INSIDER THREAT TO CYBER SECURITY (ITCS) (CORRECTED COPY)

UNCLASSIFIED//

ATTENTION INVITED TO  

ROUTINE

R 132027Z DEC 13 PSN 793966K40

FM CNO WASHINGTON DC

TO NAVADMIN

INFO ZEN/CNO WASHINGTON DC

BT
UNCLAS
QQQQ

SUBJ: INSIDER THREAT TO CYBER SECURITY (ITCS)  (CORRECTED COPY) UNCLASSIFIED/ 

FM CNO WASHINGTON DC//N2N6// TO NAVADMIN INFO CNO WASHINGTON DC UNCLAS 

NAVADMIN 319/13 (CORRECTED COPY)

MSGID/GENADMIN/CNO WASHINGTON DC/DEC//

SUBJ/INSIDER THREAT TO CYBER SECURITY (ITCS) - CORRECTED COPY//



REF/A/MSG/CNO WASHINGTON DC/132027ZDEC13//

REF/B/DOC/EO 13587/20111007//

REF/C/DOC/SECNAVINST/20130808//

REF/D/DOC/DODD 5240.06/20133005//

REF/E/MSG/CTO 13-16/231312Z AUG 13//

REF/F/MSG/201923Z NOV 13//

REF/G/MSG/062137Z DEC 13//

NARR/REF A IS NAVADMIN 319/13.  REF B IS THE PRESIDENT'S EXECUTIVE  ORDER TO 
IMPROVE THE SECURITY OF CLASSIFIED NETWORKS AND THE  RESPONSIBLE SHARING AND 
SAFEGUARDING OF CLASSIFIED INFORMATION.  REF  C IS THE SECRETARY OF THE NAVY 
INSTRUCTION ON THE INSIDER THREAT  PROGRAM.  REF D IS THE DEPARTMENT OF 
DEFENSE DIRECTIVE ON  COUNTERINTELLIGENCE AWARENESS AND REPORTING (CIAR).  
REF E IS THE  CTF 1010 COMMUNICATIONS TASKING ORDER (CTO) 13-16 DIRECTING 
INSIDER  THREAT MITIGATION ACTIONS.  REF F IS THE NAVINTEL SCI INFORMATION  
ASSURANCE AND SECURITY DIRECTION FOR INSIDER THREAT MITIGATION AND  OVERSIGHT 
OF PRIVILEGED USERS.  REF G IS NAVADMIN 309/13, PERSONAL  FOR - SECURITY RISK 
MITIGATION.//

RMKS/1.  THIS NAVADMIN CANCELS REF A.

2.  THIS NAVADMIN PROVIDES GUIDANCE TO IMPROVE THE SECURITY OF OUR  
CLASSIFIED AND SENSITIVE INFORMATION, NETWORKS, AND SYSTEMS FROM THE  
INCREASING RISK OF INSIDER THREATS.  IT IS CRITICAL THAT COMMANDERS  TAKE 
IMMEDIATE ACTION TO MITIGATE THIS THREAT.

3.  DEFINITION.  PER DOD GUIDANCE AND REF B, AN INSIDER THREAT IS "A  PERSON 
WITH AUTHORIZED ACCESS, WHO USES THAT ACCESS, WITTINGLY OR  UNWITTINGLY, TO 
HARM NATIONAL SECURITY INTERESTS OR NATIONAL  SECURITY THROUGH UNAUTHORIZED 
DISCLOSURE, DATA MODIFICATION,  ESPIONAGE, TERRORISM, OR KINETIC ACTIONS 
RESULTING IN LOSS OR  DEGRADATION OF RESOURCES OR CAPABILITIES."

4.  GUIDANCE.  RECENT HIGH-PROFILE DISCLOSURES INVOLVING U.S. SERVICE  
MEMBERS, CIVILIANS, AND CONTRACTORS HIGHLIGHT THE NEED TO ACTIVELY  AND 
CONTINUOUSLY DETECT, DETER, AND MITIGATE THREATS FROM THOSE WHO  HAVE 
AUTHORIZED ACCESS TO OUR FACILITIES, NETWORKS AND SENSITIVE  INFORMATION.  I 
EXPECT ALL COMMANDERS TO PRIORITIZE THIS ISSUE AND  IMPLEMENT THE GUIDANCE 
REFERENCED ABOVE TO ADDRESS POTENTIAL INSIDER  THREATS WITHIN YOUR COMMANDS.

