Marines

HomeNewsMessagesMessages Display

MARINE CORPS INSIDER THREAT PROGRAM
Date Signed: 4/10/2015 | MARADMINS Number: 187/15
Cancelled
PRINT
MARADMINS : 187/15
R 101655Z APR 15
MARADMIN 187/15
MSGID/GENADMIN/CMC WASHINGTON DC PPO PS//
SUBJ/MARINE CORPS INSIDER THREAT PROGRAM//
REF/A/EO 13587//
REF/B/NITTF MINIMUM STANDARDS/NOTAL//
REF/C/DODD 5205.16//
REF/D/DODI 2000.16//
REF/E/SECNAV M-5510.30//
REF/F/SECNAV 5510.37//
REF/G/ALNAV 083-14//
REF/H/MCO 5510.18B//
REF/I/MCO 5580.3//
NARR/REF A IS THE EXECUTIVE ORDER ENTITLED, STRUCTURAL REFORMS TO IMPROVE THE SECURITY OF CLASSIFIED NETWORKS AND THE RESPONSIBLE SHARING AND SAFEGUARDING OF CLASSIFIED INFORMATION. REF B IS THE NATIONAL INSIDER THREAT TASK FORCE, NATIONAL INSIDER THREAT POLICY AND MINIMUM STANDARDS FOR EXECUTIVE BRANCH INSIDER THREAT PROGRAMS (NOTAL). DISTRIBUTION OF THESE STANDARDS OUTSIDE THE EXECUTIVE BRANCH IS NOT AUTHORIZED. REF C IS THE DEPARTMENT OF DEFENSE INSIDER THREAT DIRECTIVE. REF D IS THE DOD INSTRUCTION ON ANTITERRORISM. REF E IS THE DEPARTMENT OF THE NAVY PERSONNEL SECURITY PROGRAM. REF F IS THE DEPARTMENT OF THE NAVY INSIDER THREAT INSTRUCTION. REF G IS THE MESSAGE ANNOUNCING THE CONTINUOUS EVALUATION CONCEPT DEMONSTRATION. REF H IS THE MARINE CORPS ORDER ON INFORMATION AND PERSONNEL SECURITY. REF I IS THE MARINE CORPS ORDER ON THE VIOLENCE PREVENTION PROGRAM//
POC/W.T. POTTS,JR./CIV/ HQMC PP&O PS/-/TEL: 703-695-7162/EMAIL: WILLIAM.T.POTTS(AT)USMC.MIL//
POC/DARCY HOTCHKISS/CIV/HQMC C4 CY/-/TEL: 571-256-8873/EMAIL: MARCY.HOTCHKISS(AT)USMC.MIL//
GENTEXT/REMARKS/1. THE MARINE CORPS INSIDER THREAT PROGRAM IS ANNOUNCED BY THIS MARADMIN. INITIAL POLICY FOR THIS PROGRAM HAS BEEN ESTABLISHED IN REFS A THROUGH E. A SUPPORTING MARINE CORPS ORDER IS BEING DEVELOPED. REF A DOES NOT PROVIDE AUTHORITIES FOR THIS PROGRAM OUTSIDE THOSE ALREADY PROVIDED BY REGULATION OR LAW. HQMC C4 IS CONCURENTLY DEVELOPING POLICY DIRECTING THE ACTIVITES FOR PREVENTION AND DETECTION OF INSIDER THREAT ON THE MCEN.
2. THE INTENT IS TO INTEGRATE DOD CAPABILITIES TO MONITOR AND AUDIT INFORMATION FOR INSIDER THREAT DETECTION AND MITIGATION, IAW REF (C). IMPLEMENTATION OF THIS PROGRAM IS THE RESPONSIBILTY OF THE COMMANDING OFFICER AND WILL BE MANAGED BY THE COMMAND SECURITY MANAGER DUE TO THE CLOSE RELATIONSHIP WITH THE PERSONNEL SECURITY PROGRAM AS OUTLINED IN REF E. THIS PROGRAM WILL BE IMPLEMENTED AT EVERY LEVEL OF COMMAND AND IS SUBJECT TO INSPECTION. A FUNCTIONAL AREA CHECKLIST IS UNDER DEVELOPMENT AND WILL BE POSTED ON THE INSPECTOR GENERAL OF THE MARINE CORPS INSPECTION DIVISION WEBSITE WHEN COMPLETED.
