GSA remains committed to helping agencies meet these ever-evolving challenges by offering a suite of pre-vetted cybersecurity products, services, and solutions that help agencies comply with mandates and IT requirements, while also addressing cyberattacks. This includes working with the Department of Homeland Security (DHS) to establish a new Special Item Number (SIN) for IT Schedule 70: Continuous Diagnostics and Mitigation (CDM) Tools. With CDM tools, we’re able to meet the government’s need for stronger cyber networks with strategically sourced tools and associated services.

New SIN offers agencies improved flexibility in IT procurement and cybersecurity

Our IT products on the CDM Tools SIN are prequalified and approved by DHS. And by leveraging the buying power of the government and streamlining the procurement process, we’ve made it easier and less expensive for our government partners to get the flexible solutions they need to effectively mitigate ever-changing cybersecurity threats.

Furthermore, these flexibilities on the CDM Tools SIN give government customers — federal, state, local, regional, tribal and territorial government entities — even easier access to a governmentwide set of information security continuous monitoring (ISCM) tools. The new CDM SIN also:

  • Enhances and automates existing continuous network monitoring capabilities
  • Strengthens the security posture of government networks
  • Improves risk-based decision making at the agency and federal enterprise level

CDM Tools SIN enhances existing continuous network monitoring capabilities

The CDM Tools SIN gives government agencies the ability to identify cybersecurity risks, prioritize them based upon potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first.

We’ve organized the capabilities and tools into five subcategories:

  1. Manage “What is on the network?” — Identifies the existence of hardware, software, configuration characteristics, and known security vulnerabilities.
  2. Manage “Who is on the network?” — Identifies and determines the users or systems with access authorization, authenticated permissions, and granted resource rights.
  3. Manage “How is the network protected?” — Determines the user/system actions and behavior at the network boundaries and within the computing infrastructure.
  4. Manage “What is happening on the network?” — Prepares for events/incidents, gathers data from appropriate sources, and identifies incidents through analysis of data.
  5. Emerging tools and technology — Includes CDM cybersecurity tools and technology not in any other subcategory.

CDM strengthens government networks

We want to help government fight cyberattacks by providing tools to help detect vulnerabilities and protect agencies from threats. These tools enhance government network security through automated control testing and progress tracking. This approach:

  • Provides services to implement sensors and dashboards
  • Delivers near-real time results
  • Prioritizes the worst problems within minutes (not quarterly or annually)
  • Enables defenders to identify and mitigate flaws at network speed
  • Lowers operational risk and exploitation of government IT systems and networks

Easy Ordering

Purchasing officers can buy from the CDM Tools SIN through eBuy and GSA Advantage!®. Issue a request for information (RFI) or request for quotation (RFQ), and let vendors respond to your requirements. Likewise, government agencies can purchase products, services, and solutions through IT Schedule 70’s Cooperative Purchasing Program.

For more information

If you have questions about the CDM Tools SIN, contact the IT Customer Service Center at (855) ITaid4U/(855) 482-4348 or schedule70cdmsin@gsa.gov. Representatives are available Sunday at 8:00 p.m. through Friday at 8:30 p.m.

Learn more about GSA’s CDM Program.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.

Posted on

HACS SIN Helps Agencies Protect High-Value Assets (HVAs)

Shon Lyublanovits, IT Security Subcategory Manager and Director of the Security Services Division

[Editorial note: This blog is the first of a three-part series by Shon Lyublanovits, GSA’s IT Security Subcategory Manager and Director of the Office of IT Security Services for Office of Information Technology Category (ITC). Designed to help build awareness of the Department of Homeland Security’s (DHS) annual October National Cyber Security Awareness Month, this blog series describes a suite of cybersecurity products, services and solutions provided by GSA, outlining the unique benefits each provides to government].

It’s no secret that risk management is critical to the way government protects its information, assets and systems.

Federal agencies use large complex network and data systems to maintain and manage varying types of data and information, including High Value Assets (HVAs) that hold sensitive information critical to national and economic security. Some of this information is so critical that disclosing it could cause significant harm to government operations, law enforcement agents, men and women in uniform, and even private citizens. Knowing that, you may wonder if it’s still possible to provide easily accessible information and data sharing as well as other programs that increase citizen and organizational participation in government.

The answer is yes.

GSA stands ready to support government leaders, chief information officers, and IT experts by providing Highly Adaptive Cybersecurity Services (HACS) SINs to identify, prioritize, and protect HVAs from criminal hackers. GSA’s HACS SINs provide government agencies with comprehensive protection against the ever-increasing threat of cyberattacks by offering access not just more, but better IT cyber services and expertise.

Government agencies have more access to HACS SIN services and expertise

GSA has awarded more than 70 suppliers with HACS SINs to date. These industry partners give government agencies more access to services so they can test high-priority IT systems, rapidly address potential vulnerabilities, and stop adversaries before they impact HVAs. And to ensure that we have top notch expertise in cybersecurity, we’re always looking for more partners and more options to expand, enhance, and integrate these services with the national security community.

In addition, by using our HACS SINs on IT Schedule 70, government agencies can access the expertise needed to shorten procurement cycles, ensure compliance with mandates and IT requirements, and obtain the best value for innovative technology products, services, and solutions.

Improved protection to deter the ever-increasing threat of cyberattacks

Our IT Schedule 70 HACS SINs offer a suite of cybersecurity services that help government agencies face and deter the ever-increasing threat of cyberattacks. Agencies can deter these threats by protecting HVAs and critical enterprise-wide network infrastructures from our adversaries, enhancing data security on smart devices, and fortifying legacy systems by reducing their accessibility risks.

Improved protection of HVAs and critical enterprise-wide network infrastructures from our adversaries

  • Our 132-45D Risk and Vulnerability Assessment (RVA) SIN was developed with the methodology DHS uses to conduct assessments of agency HVAs. All vendors awarded this SIN have been screened through an oral technical evaluation process that follows the DHS methodology.

Enhancement of data security on smart devices

  • Our HACS Penetration Testing, Incident Response, Cyber Hunt and RVA SINs provide customers with access to vendors that are capable of providing these services across the network. Services include, but are not limited to, network mapping, vulnerability scanning, and wireless assessments. Employing the full HACS suite of services will address many of the threats to agencies’ data and improve the security of all devices connected to their networks.

Fortification of legacy systems

  • Our IT procurement specialists are committed to helping federal, state, local, and tribal governments protect their HVAs by enhancing or replacing their legacy systems with advanced emerging technologies.

HACS SINs Information Session for State and Local Government

Cybersecurity implementation can be challenging our customers, especially those unfamiliar with our IT Schedule program. We’re hosting an information session this month for state and local government so that all eligible entities, including tribal governments, can take advantage of the HAC SINs’ benefits.

  • When: Monday, Sept. 18, 2017, 10:00 a.m. to 12:00 p.m. EDT.
  • Where: Join us virtually, in Adobe Meeting Space!

We hope to see you there – register today!

For more information, please contact the following:

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.