MAIN MENU

CYBERSECURITY FOR SUPPLIERS

Regulatory References: DFARS

Defense Federal Acquisition Regulation Supplement (DFARS):

FARS Title
252.204-7008 Compliance with Safeguarding Covered Defense Information
252.204-7009 Limitation on the Use or Disclosure of Third Party Contractor Reported Cyber Incident Information
252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting
252.204-7019 Notice of NIST SP 800-171 DoD Assessment Requirements
252.204-7020 NIST SP 800-171 DoD Assessment Requirements
252.204-7021 Cybersecurity Maturity Model Certification Requirements
NIST SP 800-171 defines the security requirements for protecting Controlled Unclassified Information (CUI) in non-federal information systems and organizations. Generally, Department of Defense contractors, except COTS suppliers, are required to implement these security requirements by no later than December 31, 2017. Please refer to DFARS 252.204-7008, DFARS 252.204-7012 and NIST SP 800-171 for more details.

Regulatory References:

Federal Acquisition Regulation (FARS)

This clause is applicable to all solicitations and contracts when a contractor or subcontractor at any tier may have federal contract information residing in or transiting through its information systems, including commercial items other than commercially available off-the-shelf items (COTS).

LEARN MORE

Defense Federal Acquisition Regulation (DFARS)

The Defense Federal Acquisition Regulation Supplement is a set of restrictions for the origination of raw materials intended to protect the US defense industry from the vulnerabilities of being overly dependent on foreign sources of supply.

LEARN MORE

Flow Down Clauses for Suppliers

The applicable flow-down clauses are included in General Dynamics Ordnance and Tactical Systems terms and conditions for its suppliers. The standard terms and conditions are available at the following link: https://www.gd-ots.com/suppliers/quality-clauses/

LEARN MORE

Reporting a Cybersecurity Incident

In accordance with DFARS 252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting, subcontractors, including vendors and consultants, are required to rapidly report cyber incidents within 72 hours of discovery.

LEARN MORE

We use cookies to enhance your website experience. By continuing to visit this site, you agree to our use of cookies. Learn More.

   Delivering The Best To The Best®


General Dynamics Ordnance and Tactical Systems is a global aerospace and defense company. We are committed to providing the U.S. military and its allies with an extensive range of overarching products that provide a cutting-edge advantage to our war fighters. A General Dynamics Company.

Follow Us