3. VARIOUS ELEMENTS OF INSIDER THREAT PROGRAMS HAVE EXISITED FOR MANY YEARS BUT HAVE NOT BEEN FORMALIZED IN A SINGLE FUNCTIONAL AREA. MANY PROGRAMS SUCH AS CONTINUOUS EVALUATION, CYBERSECURITY, SEXUAL ASSAULT PREVENTION AND RESPONSE, OPSEC, PREVENTION OF VIOLENCE, AND OTHERS DEVELOP INFORMATION OR IDENTIFY VULNERABILITIES THAT MAY HAVE AN IMPACT AT THE LOCAL LEVEL.
4. THE INSIDER THREAT PROGRAM FOCUS IS ON INTERVENTION AND THE PREVENTION OF THREATS WHICH MAY RESULT IN DAMAGE OR DESTRUCTION TO MARINE CORPS PERSONS, PLACES, AND/OR THINGS.
5. EXAMPLES OF INTERVENTION MAY INCLUDE FINANCIAL COUNSELING OFFERED BY CERTIFIED COUNSELORS PROVIDED BY MARINE CORPS COMMUNITY SERVICE AT EVERY INSTALLATION, FAITH-BASED COUNSELING BY THE SERVICING CHAPLAIN, MENTAL HEALTH COUNSELING, IF APPROPRIATE, OR SIMPLY LEADERSHIP COUNSELING BY MEMBERS OF THE CHAIN OF COMMAND. NOT ALL INSTANCES OF INTERVENTION WILL REQUIRE INCIDENT REPORTING VIA THE JOINT PERSONNEL ADJUDICATION SYSTEM (JPAS). HOWEVER, CONTINUOUS EVALUATION REPORTING REQUIREMENTS ARE ESTABLISHED IN REF E AND MUST BE CONSIDERED IN EACH CASE.
6. THE DOD CURRENTLY RELIES ON MANUAL PERIODIC REINVESTIGATIONS AND SECURITY INCIDENT REPORTING TO COMPLY WITH CONTINUOUS EVALUATION REQUIREMENTS. AT THE DIRECTION OF THE SECRETARY OF DEFENSE, THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE (USD(I)) IS CONDUCTING A PILOT TO DETERMINE THE EFFECTIVENESS AND FEASIBILITY OF AN ENTITY CALLED THE DEFENSE INSIDER THREAT MANAGEMENT AND ANALYSIS CENTER (DITMAC). THE CORE OF THIS EFFORT IS THE CONTINUOUS EVALATION CONCEPT DEMONSTRATION (CECD), REF G, WHICH IS DESIGNED TO ENHANCE THE CURRENT CONTINUOUS EVALUATION PROCESS BY USING TECHNOLOGY TO CONTINUOUSLY CONDUCT AUTOMATED RECORDS CHECKS USING DATA FROM DOD, GOVERNMENT, AND COMMERCIAL SOURCES TO IDENTIFY POTENTIAL DEROGATORY INFORMATION THAT INDICATES A PERSONNEL SECURITY CONCERN. THE CECD INITIATIVE WILL INITIALLY REVIEW A SELECT POPULATION OF CLEARED DOD PERSONNEL TO DETERMINE THE EFFECTIVENESS OF THE PROCESS, TO DEVELOP REQUIREMENTS FOR REPORTING BOTH TO THE DITMAC AND FROM THE DITMAC TO THE SERVICES, AND TO DETERMINE REPORTING THRESHOLDS. PERIODICALLY, THE CECD WILL DEVELOP INFORMATION ON MARINE CORPS PERSONNEL WHICH MAY NECESSITATE ACTION AT THE LOCAL LEVEL. THE FOLLOWING SEQUENCE OF EVENTS WILL OCCUR WHEN INFORMATION OF CONCERN IS IDENTIFIED.
