JAN ceo B 6

Similar documents
ceo A 6 OCT

Subj: DEPARTMENT OF THE NAVY CYBERSECURITY/INFORMATION ASSURANCE WORKFORCE MANAGEMENT, OVERSIGHT, AND COMPLIANCE

COMMAND POLICY FOR THE USE OF THE INTERACTIVE CUSTOMER EVALUATION SYSTEM

DEPARTMENT OF THE NAVY OFFICE OF THE CHIEF OF NAVAL OPERATIONS 2000 NAVY PENTAGON WASHINGTON DC

Commanding General, Marine Air Ground Task Force Training Command, Marine Corps Air Ground Combat Center Distribution List

Subj: STANDARDS OF DRESS AND APPEARANCE FOR CIVILIAN PERSONNEL. Ref: (a) Title 32, Code of Federal Regulations section (b) CCO 1020.

Department of Defense INSTRUCTION. Protection of Mission Critical Functions to Achieve Trusted Systems and Networks (TSN)

Department of Defense INSTRUCTION

MEMORANDUM FOR HEADQUARTERS, UNITED STATES ARMY ACQUISITION SUPPORT CENTER (HQ, USAASC), FORT BELVOIR, VA 22060

PROCEDURES TO BAR INDIVIDUALS FROM ACCESS TO THE COMBAT CENTER

3. Mission. To establish guidance for signing official correspondence in the name of the CG, MAGTFTC, MCAGCC.

Department of Defense INSTRUCTION. SUBJECT: Security of Unclassified DoD Information on Non-DoD Information Systems

3. Mission. To publish guidelines and procedures in support of the Awards Program.

Subj: DEPARTMENT OF THE NAVY (DON) INFORMATION SECURITY PROGRAM (ISP) INSTRUCTION

3. Mission. To publish instructions for the conduct, recordkeeping, and reporting of the Asbestos Control Program.

(1) Honorary Awards Calendar (2) Combat Center Civilian Honorary Award Nomination Personal Data Sheet

DEPARTMENT OF THE NAVY HEADQUARTERS UNITED STATES MARINE CORPS 3000 MARINE CORPS PENTAGON WASHINGTON D.C ` MCO 3502.

Environmental Standard Operating Procedures (ESOP) Environmental Compliance Coordinator (ECC)

DEPARTMENT OF THE NAVY HEADQUARTERS UNITED STATES MARINE CORPS 3000 MARINE CORPS PENTAGON WASHINGTON, DC

ceo K MCCS MAY

EXECUTIVE ORDER 12333: UNITED STATES INTELLIGENCE ACTIVITIES

DEC CCO 3571.lA 3B. COMBAT CENTER ORDER 3571.lA. From: To: Commanding General Distribution List. Subj: EXPLOSIVE ORDNANCE DISPOSAL

3. Mission. To promulgate policy for the use and distribution of MPOs.

Subj: DISCLOSURE OF MILITARY INFORMATION TO FOREIGN GOVERNMENTS AND INTERESTS

Subj: CHAPLAINS RELIGIOUS ENRICHMENT DEVELOPMENT OPERATION

United States Department of Agriculture. Office of the Chief Information Officer DN

ANNUAL OCCUPATIONAL SAFETY AND HEALTH INSPECTION SCHEDULE FOR CALENDAR YEAR 2018

SECNAVINST A DON CIO 20 December Subj: DEPARTMENT OF THE NAVY INFORMATION ASSURANCE (IA) POLICY

DEPARTMENT OF THE NAVY CYBERSPACE INFORMATION TECHNOLOGY AND CYBERSECURITY WORKFORCE MANAGEMENT AND QUALIFICATION

Department of the Navy

(1) Definitions (2) Sample Physi cal Security Officer Appointment Letter

SEARCH AND RESCUE OPERATIONS ABOARD THE COMBAT CENTER

DEPARTMENT OF THE NAVY HEADQUARTERS UNITED STATES MARINE CORPS 3000 MARINE CORPS PENTAGON WASHINGTON, DC

Department of Defense INSTRUCTION

(1) Procedures to Register as a CDRM (2) Mandatory Annual Records Management Refresher Training

January 3, 2011 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES

DEPARTMENT OF THE NAVY CONTINUITY OF OPERATIONS (DON COOP) PROGRAM

MCO A C Apr Subj: ASSIGNMENT AND UTILIZATION OF CENTER FOR NAVAL ANALYSES (CNA) FIELD REPRESENTATIVES

Department of Defense DIRECTIVE

DEPARTMENT OF THE NAVY HEADQUARTERS UNITED STATES MARINE CORPS 2 NAVY ANNEX WASHINGTON, DC MCO B C4I/CIC 21 Mar 96

COMMUNICATIONS SECURITY MONITORING OF NAVY TELECOMMUNICATIONS AND INFORMATION TECHNOLOGY SYSTEMS

Joint Base Lewis-McChord (JBLM), WA Network Enterprise Center (NEC) COMPUTER-USER AGREEMENT Change 1 (30 Jun 2008)

CNATRAINST B N6 9 Aug 17

DEPARTMENT OF THE NAVY HEADQUARTERS UNITED STATES MARINE CORPS 3000 MARINE CORPS PENTAGON WASHINGTON DC

INSIDER THREATS. DOD Should Strengthen Management and Guidance to Protect Classified Information and Systems

DEPARTMENT OF THE NAVY OFFICE OF THE SECRETARY 1000 NAVY PENTAGON WASHINGTON, DC

Security Asset Protection Professional Certification (SAPPC) Competency Preparatory Tools (CPT)

Subj: ROLES AND RESPONSIBILITIES OF THE STAFF JUDGE ADVOCATE TO THE COMMANDANT OF THE MARINE CORPS

DEPARTMENT OF THE NAVY OFFICE OF THE CHIEF OF NAVAL OPERATIONS 2000 NAVY PENTAGON WASHINGTON, DC

Department of Defense INSTRUCTION

Chapter 9 Legal Aspects of Health Information Management

Subj: ENVIRONMENTAL COMPLIANCE AND PROTECTION PROGRAM

Department of Defense MANUAL

UNITED STATES MARINE CORPS MARINE AIR GROUND TASK FORCE TRAINING COMMAND,

Department of Defense MANUAL

USER VALIDATION FORM (NIPRNET & SIPRNET)

Department of Defense DIRECTIVE

Department of Homeland Security Management Directives System MD Number: Issue Date: 06/29/2004 PORTABLE ELECTRONIC DEVICES IN SCI FACILITIES

Export-Controlled Technology at Contractor, University, and Federally Funded Research and Development Center Facilities (D )

OPNAVINST B N6 9 November 1999 OPNAV INSTRUCTION B

REPORT ON COST ESTIMATES FOR SECURITY CLASSIFICATION ACTIVITIES FOR 2005

Introduction to Industrial Security, v3

Department of Defense DIRECTIVE

Subj: SUPPLY CHAIN INTEGRATION; MARINE CORPS PARTICIPATION IN THE DEFENSE LOGISTICS AGENCY (DLA) WEAPON SYSTEM SUPPORT PROGRAM (WSSP)

General Security. Question Answer Policy Resource

DEPARTMENT OF THE NAVY COMMANDER NAVY RESERVE FORCE 1915 FORRESTAL DRIVE NORFOLK, VIRGINIA

SUBJECT: Army Directive (Protecting Against Prohibited Relations During Recruiting and Entry-Level Training)

Department of Defense DIRECTIVE

Ethics Training. Office of the Staff Judge Advocate State Ethics Counselor: LTC Kelly Ambrose

Department of Defense DIRECTIVE

DEPARTMENT OF THE NAVY HEADQUARTERS UNITED STATES MARINE CORPS 3000 MARINE CORPS PENTAGON WASHINGTON DC

UNITED STATES MARINE CORPS

Department of Defense DIRECTIVE. SUBJECT: Security Requirements for Automated Information Systems (AISs)

Technology Standards of Practice

DEPARTMENT OF THE NAVY HEADQUARTERS UNITED STATES MARINE CORPS WASHINGTON, DC MCO A INT 29 Aug 89

SECURITY OF CLASSIFIED MATERIALS W130119XQ STUDENT HANDOUT

UNITED STATES MARINE CORPS MARINE CORPS BASE QUANTICO, VIRGINIA

DEPARTMENT OF THE NAVY DEPUTY CHIEF INFORMATION OFFICER MARINE CORPS ROLES AND RESPONSIBILITIES

Department of Defense INSTRUCTION

Department of Defense DIRECTIVE. SUBJECT: Electronic Warfare (EW) and Command and Control Warfare (C2W) Countermeasures

Department of Defense INSTRUCTION. 1. PURPOSE. This Instruction, issued under the authority of DoD Directive (DoDD) 5144.

Subj: UNITED STATES MARINE CORPS ORGANIZATION AND UTILIZATION OF NAVY RESERVE RELIGIOUS MINISTRY SUPPORT UNITS

DOD INSTRUCTION PUBLIC AFFAIRS RELATIONS WITH FOR-PROFIT BUSINESSES

DoD Update Insider Threat and the NISP

Department of Defense INSTRUCTION

DOD DIRECTIVE ASSISTANT TO THE SECRETARY OF DEFENSE FOR PUBLIC AFFAIRS (ATSD(PA))

DEPARTMENT OF THE NAVY HEADQUARTERS UNITED STATES MARINE CORPS 3000 MARINE CORPS PENTAGON WASHINGTON, DC

Subj: BUREAU OF NAVAL PERSONNEL POLICY FOR USING NAVY MOBILE DEVICES (SMART PHONE/TABLETS)

UNITED STATES MARINE CORPS 2D MARINE AIRCRAFT WING II MARINE EXPEDITIONARY FORCE POSTAL SERVICE CENTER BOX 8050 CHERRY POINT, NC

UNITED STATES MARINE CORPS 3250 CATLIN AVENUE MARINE CORPS BASE QUANTICO VIRGINIA MCBO E B May 13

Department of Defense DIRECTIVE. DoD Executive Agent (EA) for the DoD Cyber Crime Center (DC3)

SUBJECT: Directive-Type Memorandum (DTM) Law Enforcement Reporting of Suspicious Activity

CHAIRMAN OF THE JOINT CHIEFS OF STAFF INSTRUCTION

Encl: (1) References (2) Department of the Navy Security Enterprise Governance (3) Senior Director for Security (4) Definitions (5) Responsibilities

Commanding Officer, Marine Corps Air Station, Cherry Point Distribution List

Subj: RELEASE OF COMMUNICATIONS SECURITY MATERIAL TO U.S. INDUSTRIAL FIRMS UNDER CONTRACT TO THE DEPARTMENT OF THE NAVY

Subj INSTALLATION GEOSPATIAL INFORMATION AND SERVICES

(1) Authorization for Alcoholi c Beverage Consumption for Service Members

Department of Defense DIRECTIVE

SECNAVINST E OUSN 17 May 12 SECNAV INSTRUCTION E. From: Secretary of the Navy

Transcription:

UNITED STATES MARINE CORPS MARINE AIR GROUND TASK FORCE TRAINING COMMAND MARINE CORPS AIR GROUND COMBAT CENTER BOX 788100 TWENTYNINE PALMS, CA 92278-8100 COMBAT CENTER ORDER 5239. 2B ceo 5239.2B 6 From: To: Subj: Ref : Commanding General Distribution List CYBERSECURITY (a) MCO 5239. 2B (b) CCBul 5239 of 6 Jan 16 (c) MARADMIN 175/15 1. Situation a. Marine Air Ground Task Force Training Command (MAGTFTC), Marine Corps Air Ground Combat Center (MCAGCC) continues employing information technology (IT) to support the warfighter as there continues to be an increase o~ the dependence of network IT-based Command & Control Systems to process and transfer daily administrative and operational information. Consequently, internal and external threats to these systems increase the likelihood that a successful attack will occur as our adversaries continue to become more technically and tactically sophisticated which may degrade or disrupt daily administrative and oper ational tasks. Therefore, it is incumbent upon every IT user to be an active member of MAGTFTC, MCAGCC Cybersecurity. b. This Order formally establishes the MAGTFTC, MCAGCC Cybersecurity and defines the responsibilities for protecting our information infrastructure. This directive augments the references and delineates responsibilities for local units, organizations, and users. c. Failure to implement the proactive or corrective Cybersecurity measures identified in this Order may result i n cri tical information loss, capture, corruption, or lack of timely access to information systems that may potentially lead to mission failure. Detailed Cybersecurity actions are distributed separately by the MAGTFTC, MCAGCC Information System Security Manager ( ISSM). 2. Cancellation. CCO 5239.2A. 3. Mission a. Implement Cybersecurity on Communications and Information Systems (CIS) and IT resources procured, developed, operated, maintained, or managed at MAGTFTC, MCAGCC. b. Cybersecurity policy, procedures, tasks, conditions, and standards will be distributed by the MAGTFTC, MCAGCC ISSM in accordance with reference (a). Supplemental cybersecurity guidance, updates, or revisions will be DISTRIBUTION STATEMENT A: unlimited. Approved for public release; distribution is

