CYBERSECURITY
Cybersecurity promotes effective strategies and collaboration, requiring DFARS clause 252.204- 7012 in all new Department of Defense prime contracts and subcontractors, ensuring cybersecurity and cyber incident reporting.
Key definitions defined by DFARS 252.204-7012:
• A covered contractor information system is an entity owned or operated by a contractor that manages, stores, or transmits covered defense information. • Controlled technical information, military or space-related, is subject to restrictions on access, use, reproduction, modification, performance, display, release, disclosure, or dissemination, meeting DoD Instruction 5230.24 distribution statement criteria. • A cyber incident refers to actions taken using computer networks that can have a significant or potentially harmful impact on an information system or its contents. Implement adequate security measures to safeguard unclassified controlled technical information within contractor information systems from unauthorized access and disclosure Report cyber incidents within 72 hours of the event The new clause contains two principal requirements that apply to all contractors at every tier: We encourage you to begin the process necessary to assess your information system security so that you will be prepared to certify your compliance with the clause when you respond to a future procurement solicitation or submit the annual certifications and representations.
Made with FlippingBook - Share PDF online