Directive from the secretary of the Navy mandates compliance for information assurance staff.

The U.S. Navy has set some ground rules to ensure its IT workforce is well equipped to handle issues of cybersecurity.

A directive from the Navy secretary puts the deputy CIOs of the Navy and Marine Corps in charge of ensuring that Navy information assurance (IA) workers are complying with cybersecurity identification, training, and certification requirements of the military service.

The Navy's CIO, Rob Carey, outlined the requirements of the directive in a blog post on the Navy website.

Federal agencies across the board are shoring up and establishing rules for how to handle cybersecurity within their IT departments, and creating policies for how to protect cyberspace is a goal for the Obama administration.

The directive requires that commanding officers, commanders, and civilians in charge of agencies develop a plan to manage how IA workers implement cybersecurity requirements.

All IA personnel who carry out technical and management functions, and 70% of those involved in computer network defense service provider and IA architect and engineer work, must meet Department of Defense cybersecurity requirements by Dec. 31, according to the directive.

Further, authorized agencies must conduct compliance visits a minimum of 5% of the year to ensure cybersecurity rules are being met. Organizations that can conduct these visits include the Defense IA Program Office; the Naval Audit Service; the Department of Navy Headquarters; Service IA Workforce Improvement Program Offices of Primary Responsibility; Inspector General; abd DoD Command Cyber Readiness Inspection.

The directive also mandates the establishment of an IA Workforce Management, Oversight, and Compliance Council to lead cybersecurity compliance and training.

Among other things, the council will be responsible for developing cybersecurity training strategies and ensuring compliance with training requirements, according to the directive.

The council also will be review IA cybersecurity requirements and make adjustments if necessary, as well as validate training, education, and certification standards and competency requirements.

About the Author(s)

Elizabeth Montalbano, Contributing Writer

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights