NOTICE REGARDING THE IMPORTANCE OF CYBERSECURITY PROTECTIONS FOR SENSITIVE INFORMATION
It is an unfortunate fact of the modern world that theft of information from computer and information systems occurs on a regular basis. We are all aware of numerous cyber-theft incidents.
All Suppliers to GKN have committed to keep our sensitive information confidential. The cybersecurity of your computer and information systems is essential for you to meet your confidentiality obligations.
See additional information under Additional Resources below.
NOTICE REGARDING MANDATORY CYBERSECURITY PROTECTIONS UNDER DOD SUBCONTRACTS
The US Department of Defense has adopted Defense Federal Acquisition Regulation Supplement 252.204-7012, http://www.acq.osd.mil/dpap/dars/dfars/html/current/252204.htm, which incorporates the NIST 800-171 requirements. If you supply under a contract which includes or flows down from a contract which includes DFARS 252.204-7012, you will be required to comply with it:
WHEN DFARS CLAUSE 252.240-7012 APPLIES, IT IMPOSES 4 KEY REQUIREMENTS:
Contractors will have until December 31, 2017 to be in full compliance with the requirements outlined in the clause, and The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations,” http://dx.doi.org/10.6028/NIST.SP.800-171. This 77-page publication from the US Department of Commerce (June 2015) sets forth 110 specific requirements in 14 categories.
Areas of non-compliance need to be reported to the DoD CIOs office within 30 days after contract award.
Contractors have 72 hours to report cyber incidents to the DoD CIO. In order to do so, the contractor or subcontractor shall acquire a DoD-approved medium assurance certificate to report cyber incidents; see http://iase.disa.mil/pki/eca/Pages/index.aspx.
The cyber DFARS clause needs to be flowed down to all suppliers/subcontractors storing, processing and/or generating Covered Defense Information (as defined in DFAR 252.204-7012) as part of contract performance.
Rob Soen, Senior VP Supply Chain Management
ADDITIONAL RESOURCES. Several government and industry organizations provide information and guidance on cybersecurity threats, controls, and risk management techniques. While we do not endorse any specific organization or set of controls, below are a few that may help:
GKN Aerospace Launches Focus on Five
Focus on Five is a 5 point plan, between 2016 & 2018 to create the GKN Aerospace Supply Chain of the future.
13th July 2016
GKN Aerospace names SC Aerostar Premier Supplier
6th ceremony at Farnborough airshow commends 6 suppliers for their performance excellence
At a ceremony at the Farnborough International Airshow today, GKN Aerospace named SC Aerostar as its premier supplier for 2015/16 and highlighted the outstanding performance of 5 other companies.
SC Aerostar, based in Bacau, Romania, gained the Premier Supplier award. SC Aerostar are suppliers of metallic parts and assemblies for multiple programmes and were praised for their sustained levels of performance on both delivery and quality.
Rob Soen, Senior Vice President of Supply Chain Management commented; “The SC Aerostar team has demonstrated consistent and exceptional support for our business. They have recognised the need to work closely with us and, as a result of this partnership, their performance, across all aspects of their work, has been outstanding.”
Other awards presented by GKN Aerospace were:
· Supplier Excellence Award - Aerostructures Europe & Special Products - presented to WSK PZL Swidnik SA for their excellent support of GKN Aerospace’s drive to increase the rate and consistency of the output of nacelles, responding swiftly and effectively where additional volumes have been required to meet customer demand.
· Supplier Excellence Award – Aerostructures North America - presented to Cytec Solvay Group, suppliers of lightweight composite materials with fire-retardancy, chemical resistance and high impact strength, for their sustained performance across quality, delivery, and technical partnering.
· Supplier Excellence Award - Engine Systems - presented to Frisa Aerospace. S.A. de C.V. Frisa Aerospace have distinguished themselves for their performance as supplier of ring forgings, supporting GKN Aerospace with equal enthusiasm across high and low volume programmes and developmental work.
· Supplier Excellence Award - Fokker - presented to Sabca Limburg nv, suppliers of complex, precision engineered composite skins and spars for business jet programmes. Sabca Limburg has worked closely alongside Fokker engineers, providing consistently high levels of performance on both quality and on-time delivery.
· Lean & Innovation Award - presented to CIM Tools Pvt Ltd for their innovative response to the need to significantly compress delivery timescales in order to maintain the supply of critical parts for a major aerostructures work package. CIM achieved the increase in speed with excellent programme management, maintaining the required tolerances and conditions of supply throughout.
Commending the Excellence Award winners, Rob Soen continued: “We are always working with our supplier base to develop and improve. In today’s market it is vital that each supplier maintains and enhances their competitiveness across all aspects of their operation. This year we have been asking our supply base to step forward and support our ‘Focus on Five’ supply chain initiative. All the winners are clearly demonstrating performance towards the Focus on Five goals.”
GKN has recently updated its Supply Chain Management Policy to draw attention to the Companies support of the principles of the UK Bribery Act 2010. All suppliers are required to comply with the policy in all aspects. A copy of the policy can be found in the Divisional Purchasing Information section of this supplier portal.