An official website of the United States government
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

Marines

Unit HomeAgenciesDeputy Commandant for InformationCommand, Control, Communications & ComputersCompliance Branch - CybersecurityHot TopicsPolicy and Guidance

Headquarters Marine Corps

DCI ICC-CY Seal
Policy and Guidance

Overview

This page is intended as a resource guide, containing documents related to the Marine Corps Cybersecurity Program. Links to referenced materials are listed below each agency.  

 

Enterprise Cybersecurity Manuals

In accordance with 10 U.S.C., reference (a), 40 U.S.C. Subtitle III, reference (b), 44 U.S.C § 3554, SECNAVINST 5239.C, and DON CIO memorandum “Designation of the Department of the Navy Senior Information Security Officer” of 4 May 2020, Deputy Commandant for Information (DC I), Director, Information Command, Control, Communications, and Computers (IC4) is designated as Department of the Navy Deputy Senior Information Security Officer (Marine Corps) (DON Deputy SISO (Marine Corps)). Under the direction of the SISO, Information Compliance Branch (IC4/ICC) Cybersecurity section (CY) issues Marine Corps Enterprise Cybersecurity Manuals (ECSMs) that provide modules to guide the implementation of policy direction established in Marine Corps Order (MCO) 5239.2B, reference (c). The manuals provide procedural, technical, administrative, and supplemental guidance for all information systems used in the automated acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or receipt of data within the Marine Corps Enterprise Network (MCEN) as well as other Marine Corps information systems.

Each manual focuses on a distinct subject and describes a standard methodology for planning, implementing, and executing an element of Marine Corps Cybersecurity. The Marine Corps ECSM series is an authoritative source for implementation of cybersecurity policy direction.

Points of Contact

  • Compliance Branch / Cybersecurity

    Headquarters Marine Corps IC4 ICC-Cybersecurity Branch

    Pentagon, Room 1D253
    Washington, DC 20350-3000

Available Enterprise Cybersecurity Manuals (Updated  16 January 2025)

The Enterprise Cybersecurity Manuals are sensitive documents and are viewable only to those with a "lawful government purpose", with valid SharePoint Online account holders. NOTE: Non-USMC Tenant account holders must request access, contractors must have their government representatives request access on their behalf.

See the "Enterprise Cybersecurity Repository - "CUI" section located on the "Hot" page for access concerns. 

See this message on the SharePoint Site regarding the formal notification of the Annual Review of Published ECSMS that are posted on DC I, IC4 Compliance Branch Cybersecurity Sharepoint. 

 ECSM 001 Cyber Incident Response V3.0, dtd 20 Feb 2025
  ECSM 002 Protected Distribution System V1.0, dtd Feb 2024
 ECSM 003 Container and Platform Security Framework V1.03, dtd Jun 2024
  ECSM 004 Remote Access Systems V2.0, dtd 1 Dec 2013
  ECSM 005 PEDs and WLAN Tech V3.0, dtd 1 Jul 2016
ECMS 006 Wireless Technologies V1.0 dtd 28 FEb 2026
  ECSM 007 Resource Access Guide V4.0, dtd 01 Feb 2024
ECSM 008 Cross Domain Solutions V3.0, dtd Jan 2025
  ECSM 009 NATO Information Handling on the MCEN V3.0, dtd 15 Aug 2012
  ECSM 010 Unauthorized Disclosures of Classified Information and  Electronic Spillage V2.0, dtd 10 Jun 2014 
  ECSM 011 Personally Identifiable Information (PII) V4.0, dtd 30 Apr 2013
  ECSM 012 MCEN Cybersecurity Reference Architecture Framework V2.0, dtd Jul 2021
  ECSM 013 Public Key Infrastructure V1.0, dtd 08 Aug 2018
  ECSM 014 Disaster Recovery and Contingency Planning V1.0, dtd 16 Feb 2018
  ECSM 018 Marine_Corps Assessment  and Authorization Process V7.0, dtd 24 Jan 2024  
ECSM 019 Program of Record Cybersecurity Playbook V2.0, dtd 6 Aug 2024
  ECSM 020 Information Assurance Vulnerability Management Program V1.0, dtd 31 Dec 2013
ECSM 021 Ports, Protocols, and Services Management V1.0, dtd 3 Mar 2025
  ECSM 024 Marine Corps Cyberspace Information Technology/ Cybersecurity Workforce Qualification Program V2.0, dtd 29 June 2019
ECSM 026 Endpoint Security Operations V2.0, dtd 31 Jan 2025
  ECSM 030 Commercial Internet Service Provider Connection Processing and Management V1.0, dtd 30 Apr 2020

 

ECSM News

Collapse All Expand All
Expand List item 6643Collapse List item 6643  Recently Published:
  • ECSM 021 dtd Mar 2025
  • ECSM 006 dtd Feb 2025 
  • ECSM 001 dtd Feb 2025
  • ECSM 026 dtd Jan 2025
  • ECSM 022 dtd Jan 2025
  • ECSM 008 dtd Jan 2025
ECMS 012, Published 2021, Supercedes the following:
  • ECSM 002 Firewalls, Version 2.1, 11 June 2012;
  • ECSM 003 Routers, Version 2.0, 30 September 2011;
  • ECSM 006 Virtual Private Networks, Version 2.0, 15 September 2015;
  • ECSM 012 Marine Corps Enterprise Network (MCEN) Cybersecurity Architecture, Version 1.0, 01 May 2015

Federal Policy

Marine Corps Policy / Guidance

 

Last Update 3 Mar 2025

Headquarters Marine Corps