We live in the digital era and as we have seen with the pandemic, more and more aspects of life are becoming digitized. This does not exclude our federal entities, so it’s imperative that our federal government is protected from the threats that come with the digital age. As a result, GSA created a HACS (Highly Adaptive Cybersecurity Services) SIN which is dedicated to preventing leaks and cyberattacks. Before an entity can obtain a HACS SIN, they must show that they are qualified to provide thorough and extensive cybersecurity. A main part of the qualification for the HACS SIN is determined by an Assessment Evaluation and Standardization (AES) High Value Asset (HVA) assessment. Let’s dive into the HVA assessment and what it entails.

If you are a government contractor serving the Department of Defense (DoD), then you are part of an elite group of organizations that make up the Defense Industrial Base (DIB). The Cybersecurity and Infrastructure Security Agency (CISA) estimates the DIB to be made up of more than “100,000 companies and subcontractors working under contract for the Department of Defense at any given time.” As part of the DIB, you are subject to the Cybersecurity Maturity Model Certification, or better known as CMMC. CMMC is a set of cybersecurity standards created to ensure the DIB and other relevant government contractors are properly protecting sensitive unclassified information.

If you are an Information Technology (IT) firm entering into the federal government marketplace, you will be introduced to a whole new world of terms that you were previously unfamiliar with. After taking advantage of some open market contracting opportunities, you may be encouraged by one of your Contracting Officers to get on a GWAC.

Since the Cybersecurity Maturity Model Certification (CMMC) was first announced in 2020, it has undergone several changes. As the Department of Defense (DoD) and other government agencies look to deploy CMMC within government contracting, they will continue to adapt the verification method so it’s more effective.

You might have heard the term “DFARS” come up a lot recently, especially with the federal government's initiatives to heighten cybersecurity and defense measures. But what is DFARS and how does it relate to GSA contractors? You’ll find it’s a very important set of regulations for you to follow and understand. DFARS stands for Defense Federal Acquisition Regulation Supplement. It’s managed by the Department of Defense (DoD) to supplement the Federal Acquisition Regulation (FAR). The defense supplement was launched to as a government effort to guard national security concerns from cybersecurity attacks.

The U.S. federal government has become increasingly connected in the digital age. This affords great opportunities but also requires a significant investment in cybersecurity. Every organization has information that it needs to keep private, but the federal government has especially sensitive data that needs to be heavily guarded. A single leak could cause rampant issues from identity theft to leakage of confidential information. To keep information secure in our constantly changing digital world, the Highly Adaptive Cybersecurity Services (HACS) Special Item Number (SIN) was created under the Multiple Award Schedule (MAS) Program.