Amendment Of Solicitation/modification Of Contract Page 35
ADVERTISEMENT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40CONTRACT NO.
DELIVERY ORDER NO.
AMENDMENT/MODIFICATION NO.
PAGE
FINAL
N00178-14-D-7823
EX01
04
33 of 38
(iv) Point of contact if different than the POC recorded in the System for Award Management (address, position,
telephone, email).
(v) Contracting Officer point of contact (address, position, telephone, email).
(vi) Contract clearance level.
(vii) Name of subcontractor and CAGE code if this was an incident on a Sub-contractor network.
(viii) DoD programs, platforms or systems involved.
(ix) Location(s) of compromise.
(x) Date incident discovered.
(xi) Type of compromise (e.g., unauthorized access, inadvertent release, other).
(xii) Description of technical information compromised.
(xiii) Any additional information relevant to the information compromise.
(2) Reportable cyber incidents. Reportable cyber incidents include the following:
(i) A cyber incident involving possible exfiltration, manipulation, or other loss or compromise of any unclassified
controlled technical information resident on or transiting through Contractor’s, or its subcontractors’, unclassified
information systems.
(ii) Any other activities not included in paragraph (d)(2)(i) of this clause that allow unauthorized access to the
Contractor’s unclassified information system on which unclassified controlled technical information is resident on or
transiting.
(3) Other reporting requirements. This reporting in no way abrogates the Contractor’s responsibility for additional
safeguarding and cyber incident reporting requirements pertaining to its unclassified information systems under other
clauses that may apply to its contract, or as a result of other U.S. Government legislative and regulatory
requirements that may apply (e.g., as cited in paragraph (c) of this clause).
(4) Contractor actions to support DoD damage assessment. In response to the reported cyber incident, the
Contractor shall—
(i) Conduct further review of its unclassified network for evidence of compromise resulting from a cyber incident to
include, but is not limited to, identifying compromised computers, servers, specific data and users accounts. This
includes analyzing information systems that were part of the compromise, as well as other information systems on
the network that were accessed as a result of the compromise;
(ii) Review the data accessed during the cyber incident to identify specific unclassified controlled technical
information associated with DoD programs, systems or contracts, including military programs, systems and
technology; and
(iii) Preserve and protect images of known affected information systems and all relevant monitoring/packet capture
data for at least 90 days from the cyber incident to allow DoD to request information or decline interest.
(5) DoD damage assessment activities. If DoD elects to conduct a damage assessment, the Contracting Officer will
request that the Contractor point of contact identified in the incident report at (d)(1) of this clause provide all of the
damage assessment information gathered in accordance with paragraph (d)(4) of this clause. The Contractor shall
comply with damage assessment information requests. The requirement to share files and images exists unless there
are legal restrictions that limit a company's ability to share digital media. The Contractor shall inform the
Contracting Officer of the source, nature, and prescription of such limitations and the authority responsible.
(e) Protection of reported information. Except to the extent that such information is lawfully publicly available
without restrictions, the Government will protect information reported or otherwise provided to DoD under this
clause in accordance with applicable statutes, regulations, and policies. The Contractor shall identify and mark
ADVERTISEMENT
0 votes
Related Articles
Related forms
Related Categories
Parent category: Business