Common use of Cyber Security Clause in Contracts

Cyber Security. Supplier will safeguard Buyer, Government and/or Covered Defense Information (CDI) that resides in or transits through covered contractor information systems by applying specified network security controls in accordance with NIST Special Publication 800-171, Protecting Controlled Unclassified Information in NonFederal Information Systems and Organizations (xxxx://xxxx.xxxx.xxx/publications/details/sp/800-171/rev_1/Final). Data covered by the Purchase Orders must be maintained within the fifty states of the US. Upon identification, the supplier shall report cyber incidents, within 72 hours of discovery directly to Seller’s Buyer and Department of Defense (DoD) at xxxxx://xxxxxx.xxx.xxx/portal/intranet. The Seller shall include the incident report number automatically assigned by DoD to to Buyer in writing and report that result in an actual or potentially “adverse effect” on Buyer, Government and/or CDI and shall follow all applicable FAR and DFARS clauses in regards to safeguarding and reporting requirements around cyber security and cloud computing. Additional information regarding Cyber Security is located at xxxxx://xxxx.xxx/our_company/small_business_partners/cybersecurity_our_suppliers.

Cyber Security. Supplier Seller will safeguard Buyer, Government and/or Covered Defense Information (CDI) that resides in or transits through covered contractor information systems by applying specified network security controls in accordance with NIST Special Publication 800-171, Protecting Controlled Unclassified Information in NonFederal Nonfederal Information Systems and Organizations (xxxx://xxxx.xxxx.xxx/publications/details/sp/800-171/rev_1/Finalxxxxx://xxxx.xxxx.xxx/publications/detail/sp/800-171/rev-2/final). Data covered by the Purchase Orders must be maintained within the fifty states of the US. Upon identification, the supplier Seller shall report cyber incidents, within 72 hours of discovery directly to Seller’s Buyer and Department of Defense (DoD) at xxxxx://xxxxxx.xxx.xxx/portal/intranet. The Seller shall include the incident report number automatically assigned by DoD to to Buyer in writing and report that result in an actual or potentially “adverse effect” on Buyer, Government and/or CDI and shall follow all applicable FAR and DFARS clauses in regards regard to safeguarding and reporting requirements around cyber security and cloud computing. Additional information regarding Cyber Security is located at xxxxx://xxxx.xxx/our_company/small_business_partners/cybersecurity_our_suppliers.xxxxx://xxx.xxxx.xxx/about- gdit/our-partners/small-business-partners/cybersecurity-for-our-suppliers

Cyber Security. Supplier will safeguard Buyer, Government and/or Covered Defense Information (CDI) that resides in or transits through covered contractor information systems by applying specified network security controls in accordance with NIST Special Publication 800-171800‐171, Protecting Controlled Unclassified Information in NonFederal Information Systems and Organizations (xxxx://xxxx.xxxx.xxx/publications/details/sp/800-171/rev_1/Finalxxxx://xxxx.xxxx.xxx/publications/details/sp/800‐171/rev_1/final). Data covered by the Purchase Orders contracts must be maintained within the fifty states of the US. Upon identification, the supplier shall report cyber incidents, within 72 hours of discovery directly to Seller’s Buyer and Department of Defense (DoD) at xxxxx://xxxxxx.xxx.xxx/portal/intranet. The Seller shall include the incident report number automatically assigned by DoD to to Buyer in writing and report that result in an actual or potentially “adverse effect” on Buyer, Government and/or CDI and shall follow all applicable FAR and DFARS clauses in regards to safeguarding and reporting requirements around cyber security and cloud computing. Additional information regarding Cyber Security is located at xxxxx://xxxx.xxx/our_company/small_business_partners/cybersecurity_our_suppliers.

Cyber Security. Supplier Seller will safeguard Buyer, Government and/or Covered Defense Information (CDI) that resides in or transits through covered contractor information systems by applying specified network security controls in accordance with NIST Special Publication 800-171, Protecting Controlled Unclassified Information in NonFederal Nonfederal Information Systems and Organizations (xxxx://xxxx.xxxx.xxx/publications/details/sp/800-171/rev_1/Finalxxxxx://xxxx.xxxx.xxx/publications/detail/sp/800-171/rev-2/final). Data covered by the Purchase Orders must be maintained within the fifty states of the US. Upon identification, the supplier Seller shall report cyber incidents, within 72 hours of discovery directly to Seller’s Buyer and Department of Defense (DoD) at xxxxx://xxxxxx.xxx.xxx/portal/intranet. The Seller shall include the incident report number automatically assigned by DoD to to Buyer in writing and report that result in an actual or potentially “adverse effect” on Buyer, Government and/or CDI and shall follow all applicable FAR and DFARS clauses in regards regard to safeguarding and reporting requirements around cyber security and cloud computing. Additional information regarding Cyber Security is located at xxxxx://xxxx.xxx/our_company/small_business_partners/cybersecurity_our_suppliers.xxxxx://xxx.xxxx.xxx/about- gdit/our-partners/small-business-partners/cybersecurity-for-our-suppliers/.

Cyber Security. Supplier will safeguard Buyer, Government and/or Covered Defense Information (CDI) that resides in or transits through covered contractor information systems by applying specified network security controls in accordance with NIST Special Publication 800-171, Protecting Controlled Unclassified Information in NonFederal Information Systems and Organizations (xxxx://xxxx.xxxx.xxx/publications/details/sp/800-171/rev_1/Finalxxxx://xxxx.xxxx.xxx/publications/details/sp/800-171/rev_1/final). Data covered by the Purchase Orders contracts must be maintained within the fifty states of the US. Upon identification, the supplier shall report cyber incidents, within 72 hours of discovery directly to Seller’s Buyer and Department of Defense (DoD) at xxxxx://xxxxxx.xxx.xxx/portal/intranet. The Seller shall include the incident report number automatically assigned by DoD to to Buyer in writing and report that result in an actual or potentially “adverse effect” on Buyer, Government and/or CDI and shall follow all applicable FAR and DFARS clauses in regards to safeguarding and reporting requirements around cyber security and cloud computing. Additional information regarding Cyber Security is located at xxxxx://xxxx.xxx/our_company/small_business_partners/cybersecurity_our_suppliers.