Security Policy Project
Name
Institution
Course
Instructor
Date
The project will adhere to the following policy frameworks:
The DOD (2020) Data Strategy, which outlines the vision, guiding principles, tools, and objectives for the DoD's use of data. By facilitating data-centric operations and decision-making, it complements both the National Defense Strategy and Digital Modernization.
The DOD (2020) Cybersecurity Policy Chart, which summarizes the range of relevant DoD cybersecurity policies. Detailed information on protecting the DoD Information Network (DoDIN) and its assets is provided in significant legal precedents, federal and national regulations, and operational and subordinate level papers.
The DoD Issuances, which are recognized documents that establish or carry out policy, delegate authority, and specify practices for the DoD. They comprise administrative instructions, manuals, publications, directive-type memoranda, and directives.
The DoD-compliant guidelines, requirements, and controls that apply to the LAN, LAN-to-WAN, and User domains are as follows:
User Domain: Users who access IT systems and data are under the purview of this domain. This domain is impacted by the following policies, standards, and controls: - DoDI 8500.01, which outlines cybersecurity policy for the DoDIN and its assets.
· DoDI 8510.01, which lays out the Risk Management Framework (RMF) for evaluating and approving IT systems in the DoD.
· DoDI 8520.02, which outlines the DoD's strategy for “public key infrastructure (PKI) and public key enabling (PKE).”
· DoDI 8530.01, which outlines guidelines for the DoD's exchange of cyberthreat information.
· DoDI 8570.01, which defines policy for individuals performing cybersecurity activities in the DoD and for the certification, management, and management of such personnel.
Workstation Domain account for the devices that users use to access IT systems and data are within the workstation domain. The following policies, standards, and regulations apply to this domain:
· DoDI 8100.04, which defines guidelines for the DoD's IT systems' spectrum supportability.
· DoDI 8320.02, which defines rules for data sharing in a DoD that is centered on the internet.
· CNSSI 1253, which offers national security systems (NSS) recommendations on security classification and control choices.
· NIST SP 800-53, which offers recommendations for security and privacy controls for federal information systems and organizations.
LAN Domain: This domain includes the local area network (LAN) that links the devices and IT systems inside a building or location. The laws, regulations, and checks that apply to this realm are as follows:
· CJCSI 6211.02E, which defines the Defense Information System Network's (DISN) policies and roles.
· CJCSI 6510.01G, which defines the DoD's policies and roles for “information assurance (IA) and computer network defense (CND)”.
· CJCSM 6510.01B, which outlines the DoD's policies for handling cyber incidents.
· “NIST SP 800-82, which offers recommendations for protecting industrial control systems (ICS).”
LAN-to-WAN Domain: This domain includes the wide area network (WAN), which links IT systems and equipment at various locations or facilities. The laws, regulations, and checks that apply to this realm are as follows:
· DODI 8551.01, which defines guidelines and accountability for the DoDIN's management of ports, protocols, and services (PPSM).
· DODI 8552.01, which defines the DoD's policy and obligations for cloud computing services.
· DODI 8582.01, which specifies guidelines and accountability for the protection of unclassified DoD data on non-DoD information systems.
References
DOD. (2020).
DOD Rules and Guidance Documents. Www.defense.gov. https://www.defense.gov/Resources/DOD-Rules-and-Guidance-Documents/
Sherman, J. (n.d.).
DOD INSTRUCTION 8510.01 RISK MANAGEMENT FRAMEWORK FOR DOD SYSTEMS. https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/851001p.pdf?ver=2019-02-
WHS. (2017).
Directives Division. Whs.mil. https://www.esd.whs.mil/DD/
WHS. (2023).
DoD Issuances Home. Www.esd.whs.mil. https://www.esd.whs.mil/DD/DoD-Issuances/