SlideShare a Scribd company logo

CUI Permanent Presentation.ppt

Download as PPT, PDF
T
Tom Huskerson

Thefederal government is launching a program to protect confidential unclassified information, CUI. Targeted primarily at the defense department the program will help to limit the dissemination of sensitive information unauthorized parties. Executive Order 13556 established the comprehensive Controlled Unclassified Information Program in November 2010. The order designated the National Archives and Records Administration (NARA) to serve as the Executive Agent (EA) to implement and oversee agency actions to ensure compliance. This directive was issued by the ISOO to establish policy for agencies designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI, self-inspection and oversight requirements, and other facets of the Program

Government & Nonprofit
1 of 51
CONTROLLED UNCLASSIFIED INFORMATION PROTECTING CONTROLLED UNCLASSIFIED INFORMATION IN NON- FEDERAL SYSTEMS AND ORGANIZATIONS
Introduction to the CUI Program
The objective of this course is to gain a thorough understanding of the CUI program.
This course will cover the following topics History and Why of the CUI program. What is CUI & PII Mosaic Intelligence Gathering Theory Types of information provided in the CUI Registry CUI & Lawful Government Purpose Marking Control Requirements
This course will cover the following topics Physical & Electronic Controlled Environments Reproduction of CUI Transmission of CUI Incident Reporting Destruction of CUI Decontrol of CUI Freedom of Information
What is the CUI Program? Executive Order 13556 established the comprehensive Controlled Unclassified Information Program in November 2010.
Controlled Unclassified Information The order designated the National Archives and Records Administration (NARA) to serve as the Executive Agent (EA) to implement and oversee agency actions to ensure compliance.
Executive Order 13556 Controlled Unclassified Information. The Archivist of the United States established the CUI Office within NARA to fulfill the responsibilities of CUI Executive Agent. The Director of the Information Security Oversight Office (ISOO) is appointed as Director of the CUI Office.
Executive Order 13556 Controlled Unclassified Information. 32 CFR Part 2002 CUI This directive was issued by the ISOO to establish policy for agencies designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI, self-inspection and oversight requirements, and other facets of the Program
Executive Order 13556 Controlled Unclassified Information. 32 CFR Part 2002 CUI The rule affects Federal executive branch agencies that handle CUI and all organizations (sources) that handle, possess, use, share, or receive CUI—or which operate, use, or have access to Federal information and information systems on behalf of an agency. So what does this all mean?
Executive Order 13556 Controlled Unclassified Information. 32 CFR Part 2002 CUI It means that any government agency and anyone doing business with the federal government is responsible for the security of any data they receive from that agency.
Executive Order 13556 Controlled Unclassified Information Q) What is the purpose of this executive order?
Executive Order 13556 Controlled Unclassified Information Q) What is the purpose of this executive order? A) To ensure standards for classification, handling, storage and destruction of CUI.
Why was the CUI program necessary? Controlled information has, in the past, been managed by various government agencies resulting inconsistent standards, labeling and handling.
Protecting Controlled Unclassified Information Companies working under federal contract or intend to compete for government contracts must understand the importance of protecting even unclassified information.
Protecting Controlled Unclassified Information Federal contractors are routinely trusted with government information. This information maybe unclassified but it is always of vital importance.
Protecting Controlled Unclassified Information Classified information can have extremely serious consequences if compromised. Unclassified information can still have intelligence value. In addition unclassified information can be dangerous in hands of criminals.
For Official Use Only FOUO is a document designation, not a classification. This designation is used by Department of Defense and a number of other federal agencies to identify information or material which, although unclassified, may not be appropriate for public release. FOUO is being phased out and being replaced by CUI.
Controlled Unclassified Information CUI is sensitive information that requires protection under laws, regulations and government-wide policies.
Controlled Unclassified Information CUI is controlled by the principle of Lawful Government Purpose.
Lawful Government Purpose Lawful Government Purpose means that authorized holders of CUI must refrain from sharing CUI where sharing is prohibited, restricted, or further subject to Limited Dissemination Controls.
Controlled Unclassified Information Program Overview
Controlled Unclassified Information Even though information is unclassified it can still have great value to criminals and foreign hostile governments.
Controlled Unclassified Information In order to understand why CUI is so important We need to understand the theory of intelligence collecting.
Intelligence Collection Theory Like a puzzle, intelligence gathering is all about gathering small bits of information that will reveal the larger image.
Intelligence Collection Theory If you have enough of the small pieces then you can easily determine what the larger image is. This is known as the Mosaic Theory of intelligence gathering.
Mosaic Collection Theory Gathering enough unclassified and seemingly disconnected pieces can give an adversary insight into a classified project. This is why CUI is extremely important to protect!
Controlled Unclassified Information Almost anything can be considered CUI. CUI is determined by the contracting government agency in accordance with EO 13556.
Groupings of CUI Critical Infrastructure Defense Export Control Financial Immigration Intelligence Law Enforcement Nuclear Patent Information Privacy Procurement & Acquisition Proprietary Business Information Provisional Natural and Cultural Resources Tax Information Legal Statistical North Atlantic Treaty Organization (NATO)
Personally Identifiable Information Also known as PII this is information that is identifiable to the individual. Social Security Number Medical Information Payroll data Family data Driver’s License Biometric Data Employment History and Resume Performance Evaluations Human Resources Actions
Did any of the information on the previous slide look familiar?
Social Security Number Medical Information Payroll data Family data Driver’s License Biometric Data Employment History and Resume Performance Evaluations Human Resources Actions All the information above was stolen from Office of Personnel Management in a massive data breach in June of 2015
Office of Personnel Management Data Breach in June of 2015 Total records lost – 21.5 million What other records were lost? Biometric data; Fingerprints Security Clearance Records Background Investigation Reports Personal History Data & Details Although extremely sensitive the data was not classified. However it is definitely considered CUI and PII.
Class Discussion What is the value of unclassified information? 1. Give three examples of unclassified information that needs protection. 2. Who would be interested in CUI and why? 3. Who is responsible CUI?
Mosaic Intelligence Collection Lets Play a Game! Can you figure what is happening? There will be 10 clues in all.
Mosaic Intelligence Collection Clue # 1 The VP of product development for an aviation parts company will be out of the office indefinitely.
Mosaic Intelligence Collection Clue # 2 A small company that makes synthetic plastic and rubber is shut down and all employees are laid off
Mosaic Intelligence Collection Clue # 3 NTSB issues warning to makers and suppliers of jet fuel to review safety measures for aircraft fuel leaks.
Mosaic Intelligence Collection Clue # 4 Several defense contractors begin review of supplier credentials manufacturing techniques and product specifications.
Mosaic Intelligence Collection Clue # 5 Several generals from allied countries arrive at the Pentagon.
Mosaic Intelligence Collection Clue # 6 The USAF and several other countries have temporarily suspended mid-air refueling operations .
Mosaic Intelligence Collection Clue #7 Stock prices for companies that manufacture synthetic plastic and rubber begin to fall.
Mosaic Intelligence Collection Clue # 8 FBI launches investigation into a chemical company for falsifying test data.
Mosaic Intelligence Collection Clue # 9 Air Force personnel go to the hospital after inhaling fuel fumes from a jet fighter.
Mosaic Intelligence Collection Clue # 10 VP of product development is found dead in his home. Suicide is suspected.
Mosaic Intelligence Collection Clue # 11 Air Force commanders order all fighter jets to be grounded for a safety inspection of fuel systems.
Mosaic Intelligence Collection Clue # 12 FAA orders all commercial airlines to replace rubber seal to fuel tank filling cap.
Mosaic Intelligence Collection Class Discussion Using the clues given what is your theory of what is happening?

