Common use of Cyber Incident Reporting Clause in Contracts

Cyber Incident Reporting. Upon discovery of a cyber incident involving CUI or CTI, the performer shall take immediate steps to mitigate any further loss or compromise. The performer shall rapidly report the incident to DARPA and provide sufficient details of the event—including identification of detected and isolated malicious software—to enable DARPA to assess the situation and provide feedback to the performer regarding further reporting and potential mitigation actions. The performer shall preserve and protect images of all known affected information systems and all relevant monitoring/packet capture data for at least 90 days from reporting the cyber incident to enable DARPA to assess the cyber incident. The performer agrees to rapidly implement security measures as recommended by DARPA and to provide to DARPA any additionally requested information to help the Parties resolve the cyber incident and to prevent future cyber incidents. Public Release All information and data covered by this Article must be reviewed and approved by DARPA prior to any public release. The DARPA public release process is governed by DARPA Instruction 65. An online form is available to support those requests at: xxxxx://xxx.xxxxx.xxx/attachments/PublicReleaseSubmissionForm10232020.pdf Lower Tier Agreements The performer shall include this Article in all subcontracts or lower tier agreements, regardless of tier, for work performed in support of this Agreement.

Cyber Incident Reporting. Upon discovery of a cyber incident involving CUI or CTI, the performer shall take immediate steps to mitigate any further loss or compromise. The performer shall rapidly report the incident to DARPA and provide sufficient details of the event—including identification of detected and isolated malicious software—to enable DARPA to assess the situation and provide feedback to the performer regarding further reporting and potential mitigation actions. The performer shall preserve and protect images of all known affected information systems and all relevant monitoring/packet capture data for at least 90 days from reporting the cyber incident to enable DARPA to assess the cyber incident. The performer agrees to rapidly implement security measures as recommended by DARPA and to provide to DARPA any additionally requested information to help the Parties resolve the cyber incident and to prevent future cyber incidents. Public Release All information and data covered by this Article must be reviewed and approved by DARPA prior to any public release. The DARPA public release process is governed by DARPA Instruction 65. An online form is available to support those requests at: xxxxx://xxx.xxxxx.xxx/attachments/PublicReleaseSubmissionForm10232020.pdf xxxxx://xxx.xxxxx.xxx/work-with-us/contract-management/public-release Lower Tier Agreements The performer shall include this Article in all subcontracts or lower tier agreements, regardless of tier, for work performed in support of this Agreement.

Cyber Incident Reporting. Upon discovery of a cyber incident involving CUI or CTI, the performer shall take immediate steps to mitigate any further loss or compromise. The performer shall rapidly report the incident to DARPA and provide sufficient details of the event—including identification of detected and isolated malicious software—to enable DARPA to assess the situation and provide feedback to the performer regarding further reporting and potential mitigation actions. The performer shall preserve and protect images of all known affected information systems and all relevant monitoring/packet capture data for at least 90 days from reporting the cyber incident to enable DARPA to assess the cyber incident. The performer agrees to rapidly implement security measures as recommended by DARPA and to provide to DARPA any additionally requested information to help the Parties resolve the cyber incident and to prevent future cyber incidents. Public Release All information and data covered by this Article must be reviewed and approved by DARPA prior to any public release. The DARPA public release process is governed by DARPA Instruction 65. An online form is available to support those requests at: xxxxx://xxx.xxxxx.xxx/attachments/PublicReleaseSubmissionForm10232020.pdf xxxxx://xxx.xxxxx.xxx/attachments/PublicReleaseSubmissionForm_042816.pdf Lower Tier Agreements The performer shall include this Article in all subcontracts or lower tier agreements, regardless of tier, for work performed in support of this Agreement.

Cyber Incident Reporting. Upon discovery of a cyber incident involving DARPA CUI or CTI, the performer shall take immediate steps to mitigate any further loss or compromise. The performer shall rapidly report the incident to DARPA and provide sufficient details of the event—including identification of detected and isolated malicious software—to enable DARPA to assess the situation and provide feedback to the performer regarding further reporting and potential mitigation actions. The performer shall preserve and protect images of all known affected information systems and all relevant monitoring/packet capture data for at least 90 days from reporting the cyber incident to enable DARPA to assess the cyber incident. The performer agrees to rapidly implement security measures as recommended by DARPA and to provide to DARPA any additionally requested information to help the Parties resolve the cyber incident and to prevent future cyber incidents. Public Release All information and data covered by this Article must be reviewed and approved by DARPA prior to any public release. The DARPA public release process is governed by DARPA Instruction 65. An online form is available to support those requests at: xxxxx://xxx.xxxxx.xxx/attachments/PublicReleaseSubmissionForm10232020.pdf xxxxx://xxx.xxxxx.xxx/attachments/PublicReleaseSubmissionForm_042816.pdf Lower Tier Agreements The performer shall include this Article in all subcontracts or lower tier agreements, regardless of tier, for work performed in support of this Agreement.