Headquarters Marine Corps

Policy and Guidance

CY Home

Overview

This page is intended as a resource guide, containing documents related to the Marine Corps Cybersecurity Program. Links to referenced materials are listed below each agency.

Enterprise Cybersecurity Manuals

In accordance with 10 U.S.C., reference (a), 40 U.S.C. Subtitle III, reference (b), 44 U.S.C § 3554, SECNAVINST 5239.C, and DON CIO memorandum “Designation of the Department of the Navy Senior Information Security Officer” of 4 May 2020, Deputy Commandant for Information (DC I), Director, Information Command, Control, Communications, and Computers (IC4) is designated as Department of the Navy Deputy Senior Information Security Officer (Marine Corps) (DON Deputy SISO (Marine Corps)). Under the direction of the SISO, Information Compliance Branch (IC4/ICC) Cybersecurity section (CY) issues Marine Corps Enterprise Cybersecurity Manuals (ECSMs) that provide modules to guide the implementation of policy direction established in Marine Corps Order (MCO) 5239.2B, reference (c). The manuals provide procedural, technical, administrative, and supplemental guidance for all information systems used in the automated acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or receipt of data within the Marine Corps Enterprise Network (MCEN) as well as other Marine Corps information systems.

Each manual focuses on a distinct subject and describes a standard methodology for planning, implementing, and executing an element of Marine Corps Cybersecurity. The Marine Corps ECSM series is an authoritative source for implementation of cybersecurity policy direction.

Points of Contact

Compliance Branch / Cybersecurity

Headquarters Marine Corps IC4 ICC-Cybersecurity Branch

Pentagon, Room 1D253
Washington, DC 20350-3000
Authorization and Assessment

For A&A create a MCCAST Support Request for assignment to a representative to assist. See this page for access to MCCAST.

Or contact the MCEN A&A Team via email.
Assessments

Please contact the Team via email.
Key Management Infrastructure

Please contact the COMSEC Manager via email.
Policy Questions?

Please contact the Enterprise Team via email for assistance with policy questions or guidance.
Social Media Impersonation Reports

Submit a Social Media Impersonation report.
Suggestions About the Website?

Contact the IC4 ICC-Cybersecurity Branch Information Manager with suggestions or issues regarding our site.

Available Enterprise Cybersecurity Manuals (As of 22 July 2024)

The Enterprise Cybersecurity Manuals are sensitive documents and are viewable only to those with a "lawful government purpose", with valid SharePoint Online account holders. NOTE: Non-USMC Tenant account holders must request access, contractors must have their government representatives request access on their behalf.

See the "Enterprise Cybersecurity Repository - "CUI" section located on the "Hot" page for access concerns.

ECSM 001 Computer Security Incident Handling, V2.0   19 Sep 2012
   ECSM 002 Protected Distribution System, V1.0   Feb 24
ECSM 004 Remote Access Systems, V2.0     1 Dec 2013
ECSM 005 PEDs and WLAN Tech, V3.0   1 Jul 2016
   ECSM 007 Resource Access Guide, V4.0   01 Feb 2024
ECSM 008 Cross Domain Solution and Secure Data Transfer, V2.0   15 Feb 2019
ECSM 009 NATO Information Handling on the MCEN, V3.0   15 Aug 2012
ECSM 010 Unauthorized Disclosures of Classified Information and Electronic Spillage, V2.0 10 Jun 2014
ECSM 011 Personally Identifiable Information (PII), V4.0   30 Apr 2013
ECSM 012 MCEN Cybersecurity Reference Architecture Framework, V2.0   2021
ECSM 013 Public Key Infrastructure, V1.0   08 Aug 2018
ECSM 014 Disaster Recovery and Contingency Planning V1.0   16 Feb 2018
   ECSM 018 Marine_Corps Assessment and Authorization Process, V7.0   24 Jan 2024
ECSM 019 Program of Record Cybersecurity Playbook V2.0   2 Feb 2024
ECSM 020 Information Assurance Vulnerability Management Program, V1.0   31 Dec 2013
ECSM 021 Ports, Protocols, and Services Management, V1.0   15 May 2012
ECSM 024 Marine Corps Cyberspace Information Technology/ Cybersecurity Workforce Qualification Program, V2.0 29 June 2019
ECSM 026 Concept of Operations for Host Based Security System, V1.0   15 Oct 2012
ECSM 030 Commercial Internet Service Provider Connection Processing and Management, V1.0 30 Apr 2020

ECSM News

Collapse All Expand All

Recently Published:

ECSM 003, dtd Jun 2024
ECSM 019, dtd 22 May 2024
ECSM 002, dtd 1 Feb 2024
ECSM 007, dtd 1 Feb 2024

ECMS 012, Published 2021, Supercedes the following:

ECSM 002 Firewalls, Version 2.1, 11 June 2012;
ECSM 003 Routers, Version 2.0, 30 September 2011;
ECSM 006 Virtual Private Networks, Version 2.0, 15 September 2015;
ECSM 012 Marine Corps Enterprise Network (MCEN) Cybersecurity Architecture, Version 1.0, 01 May 2015

Federal Policy

Marine Corps Policy

Last Update 22 July 2024