Navy Imposes Cybersecurity Training Rules
Directive from the secretary of the Navy mandates compliance for information assurance staff.
July 15, 2010
The U.S. Navy has set some ground rules to ensure its IT workforce is well equipped to handle issues of cybersecurity.
A directive from the Navy secretary puts the deputy CIOs of the Navy and Marine Corps in charge of ensuring that Navy information assurance (IA) workers are complying with cybersecurity identification, training, and certification requirements of the military service.
The Navy's CIO, Rob Carey, outlined the requirements of the directive in a blog post on the Navy website.
Federal agencies across the board are shoring up and establishing rules for how to handle cybersecurity within their IT departments, and creating policies for how to protect cyberspace is a goal for the Obama administration.
The directive requires that commanding officers, commanders, and civilians in charge of agencies develop a plan to manage how IA workers implement cybersecurity requirements.
All IA personnel who carry out technical and management functions, and 70% of those involved in computer network defense service provider and IA architect and engineer work, must meet Department of Defense cybersecurity requirements by Dec. 31, according to the directive.
Further, authorized agencies must conduct compliance visits a minimum of 5% of the year to ensure cybersecurity rules are being met. Organizations that can conduct these visits include the Defense IA Program Office; the Naval Audit Service; the Department of Navy Headquarters; Service IA Workforce Improvement Program Offices of Primary Responsibility; Inspector General; abd DoD Command Cyber Readiness Inspection.
The directive also mandates the establishment of an IA Workforce Management, Oversight, and Compliance Council to lead cybersecurity compliance and training.
Among other things, the council will be responsible for developing cybersecurity training strategies and ensuring compliance with training requirements, according to the directive.
The council also will be review IA cybersecurity requirements and make adjustments if necessary, as well as validate training, education, and certification standards and competency requirements.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024