ceo 5239. 28 provided through Enterprise Cybersecurity Manuals (ECSMs), Marine Administration (MARADMIN) messages, and Marine Corps Bulletins (MCBUL}. 4. Execution. Per the references, MAGTFTC, MCAGCC will adopt a "life cycle management" approach in applying uniform standards for the protection of u. s. Marine Corps IT resources that produce, process, store, or transmit information. The MAGTFTC, MCAGCC Cybersecurity team will also assess threats, vulnerabilities, and their associated risks to identify appropriate countermeasures to effectively reduce risks to an acceptable operational level. Those that procure or develop information systems will ensure, through certification of t echnical features that all information systems under their functional area, sponsorship, or direction are developed, acquired, and managed in accordance with the provisions of this Order. Furthermore, commanders wil l identify all information systems within their purview and will be accountable for the Certification and Accreditation of these systems. a. Commander's I ntent and Concept of Operations (1) Commander's Intent (a) Develop a cybersecurity capability that supports a robust infrastructure-wide defense in depth strategy. (b) Establish procedures for reviewing the effectiveness of local cybcrsecurity programs and policies in accordance with directions from the!ssm. (c) Establish a comprehensive framework for security controls over information resources. (d) Conduct periodic reviews of existing policies and procedures, and update or modify as warranted by environmental and systemic needs. (e) Assimilate new technologies and information processing methodologies in a flexible, pro-active program. (f) Deliver procedures and annual cybersecurity awareness training, which covers individual user responsibilities, to all users of Marine Corps IT resources within their area of responsibility. (g) Continue to improve efforts to monitor network and system activities. As well as detect, report on, and take countermeasures against unauthorized activities. (h) Establish a cybersecurity governance board to conduct compliance readiness reviews. (2) Concept of Operations. Cybersecurity is employed to defend information and information systems by ensuring availability, integrity, authentication, confidentiality, and non-repudiation. This includes providing for the timely restoration of information systems by incorporating protection, detection, reaction, and recovery capabilities. 2

b. Subordinate Element Missions ceo 5239.2B (1) Commanding Officers (CO), Assistant Chiefs of Staff (AC/S), and Special Staff Officers 4a (3) (j). (a) Are responsible for tasks listed in reference (a), paragraph (b) Appoint in writing an Information Systems Coor dinator (ISC) to assist the commander in all matters related to CIS in accordance with reference (b). (2) ISSM. I SSMs are responsible for tasks listed in reference (a), paragraph 4a(3) (k). The I SSM functions as the MAG~FTC, MCAGCC focal point and principal advisor for all cybersecurity matters on behalf of MAGTFTC, MCAGCC. The ISSM reports to the Commanding General, or appointed representative, and implements overall cybersecurity requirements within their area of responsibility. (3) Information System Security Officers (ISSO). ISSOs are responsible for tasks listed in reference (a), paragraph 4a(3) (1). ISSOs are privileged users who are appointed by, and report to, the ISSM and ensure an appropriate cybersecurity posture is maintained for a command, site, system, or enclave. They provide direct support to the ISSM for all cybersecurity matters. They also a ssist t he ISSM in evaluating risks, threats, and vulnerabilities to determine if additional safeguards are needed within their area of responsibility. (4) System and Network Administrators (SYSADMIN/NTWKADMIN). SYSADMINs and NTWKADMINs are responsible for tasks listed in reference (a), paragraph 4a(3) (m). SYSADMIN/NTWKADMINs are privileged users who manage user accounts and provide cybersecurity safeguards and a s surances to the data under their control and take appropriate administrative or programmatic actions to minimize security risks and insider threats, reporting cybersecurity issues to the ISSM. (5) Unit ISCs. Per reference (b), ISCs shall be appointed by their unit as a trusted liaison between their unit and the MAGTFTC, MCAGCC AC/S G-6 for all matters related to communications and information systems, and to assist users in performing their required cybersecurity tasks. Such tasks include, but are not l imited to; assisti ng Marine Corps Enterprise Network (MCEN) users in submitting a DD 2875 System Authorization Access Request (SAAR), and assisting users with receiving cybersecurity indoctrination training and annual cybersecurity refresher training. (6) MCEN Users. All information system end user s are responsible for tasks listed in reference (a), paragraph 4a(3) (n) and reference (c). A user is defined as any military, government civilian, or contractor who has authorized access to the Department of Defense Information Network or Marine Corps IT resources. Users shall obtain a favorable background investigation and hold a security clearance or access approvals commensurate with the level of information processed or available on the system. Users shall receive cybersecurity indoctrination training and attend annual cybersecurity refresher training. Users shall submil and have an approved SAAR. 3

