MARADMINS : 0109/09
R 191925Z FEB 09
UNCLASSIFIED//
MARADMIN 0109/09
MSGID/GENADMIN/CMC WASHINGTON DC C4//
SUBJ/NETWORK SECURITY FOCUS DAY//
REF/A/MSGID:DOC/CJCSM 6510.01 CH 3/08 MAR 06//
REF/B/MSGID:DOC/CJCSI 6510.01E/15 AUG 07//
REF/C/MSGID:DOC/DODD 8500.2 INFORMATION ASSURANCE (IA) IMPLEMENTATION/6 FEB 03//
REF/D/MSGID:DOC/DODD O-8530.1 COMPUTER NETWORK DEFENSE/08 JAN 01//
REF/E/MSGID:DOC/SECDEF MEMO ASSIGNMENT AND DELEGATION OF AUTHORITY TO DIRECTOR, DEFENSE INFORMATION SYSTEMS AGENCY (DISA)/18 JUN 04//
REF/F/MSGID:DOC/FEDERAL INFORMATION SECURITY MANAGEMENT ACT OF 2002 (FISMA)/-//
REF/G/MSGID:DOC/DODI 5220.22-M NATIONAL INDUSTRIAL SECURITY PROGRAM OPERATING MANUAL/28 FEB 06//
REF/H/MSGID:DOC/DODD 8100.1 GLOBAL INFORMATION GRID (GIG) OVERARCHING POLICY/19 SEP 02//
REF/I/MSGID:DOC/DODI 8510.01 DOD INFORMATION ASSURANCE CERTIFICATION ANDACCREDITATION PROCESS (DIACAP)/28 NOV 07//
NARR/REF A DIRECTS INCIDENT HANDLING AND REPORTING FOR THE GIG.
REF B PROVIDES POLICY AND GUIDANCE FOR INFORMATION ASSURANCE (IA) AND COMPUTER NETWORK DEFENSE (CND) OPERATIONS.
REF C IMPLEMENTS POLICY, ASSIGNS RESPONSIBILITY AND PRESCRIBES PROCESSES FOR APPLYING INTEGRATED, LAYERED PROTECTION OF DOD INFORMATION SYSTEMS.
REF D OUTLINES THE DOD CND PROGRAM.
REF E ASSIGNS THE DIRECTOR, DISA, WITH AUTHORITIES AND RESPONSIBILITIES FOR GLOBAL NETWORK OPERATIONS AND DEFENSE UNDER USSTRATCOM.
REF F IMPOSES A MANDATORY SET OF INFORMATION SYSTEMS PROCESSES FOR US FEDERAL GOVERNMENT AGENCIES.
REF G PRESCRIBES REQUIREMENTS, RESTRICTIONS AND OTHER SAFEGUARDS TO PREVENT UNAUTHORIZED DISCLOSURE OF CLASSIFIED INFORMATION.
REF H ESTABLISHES POLICY AND ASSIGNS RESPONSIBILITY FOR GIG CONFIGURATION MANAGEMENT, ARCHITECTURE AND THE RELATIONSHIP WITH THE INTELLIGENCE COMMUNITY (IC) AND DEFENSE INTELLIGENCE COMPONENTS.
REF I ESTABLISHES CERTIFICATION AND ACCREDITATION TO MANAGE THE IMPLEMENTATION OF IA CAPABILITIES AND SERVICES.//
GENTEXT/REMARKS//
RMKS/1. NETWORK SECURITY POLICIES AND TRAINING ARE DESIGNED TO ENSURE THAT MARINE CORPS COMPUTER NETWORKS REMAIN AVAILABLE AND SECURE. THE MOST VIABLE MEANS TO RAISE AWARENESS OF THE RISKS ASSOCIATED WITH THE NETWORK IS THROUGH CONTINUOUS TRAINING.
2. TO MEET THE INTENT OF THE COMMANDERS, US STRATEGIC COMMMAND AND JOINT TASK FORCE GLOBAL NETWORK OPERATIONS, ALL USMC ACTIVITIES ARE DIRECTED TO CONDUCT A NETWORK SECURITY TRAINING AND AWARENESS DAY NLT 28 FEBRUARY 2009. EVERY USMC MEMBER, UNIFORMED, CIVILIAN AND CONTRACTOR, WHO USES GOVT COMPUTERS, SHALL PARTICIPATE IN THIS TRAINING. TRAINING WILL BE AUGMENTED BY A REVIEW OF NETWORK SECURITY POSTURE CONDUCTED BY LOCAL INFORMATION ASSURANCE PERSONNEL.
