GSA Blog

GSA Blog Logo
image

Enhancing our Nation’s Cybersecurity

| Mary Davie, Assistant Commissioner, Office of Integrated Technology Services (ITS)
Post filed in: Acquisition  |  cybersecurity  |  FAS  |  Federal Acquisition Service  |  Technology

The mission of U.S. General Services Administration (GSA)’s Integrated Technology Services (ITS) is to deliver best value technology solutions to the government and the American people, and one of the most critically important capabilities that our nation currently needs is strengthened cybersecurity. We have been working with numerous other federal agencies to ensure that the government has the tools and know-how it needs to protect our systems, data, and information.

Recognizing the criticality of our cyber posture and challenges, the Obama Administration implemented the Cybersecurity National Action Plan (CNAP). This plan has enacted immediate and long-term strategies to enhance cybersecurity awareness and protections. Another key part of CNAP is the IT Modernization Fund, which will channel $3.1 billion in IT spending to modernize, retire, or replace the most vulnerable and important systems in government.

In addition, the Office of Management and Budget (OMB) Memorandum M-16-04, Cybersecurity Strategy and Implementation Plan (CSIP) for the Federal Civilian Government, directs GSA to research contract vehicle options and develop a capability to deploy incident response services that can quickly be leveraged by federal agencies.

In support of the President and OMB’s direction, and as a proactive federal partner, we recently hosted two industry days to learn about capabilities and suggestions for what kind of capabilities exist to support the acquisition of Highly Adaptive Cybersecurity Services (HACS).

Cybersecurity Outreach

These two events brought together our government and industry partners to discuss the importance of CNAP, why it was implemented, its requirements, and possible impacts to stakeholders. We promoted developing proactive and reactive cybersecurity programs within departments that provide a strategic view of how organizations manage cybersecurity risks. The workshop that took place yesterday was the first of its kind in Silicon Valley and was an encore to the very successful, beyond capacity, Washington D.C.-based session held last month.

Highly Adaptive Cybersecurity Services

In addition to these informational events, we’ve also been working on meaningful updates to our acquisition vehicles for cybersecurity. One result of this effort was a Request for Information (RFI) that we released in June to seek input related to our proposed HACS IT Schedule 70 Special Item Number (SIN).

In today’s active threat environment, vulnerability assessments, incident detection and response, and security engineering are ongoing challenges for many organizations. Our SIN initiative will directly support CNAP and allow us to offer services from highly qualified companies that federal agencies can quickly use. These services include incident response, penetration testing, cyber hunt and risk and vulnerability services, from leading commercial providers categorized as providing proactive, reactive, and remediation services.

Creating these new SINs, in support of CNAP and CSIP, will allow our customers to easily acquire HACS through IT Schedule 70. It will also provide a way for our industry partners to more easily differentiate these specific cybersecurity services from other IT offerings. The HACS SIN is slated to be active on August 30, 2016.

A Secure Future

These initiatives are just a few of the steps we’ve taken to help ensure that the federal government has the tools it needs to protect privacy, maintain public safety, and keep our economic and national systems secure.

For more information, please read ourInteract post on the topic. As always, please follow us on Twitter @GSA_ITS and LinkedIn to join our ongoing conversations about government IT.