IBM Cybersecurity Services

IBM is authorized to provide cybersecurity services under new special item numbers (SINs) on GSA's IT Schedule 70.

In support of the president’s Cybersecurity National Action Plan, the General Services Administration (GSA)’s IT Schedule 70 has established four new Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers (SINs). IT Schedule 70 is the largest, most widely used acquisition vehicle in the federal government.  These new SINs will provide government agencies with quicker and more reliable access to key, pre-vetted support services that will expand agencies’ capacity to test their high-priority IT systems, rapidly address potential vulnerabilities, and stop adversaries before they impact the networks.

The HACS SINs feature high quality cybersecurity vendors - including IBM  - offering federal, state, and local governments the following services:

  • 132-45A Penetration Testing is security testing in which assessors mimic real-world attacks to identify methods for circumventing the security features of an application, system, or network.
  • 132-45B Incident Response services help organizations impacted by a cybersecurity compromise determine the extent of the incident, remove the adversary from their systems, and restore their networks to a more secure state.
  • 132-45C Cyber Hunt activities are responses to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats. Cyber Hunt activities start with the premise that threat actors known to target some organizations in a specific industry, or specific systems, are likely to also target other organizations in the same industry or with the same systems.
  • 132-45D Risk and Vulnerability Assessment conduct assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations.

Benefits of the HACS SINs to federal agencies:

  1. Access to pool of rigorously reviewed cybersecurity vendors: The SINs will allow federal agencies to easily identify high-quality cybersecurity vendors vetted against rigorous standards.
  2. Rapid ordering and deployment of services: Agencies can rapidly deploy needed cybersecurity services using IT Schedule 70’s streamlined ordering procedures that reduce agency procurement lead times by 25-50 percent as compared to open market ordering, which is less efficient and can carry additional risks.
  3. Cybersecurity / acquisition support resources from GSA:
    • Cybersecurity and acquisition subject matter experts will be available to advise federal agencies on procurements under the HACS SINs.
    • A quick-start ordering guide will be available to help federal cybersecurity and procurement officials rapidly procure services from the HACS SINs.
    • Sample acquisition documents, including sample statements of work, will be available on the acquisition gateway and the GSA cybersecurity website.