Defense

Navy CIO memo promises accountability

Navy logo

Navy CIO Robert Foster has issued a memo updating acceptable uses of Navy IT in an effort to stamp out insecure IT practices. The memo echoes recent emphasis from Defense Department officials that commanders will be held accountable for IT failures under their watch.

"Appropriately controlling access to, and personal use of, DON [Department of Navy] IT resources is a leadership issue," the memo states. "Commanders, commanding officers, civilian leaders and officers in charge must ensure users use DON IT resources in an acceptable manner and in accordance with policy."

The memo was signed Feb. 12 and published Feb. 23. It forbids the introduction of unauthorized software on networks, and prohibits sailors from doing their own bypassing or testing of firewalls.

"Communications using, or information stored on, DON IT are not private and are subject to routine monitoring, interception, and search," the memo states.

The Navy has tried to reckon with its sprawling IT footprint via a five-year cybersecurity plan that U.S. Fleet Cyber Command released in May 2015.

"Every single sailor on board any ship still poses a potential risk to that network" when they establish a secure socket layer (SSL) connection to an outside website, Capt. David Bondura, formerly the command's assistant chief of staff, said last June. That was the month that Foster, a former deputy CIO at the Department of Health and Human Services, replaced John Zangardi as Navy CIO. 

About the Author

Sean Lyngaas is a former FCW staff writer.

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected