R 231927Z AUG 21
MSGID/GENADMIN/CMC WASHINGTON DC C4//
SUBJ/ ANNUAL CYBER AWARENESS TRAINING AND CYBER AWARENESS CHALLENGE TRAINING COMPLIANCE REPORTING//
REF/A/DOC/TITLE 5 CFR VOLUME 2 SECTION 930-301 - INFORMATION SYSTEMS SECURITY
REF/E/DOC/MSGID: MSG/CMC WASHINGTON DC MRA MP /021622Z DEC 20//
REF/G/ DOC/MCO 12410.24A//
REF/H/ DOC/ SENSITIVE COMPARTMENTED INFORMATION (SCI) ENTERPRISE INFORMATION ASSURANCE DIRECTIVE (SEIAD) - AWARENESS AND TRAINING//
NARR/REF A IS FEDERAL REGULATION THAT REQUIRES FEDERAL INFORMATION SYSTEMS USERS TO COMPLETE SECURITY AWARENESS TRAINING ANNUALLY. REF B IS A DOD INSTRUCTION TO ESTABLISH A DOD CYBERSECURITY PROGRAM TO PROTECT AND DEFEND DOD INFORMATION AND INFORMATION TECHNOLOGY (IT). REF C IS A SECRETARY OF THE NAVY INSTRUCTION TO ESTABLISH DON CYBERSECURITY (CS) POLICY CONSISTENT WITH NATIONAL AND DOD CS POLICY DIRECTIVES AND INSTRUCTIONS. REF D PROVIDES POLICY AND PROCEDURAL GUIDANCE FOR THE IMPLEMENTATION OF INDIVIDUAL TRAINING AND EDUCATION (T&E) REQUIREMENTS FOR EVERY MARINE. REF E PUBLISHES A COMPREHENSIVE LISTING OF REQUIRED ANNUAL CIVILIAN TRAINING. REF F IS A MARINE CORPS ENTERPRISE CYBERSECURITY MANAUAL THAT SERVES AS A FOUNDATION FOR NETWORK INFRASTRUCTURE COMPONENTS TO USE IN DEVELOPING AND IMPLEMENTING THEIR INFORMATION TECHNOLOGY (IT) SECURITY PROGRAMS. REF G IS A MARINE CORPS ORDER ON CIVILIAN WORKFORCE TRAINING, EDUCATION, AND PROFESSIONAL DEVELOPMENT, 29 JAN 2021. REF H PROVIDES AWARENESS AND TRAINING GUIDNACE TO ENSURE THAT PERSONNEL WHO OPERATE, MANAGE, OR MAINTAIN SENSITIVE COMPARTMENTED INFORMATION (SCI) ON MARINE CORPS MANAGED INFORMATION SYSTEMS ARE ADEQUATELY TRAINED.
POC/RAY A. LETTEER/CIV/UNIT: HQMC C4 CYBERSECURITY/WASHINGTON DC/TEL: 7036933490/EMAIL: RAY.LETTEER@HQMC.USMC.MIL//
POC/RODDY STATEN/CIV/UNIT: HQMC C4 CYBERSECURITY/WASHINGTON DC TEL: 5712568875/EMAIL: RODDY.STATEN@USMC.MIL//
GENTEXT/RMKS/1. This MARADMIN message reiterates the requirement for all military and civilian personnel with government computer and network access to complete FY2021 cyber awareness training. Per references (a), (b) and (c) all DoD information system users are required to complete cyber awareness instruction as a condition of initial system access, and thereafter annual refresher training. References (d), (e) and (f) identify cyber awareness instruction as mandatory training for military and civilian personnel and direct completion of training via MarineNet (https:(slash)(slash)www.marinenet.usmc.mil/MarineNet/) or the Total Workforce Management Service (TWMS) (https:(slash)(slash)twms.dc3n.navy.mil/selfservice). Compliance with this longstanding training requirement has seen very slow progress towards a goal of 100 percent compliance by end of FY2021. With one months remaining in FY2021 to complete this mandatory training objective, individuals, commanders, supervisors and managers must redouble efforts to ensure that all personnel required to comply meet this mandate.
2. Training Delivery. Military, civilian (Appropriated Fund (APF)), Foreign National (FN)) and military-sponsored contractor personnel can all access and complete mandatory training on both the MarineNet and TWMS platforms.
2.A. Based on guidance from references (d)-(f), local commands can direct the use of either MarineNet or TWMS to complete cyber awareness training. The command decision of which system (i.e., MarineNet or TWMS) to use for cyber awareness training should involve an assessment of overall organizational training requirements and system user eligibility requirements. MarineNet supports user access via Common Access Card and username/password, while TWMS access requires users possess a Common Access Card.
2.B. Non-Appropriated Fund (NAF) civilian personnel will complete mandatory cyber awareness training according to reference (g) and Director, Business and Support Services Division (DBSSD) guidance. DBSSD training representatives will provide NAF personnel training data to the USMC TWMS training lead (M&RA (MPC)) and DCI/IC4/ICC (Cybersecurity) to support Enterprise cyber awareness training compliance reporting.
3. Training Courses. Per reference (b) the Defense Information System Agency (DISA) “Cyber Awareness Challenge” is the established baseline training content for system user cyber awareness training. Per reference (h), the “Intelligence Community Information Systems Security Awareness” (INTELIC001) course provides the enhanced “Cyber Awareness Challenge” course content required for system users working in the Marine Corps Sensitive Compartmented Information (SCI) Enterprise.
3.A. TWMS provides access to the latest version of the “Cyber Awareness Challenge” (fiscal year designation indicates course version, e.g., FY2021 “Cyber Awareness Challenge”).
3.B. MarineNet provides access to both the “Cyber Awareness Challenge” and the “Intelligence Community Information Systems Security Awareness.”
3.C. Per reference (d), (e) and (h) the Marine Corps has established network account access training requirements that include additional awareness training (e.g. Personally Identifiable Information (PII) Awareness training).
3.D. To facilitate DoD Enterprise cyber awareness training compliance, the Joint Command and several DoD Agencies have made the “Cyber Awareness Challenge” course available on a number of “.mil” websites. If MarineNet and TWMS access is unavailable for an extended period of time (i.e. 30 days), Marine Corps personnel can complete the “Cyber Awareness Challenge” portion of their network account access training requirements via these sites.
(1) These sites however do not automatically update Marine Corps personnel individual training records, nor do they provide training data to support Enterprise cyber awareness training data collection and reporting.
(2) To ensure that training completed via platforms other than MarineNet or TWMS meets training requirements for Marine Corps network account access, individuals must contact the training manager or human resource development specialist of the organization they will be joining/rejoining. These individuals are able to advise personnel regarding the administrative procedures required to update individual training records.
4. This MARADMIN is applicable to the total force.
5. Release authorized by BGen J. A. Matos, Director, Information C4 Division, Deputy Commandant for Information.//