GSA developed IT Schedule 70’s HACS SIN 132-45 in collaboration with the Department of Homeland Security (DHS) and the Office of Management and Budget (OMB) to make it easier for agencies to procure quality cybersecurity services.
HACS provides agencies quicker access to key support services from technically evaluated vendors that will:
• Expand agencies’ capacity to test their high-priority IT systems;
• Rapidly address potential vulnerabilities; and
• Stop adversaries before they impact their networks.
The scope of the HACS SIN includes proactive and reactive cybersecurity services. Assessment services needed for systems categorized as High Value Assets (HVA) are also within the scope of this SIN, including Risk and Vulnerability Assessments (RVA), Security Architecture Review (SAR), and Systems Security Engineering (SSE). Additionally, the scope of the SIN includes services for the seven step Risk Management Framework (RMF), and Security Operations Center (SOC) services.
BGS has been approved for all five subcategories under the HACS SIN:
1. High Value Asset Assessments
2. Risk and Vulnerability Assessment
3. Cyber Hunt
4. Incident Response
5. Penetration Testing