3. UNITED STATES STRATEGIC COMMAND, JOINT TASK FORCE-GLOBAL NETWORK OPERATIONS, C4 AND MCNOSC ARE ACTIVELY INVOLVED IN PROTECTING OUR NETWORKS AND ISSUE NEW GUIDANCE ON A REGULAR BASIS TO COUNTER KNOWN AND EMERGING NETWORK SECURITY THREATS. LOG ONTO WWW.MCNOSC.USMC.SMIL.MIL AND WWW.JTFGNO.SMIL.MIL ROUTINELY TO ENSURE LOCAL PRACTICES ARE CURRENT.
4. FULL COMPLIANCE WITH EXISTING SECURITY POLICIES AND STRICT ADHERENCE BY ALL HANDS, EVERY DAY, IS REQUIRED TO SUSTAIN OUR OPERATIONAL READINESS AND WARFIGHTING CAPABILITIES. WE NEED TO KNOW WHAT IS REQUIRED TO ENSURE OUR NETWORK SECURITY, WE NEED TO FOLLOW THE PROCEDURES THAT OUR SECURITY POLICIES REQUIRE AND WE NEED TO ENSURE LEADERS AT EVERY LEVEL UNDERSTAND THEIR ACCOUNTABILITY FOR MAINTAINING THE SECURITY OF OUR NETWORKS.
5. ACTION. CONDUCT ON-LINE TRAINING FOR ALL USERS WHICH INCLUDES THE FOLLOWING TOPICS. THIS TRAINING SHOULD TAKE APPROXIMATELY 1 HOUR TO COMPLETE. THE BELOW LINKS ARE AVAILABLE UNDER "WHAT'S NEW" ON THE INFORMATION ASSURANCE DIVISION WEBPAGE: https:(slash-slash)hqdod.hqmc.usmc.mil/IA.ASP, A WORD DOCUMENT TITLED NETWORK SECURITY FOCUS DAY. (BELOW URLS ARE CASE SENSITIVE):
A. TOPIC 1. REMOVABLE MEDIA HANDLING HTTP:(DOUBLE SLASH)IASE.DISA.MIL/ETA/PEDRM/PEDRM/INDEX.HTM (ALL LOWER CASE) HTTP:(DOUBLE SLASH)WWW.US-CERT.GOV/CAS/TIPS/ST08-001.HTML (ALL LOWER CASE EXCEPT THE ST IN ST08-001)
B. TOPIC 2. ANTI-PHISHING HTTP:(DOUBLE SLASH)IASE.DISA.MIL/ETA
C. TOPIC 3. SAFE HOME COMPUTING HTTP:(DOUBLE SLASH)WWW.CERT.ORG/HOMEUSERS/HOMECOMPUTERSECURITY/(ALL LOWER CASE EXCEPT THE FIRST LETTERS (H, C AND S) IN HOMECOMPUTERSECURITY) HTTPS: (DOUBLE SLASH) WWW.JTFGNO.MIL/ANTIVIRUS/ANTIVIRUS_HOMEUSE.HTM (ALL LOWER CASE)
D. TOPIC 4. PERSONALLY IDENTIFIABLE INFORMATION (PII) HANDLING PROCEDURES HTTP:(DOUBLE SLASH) IASE.DISA.MIL/ETA/PII/PII_MODULE/PII_MODULE/INDEX.HTML (ALL LOWER CASE)
E. TOPIC 5. COMMANDERS EXPECTATIONS REGARDING USER ACCOUNTABILITY AND NETWORK SECURITY, EMPHASIZING THE REQUIREMENT FOR PROPER USE AND COMPLIANCE.
F. ENSURE ALL USERS ARE IN COMPLIANCE WITH DOD ANNUAL INFORMATION ASSURANCE TRAINING REQUIREMENTS. FOR THOSE CURRENTLY NON-COMPLIANT,
THE TRAINING IS LOCATED AT: HTTP:(DOUBLE SLASH)MATTCHE.IIIE.DISA.MIL/ETA/IAAV7-1/IAAV7/IAA/LAUNCHPAGE.HTM (ALL LOWER CASE)
6. ALL IA WORKFORCE (0689S, IAMS, SYSTEM ADMINISTRATORS, ETC.) TAKE ACTION AS FOLLOWS:
A. REVIEW CURRENT GUIDANCE, REGULATIONS, AND DIRECTIVES.
B. REVIEW THE LATEST CND THREAT BRIEF:HTTPS:(DOUBLE SLASH)WWW.JTFGNO.SMIL.MIL/SITE (SIPRNET)
7. REPORTING GUIDANCE: COMMANDS SHALL REPORT COMPLETION OF ABOVE ACTIONS (TO INCLUDE IA WORK FORCE) TO C4IA, EMAIL: MCEN_DAA@USMC.MIL NLT 28 FEBRUARY 09.
8. CANCELLATION CONTINGENCY. THIS MARADMIN, UNLESS SUPERSEDED, IS CANCELLED 31 DECEMBER 2009.
9. RELEASED AUTHORIZED BY BGEN G.J. ALLEN, DIRECTOR, COMMAND, CONTROL, COMMUNICATIONS, AND COMPUTERS.//