Beginner's Guide to GSA & the New Consolidated MAS Contract | View the Guide Here

Cybersecurity HACS Sales Top $10M on GSA Schedule 70

An Update on GSA’s IT Schedule 70 Cybersecurity SINs


It’s been two years since GSA officially released the Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers (SINs) under the GSA IT Schedule 70 Contract. The HACS SINs were established by GSA in collaboration with the Department of Homeland Security to help agencies meet initiatives laid out in the Cybersecurity National Action Plan (CNAP).

All GSA Schedule Contract holders are pre-vetted by GSA. However, companies approved under the GSA HACS SINs meet additional requirements, including an oral technical evaluation designed to assess cybersecurity capabilities. To date, around 160 companies have been approved to offer one or more of the HACS SINs through their GSA IT Schedule 70 Contract.

GSA IT Schedule 70 HACS SINs

Below is a list of the four Highly Adaptive Cybersecurity Services SINs and a description of what each SIN covers.

  • 132-45A | Penetration Testing is security testing in which assessors mimic real-world attacks to identify methods for circumventing the security features of an application, system, or network.
  • 132-45B | Incident Response services help organizations impacted by a cybersecurity compromise determine the extent of the incident, remove the adversary from their systems, and restore their networks to a more secure state.
  • 132-45C | Cyber Hunt activities are responses to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats.
  • 132-45D | Risk and Vulnerability Assessment (RVA) conduct assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations.

GSA IT Schedule 70 HACS SINs Sales

The GSA IT Schedule 70 HACS SINs are gaining traction as GSA continues its outreach efforts, educating government buyers on how the SINs can help meet agency cybersecurity needs.  As detailed in the chart below, HACS sales reached approximately $2 million in the SINs first full fiscal year. With the fourth quarter yet to close, fiscal year 2018 sales have more than tripled and total sales have crossed the $10 million threshold. While state and local government buyers are eligible to purchase through the HACS SINs, so far contractors have attributed all sales to federal customers.

HACS SINs Sales by Fiscal Year

When you look at a breakdown of HACS SINs sales by quarter, you see sales slowly ramping up during fiscal year 2016, dipping slightly in the beginning of fiscal year 2018, and then bounding to nearly $6 million in the third quarter of this fiscal year. In fact, the third quarter of fiscal year 2018 accounts for 55% of total sales, since the release of the HACS SINs.

HACS SINs Sales by Quarter

Selling Cybersecurity Services through HACS

If your company offers cybersecurity solutions to the government sector, contact us to talk. FEDSched can help you review the HACS SINs requirements. If eligible, we can help you obtain a GSA Schedule 70 Contract or add the HACS SINs to your existing contract.


Buying Cybersecurity Services through HACS

Are you an agency looking to purchase cybesecurity solutions through the HACS SINs? GSA’s HACS webpage includes information for federal, state, and local government buyers, including Quick Start Ordering Guides, Statement of Work Templates, and RFQ templates.