   (A) CECD NOTIFIES THE DUSN WHO NOTIFIES HQMC, SECURITY DIVISION. CONCURRENTLY, THIS INFORMATION IS TRANSMITTED VIA THE CASE ADJUDICATION TRACKING SYSTEM (CATS) PORTAL ACCOUNT DESCRIBED BELOW.
   (B) SECURITY DIVISION NOTIFIES THE COMMANDING OFFICER OF THE OWNING COMMAND. OF NOTE, FOR MARINES WHO POSSESS SCI ACCESS, SECURITY DIVISION WILL NOTIFY INTELLIGENCE DIVISION, HQMC, WHO WILL NOTIFY THE SERVICING SPECIAL SECURITY OFFICER (SSO).
   (C) THE COMMAND WILL COMPLY WITH GUIDANCE PROVIDED. THIS USUALLY REQUIRES GATHERING AVAILABLE DATA ON THE REPORTED ISSUE AND COMPLETING AN INCIDENT REPORT VIA THE JOINT PERSONNEL ADJUDICATION SYSTEM (JPAS).
7. THE FOLLOWING ACTIONS WILL BE ACCOMPLISHED AT EVERY LEVEL OF COMMAND FROM BATTALION TO MARFOR WITHIN 60 DAYS OF THE DATE OF THIS MESSAGE. THESE ARE INITIAL ACTIONS AND WILL BE SUPPLEMENTED BY REQUIREMENTS THAT WILL BE ESTABLISHED BY THE FORTHCOMING MCO:
   (A) APPOINT THE COMMAND SECURITY MANAGER AS THE INSIDER THREAT PROGRAM MANAGER IN WRITING AND ENSURE THIS PERSON COMPLETES THE INSIDER THREAT TRAINING PROVIDED ON THE DEFENSE SECURITY SERVICE WEBPAGE AT HTTP:(slash)(slash)WWW.CDSE.EDU/TOOLKITS/INSIDER/INDEX.PHP. THIS LINK ALSO PROVIDES A “TOOL KIT” FOR FURTHER REFINEMENT OF COMMAND INSIDER THREAT PROGRAMS.
   (B) REEMPHASIZE THE IMPORTANCE OF THE CONTINUOUS EVALUATION PROGRAM PER REF E.
   (C) REVIEW TRAINING RECORDS AND ENSURE ALL HANDS HAVE ATTENDED THE COUNTERESPIONAGE/INSIDER THREAT TRAINING PROVIDED BY NCIS; THIS IS AN ANNUAL REQUIREMENT PER REF E.
   (D) ENSURE THE COMMAND HAS AN ACTIVE CATS PORTAL ACCOUNT TO SUPPORT COMMUNICATION BETWEEN THE DODCAF, CECD, AND THE COMMAND. GUIDANCE ON ESTABLISHMENT OF THIS ACCOUT IS AVAILABLE VIA THE DIVISION/WING/MEF COMMAND SECURITY MANAGER.
   (E) IDENTIFY CONTACTS ABOARD THE INSTALLATION WHO CAN PROVIDE THE INTERVENTION SERVICES DESCRIBED IN PARAGRAPH 5 OF THIS MESSAGE.
   (F) COMMANDING OFFICERS WILL TAKE A PERSONAL ROLE IN ENSURING THE EFFECTIVE FUNCTIONING OF THE CONTINOUS EVALUATION PROGRAM AS REQUIRED BY REF E AND ANY ADDITIONAL REPORTING AS MAY BE DEVELOPED BY THIS PROGRAM.
8. RELEASE AUTHORIZED BY MR JAN M. DURHAM, ASSISTANT DEPUTY COMMANDANT (ACTING), PLANS, POLICIES, AND OPERATIONS, SECURITY DIVISION.//