Marines

Unit HomeAgenciesDeputy Commandant for InformationCommand, Control, Communications & ComputersCompliance Branch - CybersecurityHot TopicsPolicy and Guidance

Headquarters Marine Corps
DCI ICC-CY Seal
Policy and Guidance

Overview

This page is intended as a resource guide, containing documents related to the Marine Corps Cybersecurity Program. Links to referenced materials are listed below each agency.  

 

Enterprise Cybersecurity Manuals

Per 10 U.S.C. and 40 U.S.C. Subtitle III, the Director C4 designates the Marine Corps Senior Information Security Official (SISO), who issues Marine Corps Enterprise Cybersecurity Manuals (ECSMs). The ECSM series provides modules that guide the implementation of policy direction as stated in MCO 5239.2A, Marine Corps Cybersecurity Program (MCCSP), "provides cybersecurity policy, procedures, tasks, conditions, and standards implementation guidance applicable to enhance and enable command and control on the MCEN."

The modules provide procedural, technical, administrative and supplemental guidance for all information systems used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission or receipt of data within the Marine Corps Enterprise Network (MCEN) as well as other Marine Corps Information Systems. Each module focuses on a distinct subject and describes a standard methodology for planning, implementing and executing an element of the MCCSP. The Marine Corps ECSM series will be the authoritative source for implementation of cybersecurity policy direction. 

 

Available Enterprise Cybersecurity Manuals (As of 28 October 2021) 

The Enterprise Cybersecurity Manuals are sensitive documents and are viewable only to those with a "lawful government purpose", valid SharePoint Online account and from specified domains. Visit this page for information regarding the approved domains.

ECSM_001_Computer_Security_Incident_Handling_(CSIH)_19_Sep_2012

ECSM_002_Firewalls_12_Jun_2012

ECSM_003_Routers_12_Sep_2011

ECSM_004_Remote_Access_Systems_(RAS)_16_Dec_2013

ECSM_005_PEDs_and_WLAN_Tech_(Searchable)_01_Jul_2016

ECSM_006_Virtual_Private_Networks_(VPNs)_15_Sep_2011

ECSM_007_Resource_Access_Guide_Nov_2015

ECSM_008_Cross_Domain_Solution_Signed_ (Searchable)_15_Feb_2019

ECSM_009_NATO_Information_Handling_on_the_MCEN_3_Jul_2012

ECSM_010_Unauthorized_Disclosures_and_Spillages_18_Jun_2014

ECSM_011_Personal_Identifiable_Information_(PII)_30_Apr_2013

ECSM_012_MCEN_Architecture_1_May_2015

ECSM_013_Public_Key_Infrastructure_(PKI)_08_Aug_2018

ECSM_014_Disaster_Recovery_(DR)_and_Contingency_Planning_(CP)_ 16_Feb_2018

ECSM_018_Marine_Corps_Assessment_and_Authorization_Process_04_Jun_2020

ECSM_019_PoR_Playbook_19_April_2019

ECSM_020_Information_Assurance_Vulnerability_Management_Program_(IAVM)_13_Jan_2014

ECSM_021_Ports,_Protocols_and_Services_Management_(PPSM)_ 3_May_2012

ECSM_024_Marine_Corps_CYWF_Qualification_Program_28_ June_2019

ECSM_026_Concept_of_Operations_for_HBSS_26_Oct_2012

ECSM_030_CISP_Connection_Processing_and_Management_30_Apr_2020

 

Federal Policy

 

Last Update 28 October 2021