5.  THE DIRECTOR OF THE NAVY STAFF (DNS) SERVES AS THE OVERALL OPNAV  LEAD 
FOR NAVY INSIDER THREAT.  THE DEPUTY CHIEF OF NAVAL OPERATIONS  FOR 
INFORMATION DOMINANCE (OPNAV N2/N6) LEADS A FOCUSED EFFORT TO  ASSURE THE 
SECURITY OF OUR SENSITIVE AND CLASSIFIED INFORMATION AND  NETWORKS.  OPNAV 
N2/N6 ESTABLISHED THE INSIDER THREAT TO CYBER  SECURITY (ITCS) OFFICE CHARGED 
WITH OVERSEEING ACTIVITIES DESIGNED  TO MITIGATE OR DETER THREATS TO OUR 
NETWORKS AND SYSTEMS FROM  AUTHORIZED PERSONNEL.  ITCS WILL WORK CLOSELY WITH 
FLEET CYBER  COMMAND/COMMANDER TENTH FLEET (FCC/C10F), NCIS, THE OFFICE OF 
NAVAL  INTELLIGENCE (ONI) AND OTHER APPROPRIATE COMMANDS TO DETER, DETECT  
AND MITIGATE INSIDER THREATS TO OUR SENSITIVE AND CLASSIFIED  INFORMATION.

6.  BELOW ARE IMMEDIATE NAVY ACTIONS DESIGNED TO REDUCE THREATS TO  
CLASSIFIED OR SENSITIVE INFORMATION FROM INSIDERS.
    - REDUCING THE TOTAL NUMBER OF PRIVILEGED USERS WITH SYSTEM  
ADMINISTRATORS' ACCESS TO NAVY NETWORKS.
    - IMPLEMENTING A RANDOM POLYGRAPH PROGRAM FOR PRIVILEGED USERS.
    - IMPLEMENTING ANOMALY DETECTION CAPABILITIES ON OUR SENSITIVE  NETWORKS 
AND SYSTEMS TO IDENTIFY INAPPROPRIATE BEHAVIOR OR ACTIVITY.
    - ESTABLISHING A CONTINUOUS MONITORING SYSTEM FOR CLEARANCE  
ADJUDICATION, BEGINNING WITH PRIVILEGED USERS.
    - DEPLOYING AND MONITORING THE REQUIREMENTS OF REFS D AND E AND  OTHER 
DOD AND IC PRIVILEGED USER AND REMOVABLE MEDIA DIRECTIVES.

7.  INSIDER THREATS DIRECTLY IMPERIL OUR WARFIGHTING EFFECTIVENESS  AND 
DEGRADE OUR READINESS.  THIS IS AN ALL HANDS EFFORT.  I EXPECT  ALL 
COMMANDERS TO REVIEW THE ABOVE REFERENCES AND DEVELOP A PLAN TO  ADDRESS 
POTENTIAL INSIDER THREATS WITHIN YOUR COMMANDS.  EVERY  SAILOR, CIVILIAN, AND 
CONTRACTOR IS PERSONALLY RESPONSIBLE FOR THE  SECURITY OF NAVY INFORMATION, 
INCLUDING PROTECTING IDENTIFICATION  AND ACCESS CARDS, PASSWORDS, CLASSIFIED 
INFORMATION, SENSITIVE BUT  UNCLASSIFIED INFORMATION, AND OPERATIONAL EMAILS.  
NAVY PERSONNEL  WILL ALSO EXPEDITIOUSLY REPORT SECURITY INCIDENTS AND 
VIOLATIONS IAW  ESTABLISHED GUIDELINES TO THEIR SECURITY MANAGERS OR CHAIN OF  
COMMAND.  SIMPLY PUT, IF YOU SEE SOMETHING THAT DOESN'T LOOK RIGHT,  SAY 
SOMETHING TO THE APPROPRIATE AUTHORITY.

8.  FOR MORE INFORMATION ON THE NAVY INSIDER THREAT PROGRAM,  MANDATORY 
REPORTABLE INDICATORS, AND ANONYMOUS REPORTING METHODS,  VISIT THE NCIS 
COUNTER INTELLIGENCE AND INSIDER THREAT AWARENESS  WEBPAGE AT 
HTTP://WWW.NCIS.NAVY.MIL/COREMISSIONS/CI/PAGES/DEFAULT.AS
PX.  POC FOR THIS ACTION IS:  MR. GARY FAGAN, OPNAV N2/N6,  703-604-5032; 
DSN:  664.

9.  RELEASED BY VICE ADMIRAL TED N. BRANCH, DEPUTY CHIEF OF NAVAL  OPERATIONS 
FOR INFORMATION DOMINANCE (N2/N6).//

BT
#1066
NNNN
UNCLASSIFIED//

%d bloggers like this: