STC DFARS Clause 252.204-7012 Cyber Security Compliance Statement
Superior Technical Ceramics services the Defense Industry as a sub-tier contractor to the Department of Defense (DoD) requiring STC compliance to DFARS Clause 252.204-7012 Cyber Security Compliance.
Controlled Unclassified Information (CUI) is safeguarded when residing on or transiting through STCs internal digital information network.
Compliance to DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting requires STC implementation of NIST Special Publication (SP) 800-171, through STC System Security Plans, (SSP), including Plans of Action.
DFARS Clause 252.204-7012 requires contractors/subcontractors to:
- Provide adequate security to safeguard covered defense information that resides on or is transiting through a contractor’s internal information system or network
- Report cyber incidents that affect a covered contractor information system or the covered defense information residing therein, or that affect the contractor’s ability to perform requirements designated as operationally critical support
- Submit malicious software discovered and isolated in connection with a reported cyber incident to the DoD Cyber Crime Center
- If requested, submit media and additional information to support damage assessment
- Flow down the clause in subcontracts for operationally critical support, or for which subcontract performance will involve covered defense information.
January 25, 2021