Cyber Incident Reporting. Upon discovery of a cyber incident involving CUI or CTI, the performer shall take immediate steps to mitigate any further loss or compromise. The performer shall rapidly report the incident to DARPA and provide sufficient details of the event—including identification of detected and isolated malicious software—to enable DARPA to assess the situation and provide feedback to the performer regarding further reporting and potential mitigation actions. The performer shall preserve and protect images of all known affected information systems and all relevant monitoring/packet capture data for at least 90 days from reporting the cyber incident to enable DARPA to assess the cyber incident. The performer agrees to rapidly implement security measures as recommended by DARPA and to provide to DARPA any additionally requested information to help the Parties resolve the cyber incident and to prevent future cyber incidents. Public Release All information and data covered by this Article must be reviewed and approved by DARPA prior to any public release. The DARPA public release process is governed by DARPA Instruction 65. An online form is available to support those requests at: xxxxx://xxx.xxxxx.xxx/attachments/PublicReleaseSubmissionForm10232020.pdf Lower Tier Agreements The performer shall include this Article in all subcontracts or lower tier agreements, regardless of tier, for work performed in support of this Agreement.
Cyber Incident Reporting. Upon discovery of a cyber incident involving CUI or CTI, the performer shall take immediate steps to mitigate any further loss or compromise. The performer shall rapidly report the incident to DARPA and provide sufficient details of the event—including identification of detected and isolated malicious software—to enable DARPA to assess the situation and provide feedback to the performer regarding further reporting and potential mitigation actions. The performer shall preserve and protect images of all known affected information systems and all relevant monitoring/packet capture data for at least 90 days from reporting the cyber incident to enable DARPA to assess the cyber incident. The performer agrees to rapidly implement security measures as recommended by DARPA and to provide to DARPA any additionally requested information to help the Parties resolve the cyber incident and to prevent future cyber incidents.
Cyber Incident Reporting. Upon discovery of a cyber incident involving CUI or CTI, the performer shall take immediate steps to mitigate any further loss or compromise. The performer shall rapidly report the incident to Northrop Grumman and provide sufficient details of the event—including identification of detected and isolated malicious software—to enable Northrop Grumman to assess the situation and provide feedback to the performer regarding further reporting and potential mitigation actions. The performer shall preserve and protect images of all known affected information systems and all relevant monitoring/packet capture data for at least 90 days from reporting the cyber incident to enable Northrop Grumman to assess the cyber incident. The performer agrees to rapidly implement security measures as recommended by SDA consistent with Performer’s Government approved security systems and to provide to Northrop Grumman any additionally requested information to help the Parties resolve the cyber incident and to prevent future cyber incidents.
Cyber Incident Reporting. When a cyber incident is discovered, contractors must conduct a review for evidence of compromise of covered defense information and report the to DoD at xxxx://xxxxxx.xxx.xxx and Insulation Supply Company within 72 hours. A “Cyber incident” is defined as actions taken through the use of computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein. Supplier Flow Down When engaging with other suppliers that require access to covered defense information in performance of a contract, include the DFARS 252.204-7012 clause in any subcontracts, or similar contractual instruments with those suppliers.
Cyber Incident Reporting. Cyber-incident reporting shall be conducted in accordance with the aforementioned DFARS clauses.
