General Services Administration (GSA) Multiple Award Schedule (MAS) Highly Adaptive Cybersecurity (HACS)
Phoenix Cyber has strong and relevant past performance in the delivery of cybersecurity and technology services to U.S. Federal Government agencies. We support the General Services Administration (GSA) Multiple Award Schedule (MAS) Highly Adaptive Cybersecurity (HACS) Special Item Number (SIN) with best in class, pre-vetted cybersecurity services.
GSA MAS (HACS) Contract
- Contract Website: https://www.gsa.gov/technology/it-contract-vehicles-and-purchasing-programs/multiple-award-schedule-it/highly-adaptive-cybersecurity-services
- Contract #: 47QTCA24D002R
- HACS Special Item Number (SIN): 54151HACS
- Category: 54151S, Information Technology Professional Services
- Period of Performance: December 14, 2023 to December 14, 2028
- Contract Holder: Phoenix Data Security Inc. (DBA Phoenix Cyber)
- SAM UEI: J946ULS1SHE5
- NAICS: 541512
- Point of Contact: Ryan Foster | [email protected] | (888) 416-9919
Contract Overview
The General Services Administration (GSA) Multiple Award Schedule (MAS) consolidates GSA offerings under a single contract vehicle and gives ordering officials the ability to rapidly obtain a contract award solution for their requirements under a single contract vehicle. The GSA established the Highly Adaptive Cybersecurity (HACS) Special Item Numbers (SINs) on MAS to provide agencies with a rapid way to obtain best in class, pre-vetted cybersecurity services.
The HACS SIN offers:
- Access to a pool of technically evaluated cybersecurity vendors
- Rapid ordering and deployment of services
- Reduction in open market ordering and contract duplication
- Cybersecurity/acquisition support resources from GSA
The scope of the HACS SIN includes proactive and reactive cybersecurity services. HACS includes a wide range of fields such as, the seven-step Risk Management Framework services, information assurance, virus detection, zero trust architecture, network management, situational awareness and incident response, secure web hosting, backups, security services and Security Operations Center (SOC) services. Phoenix Cyber underwent a rigorous evaluation, which included submission of numerous written proposals and oral technical evaluations to thoroughly vet our capabilities to deliver services in all five (5) HACS subgroups:
- High Value Asset (HVA) Assessments – Includes Security Architecture Review (SAR) to evaluate a subset of the HVA security posture to determine whether the agency has properly architected its cybersecurity solutions. The SAR process utilizes in-person interviews, documentation reviews, and leading practice evaluations of the HVA environment and supporting systems. Also includes Systems Security Engineering (SSE) to identify security vulnerabilities and minimizes or contain risks associated with these vulnerabilities spanning the Systems Development Life Cycle. SSE focuses on the following security areas: perimeter security, network security, endpoint security, application security, physical security, and data security.
- Penetration Testing – Security testing in which assessors mimic real-world attacks to identify methods for circumventing the security features of an application, system, or network.
- Incident Response – Helps organizations impacted by a cybersecurity compromise determine the extent of the incident, remove the adversary from their systems, and restore their networks to a more secure state.
- Cyber Hunt – Responding to crises or urgent situations to mitigate immediate and potential threats. Cyber Hunts start with the premise that threat actors known to target some organizations in a specific industry or with specific systems are likely to also target other organizations in the same industry or with the same systems.
- Risk and Vulnerability Assessments (RVA) – Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations, enterprise, or local policy; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures.