One and Done! – Highly Adaptive Cybersecurity Services (HACS) update to Schedule 70

The field of cybersecurity has grown substantially since the initial launching of the four HACS in 2016. This growth has led GSA to restructure the original HACS SINS 132-45 (A-D) into a single HACS SIN, 132-45, with subcategories of cybersecurity services.

Federal agencies use large complex network and data systems to maintain and manage many forms of data and information, including High Value Assets that hold sensitive information critical to national and economic security. As a result, the proposed restructure will include the following full set of HACS SIN services:

• High-Value Asset Assessments

• Risk and Vulnerability Assessment (RVA)

• Incident Response

• Penetration Testing

• Cyber Hunt

The four current HACS SINs will be deleted from the solicitation and added as subcategories under the new HACS SIN 132-45.

Please feel free to give us a call at 301-913-5000 if you’d like to discuss your cybersecurity solutions for GSA Schedule 70.

 

New Schedule 70 SIN: wheee!

The relatively new Continuous Diagnostics and Mitigation (CDM) Tools SIN (132-44 on IT Schedule 70) provides agencies with easier access to a government-wide set of information security continuous monitoring (ISCM) tools. This SIN was created to make it easier for agencies to strengthen their networks, be aware of  who is on their network, and what is happening there. Of course, the main goal is to keep their data protected.

Department of Homeland Security (DHS) vets all products on the CDM Tools SIN through a two-step process. Products are first added to a DHS CDM approved products list (APL), and then added to the CDM Tools SIN. DHS reviews new products every month, allowing for new and emerging products to become part of the CDM marketplace. Once approved and placed on the APL, vendors can apply to IT Schedule 70 to sell their product from SIN 132-44.

Five subcategories under CDM include the following:

  • managing what is on the network;
  • managing who is on the network;
  • managing network protection;
  • managing events/incidents and what is happening on the network; and
  • emerging tools and technology.

Agencies can order from the GSA eLibrary’s CDM Tools page, and new vendors/products are added monthly.

If you have questions about getting your product listed with GSA’s CDM  SIN, give us a call at 301-913-5000.

Heads Up! Great Opportunity for Schedule 70 Holders

The FBI has decided not to hold a full and open competition for spots on the Information Technology Supplies and Support Services contract (known also as ITSSS). They have decided instead to award to vendors that already hold contracts on the GSA IT Schedule 70.

The bureau announced back in the spring that ITSSS would remain a single contract made up of multiple tracks. The tracks are being revised, however: the BPA will only include vendors with pre-vetted tools and services available on Schedule 70, thereby greatly reducing the competitive pool.

The six tracks currently proposed are:

• end-user services

• business applications services

• delivery services

• platform services

• infrastructure services

• emerging services

Between 15 and 22 spots on each of the six tracks are expected to be awarded, totaling between 90 and 132 awards. However, one single company could win spots on multiple tracks. Each track will include 10 to 15 large businesses and 5 to 7 small business. This presents a fantastic opportunity for many of our Schedule 70 clients. Now is the time to get out and market market market to FBI purchasing agents!

Not on the Schedule yet? Give us a call at 301-913-5000 or email Melissa Botello.

 

 

GSA issues RFI to reevaluate schedule 70

It may be “Soft”ware but GSA is coming hard

In late October, GSA issued a Request for Information (RFI) about a proposal to change the way agencies buy software under IT Schedule 70. The proposal would support compliance with the MEGABYTE Act of 2015, and improve federal management of $6 billion worth of software.

The proposed changes mostly impact term licenses, perpetual licenses, and software maintenance. Term software licenses would be “Redefined so that they are only applicable to software that is provisioned and executed from the ‘user’s servers, computing end-points, or other designated computing devices where the user has the right to load or deploy software,’” GSA stated. “Additionally, the requirement to convert term licenses into perpetual licenses has been modified so that it is only required when an offeror offers the same conversions to their commercial customers.”

There will be two pathways towards perpetual licenses: “Option 1 contemplates software vendors that will embed software identification tags in their software products that are consistent with the ISO/IEC 19970-2 standard,” the RFI states. “Option 2 contemplates software vendors that will allow incumbent software licensees a right to transfer or move perpetual licenses to a new licensee for a previously negotiated fee. It is intended that these new asset management rights and features are voluntary, meaning that software vendors who wish to offer them may optionally include them on their schedule contract.”

And there might be a new SIN for software maintenance! “Software maintenance-as-a-product, henceforth, will be the maintenance that software vendors charge for on an annual basis…Under the current software maintenance SIN structures, it is impossible to differentiate a software purchase from an annual software maintenance purchase. Providing software maintenance-as-a-product with its own SIN identifier allows the federal government to better manage software as an asset and appropriately track categories of spend by differentiating between software licenses and software maintenance.”

Exciting! If you have any questions or worries about your Schedule 70 products, feel free to call your EZGSA proposal specialist or anyone at our office at 301-913-5000.

GSA System Delays

We wanted to let you all know that GSA is experiencing a few delays, specifically with all e-filing and some modifications.

At this point, our contract management team is reporting that all Schedule 70 mods are being reviewed between 45 and 60 days after receipt, much longer than usual. We assume that this is due to the typical summer slow down (vacations) as well as trainings and technical issues.

Technical issues are affecting the VSC website, as well as eMod, eOffer, and mass mods. We have had reports of PINs not working, the database not finding contractors, incorrect DUNs numbers being returned, etc.

So if you’re experiencing either of the above — it’s not you, it’s GSA (!).