As technology becomes even more critical to the acquisition process, cybersecurity is at the forefront of everyone’s mind. Booz Allen is taking steps to ensure that our data and internal systems are protected and compliant with applicable laws and regulations. We also must ensure that data within our subcontractors' control, and transmitted by our subcontract to others, is protected and compliant with these same laws and regulations. We want to ensure your awareness of several FAR and DFARS clauses:
- DFARS 252.204-7008 - Compliance with Safeguarding Covered Defense Information Controls
- DFARS 252.204-7009 - Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information
- DFARS 252.204-7012 - Safeguarding Covered Defense Information and Cyber Incident Reporting
- DFARS 252.239-7009 - Representation of Use of Cloud Computing
- DFARS 252.239-7010 - Cloud Computing Services
It is critical that our subcontractors have the ability to protect all forms of sensitive data. As a firm, we are taking a proactive approach to minimize cyber risk to our national security and our Government clients. Prime Contractors that are not compliant with these cybersecurity requirements, in particular the DFARS cybersecurity requirements, risk the loss of further contracts awards, as well as possible impacts to existing contracts.