Common use of Notification of Property Damage Clause in Contracts

Notification of Property Damage. The awardee must provide notification to the cognizant NSF Program Officer by email within twenty- four (24) hours, with a copy to the cognizant NSF Grants and Agreements Officer, for the following incidences: a. The facility or any of its systems suffers estimated or actual physical property damage in excess of $10,000, or causes estimated or actual damage to other property in excess of $10,000; b. Cybersecurity incidents that may cause financial harm or loss of intellectual property created or supported in performance of the award, including malware and ransomware attacks; c. Cybersecurity incidents affecting the operations of facilities or the security of, or access to, scientific data, including disruption of both physical operations and business operations for a duration greater than one (1) hour; d. Cybersecurity incidents that affect interagency or international partners, or have national security implications; e. Cybersecurity incidents that affect personally identifiable information or other unauthorized release of data; f. Any significant or persistent attempt to gain unauthorized access to a system or its data; g. Any cybersecurity incident where federal law enforcement is notified; and h. Abuse or misuse of a system or data in violation of the terms of the agreement and any limited personal use policy established by the awardee for individuals with access to its systems. In addition to the above notification, if any of these incidents result in the inability of the awardee to carry out NSF supported research or occur during an NSF supported project, the awardee must submit a full report to the cognizant NSF Program Officer no later than seven (7) days after the awardee’s awareness of the incident with subsequent updates to the submission as new and updated information becomes available. The awardee must collect and preserve data, information, and reporting relevant to cybersecurity event prevention, detection, response, and investigation on all information systems over which they have control that are operated in whole or in part with NSF funding. All ransomware attacks should be reported by the awardee in accordance with the following: xxxxx://xxx.xxxx.xxx/stopransomware/report-ransomware-0.

Notification of Property Damage. The awardee recipient must provide notification to the cognizant NSF Program Officer by email within twenty- four (24) hoursemail, with a copy to the cognizant NSF Grants and Agreements Officer, within twenty-four (24) hours of becoming aware of the property damage for the following incidences: a. The facility or any of its systems suffers estimated or actual physical property damage in excess of $10,000, or causes estimated or actual damage to other property in excess of $10,000; b. Cybersecurity incidents that may cause financial harm or loss of intellectual property created or supported in performance of the award, including malware and ransomware attacks; c. Cybersecurity incidents affecting the operations of facilities or the security of, or access to, scientific data, including disruption of both physical operations and business operations for a duration greater than one (1) hour; d. Cybersecurity incidents that affect interagency or international partners, or have national security implications; e. Cybersecurity incidents that affect personally identifiable information or other unauthorized release of data; f. Any significant or persistent attempt to gain unauthorized access to a system or its data; g. Any cybersecurity incident where federal Federal law enforcement is notified; and h. Abuse or misuse of a system or data in violation of the terms of the agreement award and any limited personal use policy established by the awardee recipient for individuals with access to its systems. In addition to the above notification, if any of these incidents result in the inability of the awardee recipient to carry out NSF supported research or occur during an NSF supported project, the awardee recipient must submit a full report to the cognizant NSF Program Officer no later than seven (7) calendar days after the awardeerecipient’s awareness of the incident with subsequent updates to the submission as new and updated information becomes available. The awardee recipient must collect and preserve data, information, and reporting relevant to cybersecurity event prevention, detection, response, and investigation on all information systems over which they have control that are operated in whole or in part with NSF funding. All ransomware attacks should be reported by the awardee recipient in accordance with the following: xxxxx://xxx.xxxx.xxx/stopransomware/report-ransomware-0.

Notification of Property Damage. The awardee recipient must provide notification to the cognizant NSF Program Officer by email within twenty- four (24) hoursemail, with a copy to the cognizant NSF Grants and Agreements Officer, within twenty-four (24) hours of becoming aware of the property damage for the following incidences: a. The facility or any of its systems suffers estimated or actual physical property damage in excess of $10,000, or causes estimated or actual damage to other property in excess of $10,000; b. Cybersecurity incidents that may cause financial harm or loss of intellectual property created or supported in performance of the award, including malware and ransomware attacks; c. Cybersecurity incidents affecting the operations of facilities or the security of, or access to, scientific data, including disruption of both physical operations and business operations for a duration greater than one (1) hour; d. Cybersecurity incidents that affect interagency or international partners, or have national security implications; e. Cybersecurity incidents that affect personally identifiable information or other unauthorized release of data; f. Any significant or persistent attempt to gain unauthorized access to a system or its data; g. Any cybersecurity incident where federal Federal law enforcement is notified; and h. Abuse or misuse of a system or data in violation of the terms and conditions of the agreement award and any limited personal use policy established by the awardee recipient for individuals with access to its systems. In addition to the above notification, if any of these incidents result in the inability of the awardee recipient to carry out NSF supported research or occur during an NSF supported project, the awardee recipient must submit a full report to the cognizant NSF Program Officer no later than seven (7) calendar days after the awardeerecipient’s awareness of the incident with subsequent updates to the submission as new and updated information becomes available. The awardee recipient must collect and preserve data, information, and reporting relevant to cybersecurity event prevention, detection, response, and investigation on all information systems over which they have control that are operated in whole or in part with NSF funding. All ransomware attacks should be reported by the awardee recipient in accordance with the following: xxxxx://xxx.xxxx.xxx/stopransomware/report-ransomware-0.