ceo 5239.2B Users shall compl y with this Order and other cyber secur ity directives, policies, and guidance as established by higher headquarters. Supplemental cybersecurity guidance, updates, or revisions will be provi ded through ECSMs, MARADMIN messages, and MCBULs. c. Coordinating Instructions (1) Prohibited Activities. The activities listed in reference (a), paragraph 4a(3) (o) are specifically and expressly prohibited. Such activities include, but not limited to: (a) Do not use any personally owned devices on the MCEN for commercial gain or conduct illegal activities or i n any manner that interferes with official duties, undermines readiness, reflects adversely on the Marine Corps, or violate s standards of ethical conduct. (b) Do not intentionally send, store, or propagate sexually explicit, threatening, harassing, prohibited partisan political, or unofficial public (e.g., "spam") communications. (c) Do not participate in on-line gambling or other activities inconsistent with public service. (d) Do not participate in, install, conf igure, or use unauthorized peer-to-peer technologies. (e) Do not release, disclose, or alter information without the consent of the data owner, the original classification authority, the i ndividual's supervisory chain of command, Freedom of Information Act official, Public Affairs Officer, or the disclosure officer's approval. (f) Do not attempt to strain, test, circumvent, or bypass security mechanisms. (g) Do not modify system or software, use it in any manner other than its intended purpose, introduce malicious software or code, add userconfigurable or unauthorized software, disable or remove security or protective software or mechanisms, or misuse/abuse a privileged account. (h) Do not relocate or change information system equipment, or change network connectivity without proper security authorization. (i} Do not acquire commerci a l or unauthorized internet service provider (ISP) network access into Marine Corps operational facilities, or implement commercial wirel e s s components without approval from the ISSM. (j) Do not use wireless technologies for storing, processing, and transmitting unclassified information in areas where classified information is discussed, stored, processed, or transmitted without the express written consent of the ISSM. (k) Do not auto forward emails from government accounts to commercial ISP email services, engage in the creation or forwarding chain mail, or open email attachments or internet links received from unknown sources. 4

ceo 5239. 2s (1) Do not use removable secondary storage media on government information system (IS) without prior written approval from the MAGTFTC, MCAGCC AC/S G-6. This includes, but is not limited to; removable flash media, thumb drives, smartphones, camera memory cards, and external hard disk drives, or any device that is capable of being inserted into and removed from an IS. (m) Do not connect any IS to a network of higher or lower classification than the IS's own classification level, commonly known as a cross- domain violation, without using an approved cross-domain solution. (n) Do not introduce classified information onto an IS of a lower classification level, commonly known as a spillage, or expose personally identifiable information to unauthorized recipients, commonly known as a breach. (2) The point of contact for cybersecurity is the Command ISSM at (760) 830-0099. 5. Administration and Logistics. Distribution directives issued by the Commanding General are distributed via email upon request and can be viewed at http://www. 29palms.marines.mil/Staff/G1Manpower/Adjutant0ffice/ Orders.aspx. 6. Command and Signal a. Command. This Order is applicable to all MAGTFTC, MCAGCC special staff sections, units, tenant commands, and organizations aboard the Combat Center. b. Signal. This Order is effec~~ Chief of Staff Distribution: A 5

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback