The General Services Administration is close to launching a special acquisition vehicle in line with President Barack Obama’s $19 billion Cybersecurity National Action Plan so agencies governmentwide have a single place to purchase cybersecurity products and services.
GSA is expected to publish a solicitation Aug. 12 for a new IT Schedule 70 special item number focused around what it calls ‘Highly Adaptive Cybersecurity Services’ to its Interact website. GSA creates special item numbers, or SINs, for specific categories of popular items on schedules so agencies have greater insight into and can differentiate what they’re buying.
The SIN will go live Sept. 12, GSA officials said Monday at an industry day hosted at the agency headquarters.
Just last week, GSA issued a request or information on developing the HACS SIN. Through the RFI, which closes June 21, the agency hopes to get a better idea of the cyber products and services agencies need, and if vendors have any concerns with what GSA has proposed. This RFI is the second of two the agency has released related to the creation of a governmentwide cybersecurity vehicle; the first was published in April.
‘We’re not putting together a vehicle for GSA. We’re putting it together for you. Tell us what it is that you need,” said Shon Lyublanovits, manager of the governmentwide IT Security Category and director of GSA’s Security Services Division.
The new SIN’s offerings will be broken into three categories of services — proactive, reactive and remediation — that span the scope of cyber incidents.
Though not yet finalized, officials described Monday how GSA intends to require vendors to demonstrate their capabilities before they get a place on the SIN to ensure the services it lists are of the best quality.
‘We don’t just want to have a SIN where just anyone can get on it,’ Lyublanovits said, pointing briefly to a ‘capture the flag’ competition as an example of how vendors could prove their capabilities. ‘I’m just going to be honest with you. We want to offer best-in-class to the federal government.”
The Federal Acquisition Service team behind the new vehicle are “borrowing a page from [18F’s] Agile Delivery Services BPA where we ask vendors to really prove they can do what they said they can do, and not just send us long proposals telling us exactly what we wanted to hear,” said Giovanni Onwuchekwa, a branch chief of programs and analysis for the Office of IT Schedule Programs at GSA.
“We want to make sure we can establish you do have [quality products] and that you have a plan in place to continually maintain that quality,’ he said.
Closer to the launch of the SIN, Onwuchekwa said, GSA plans to issue a buying guide so agencies can take advantage of the new vehicle immediately.
“We want to make sure that at any point in time they know all the things they need to do to acquire the services they need to mitigate a breach or combat in a way that makes sense,’ he said.
GSA similarly proposed the creation of a cyber SIN last August, issuing a request for information for a special IT Schedule 70 category related to cybersecurity and information assurance products and services.