Recommended

2004-annual-report
2004-annual-report2004-annual-report
2004-annual-report
Matthew W. Stephan, CISM, CISSP, CRISC, CGEIT, PMP
 
An Unmanned Aircraft System ( Uas )
An Unmanned Aircraft System ( Uas )An Unmanned Aircraft System ( Uas )
An Unmanned Aircraft System ( Uas )
Megan Espinoza
 
Government security classifications e learning
Government security classifications e learningGovernment security classifications e learning
Government security classifications e learning
accystanley
 
Infosec Law (Feb 2006)
Infosec Law (Feb 2006)Infosec Law (Feb 2006)
Infosec Law (Feb 2006)
Lance Michalson
 
Gao privacy updates
Gao privacy updatesGao privacy updates
Gao privacy updates
Ines Mergel
 
Identity Theft ResponseYou have successfully presented an expa
Identity Theft ResponseYou have successfully presented an expaIdentity Theft ResponseYou have successfully presented an expa
Identity Theft ResponseYou have successfully presented an expa
LizbethQuinonez813
 
Computer Forensics And Investigating Corporate Espionage
Computer Forensics And Investigating Corporate EspionageComputer Forensics And Investigating Corporate Espionage
Computer Forensics And Investigating Corporate Espionage
IRJET Journal
 
2002-annual-report
2002-annual-report2002-annual-report
2002-annual-report
Matthew W. Stephan, CISM, CISSP, CRISC, CGEIT, PMP
 

Recommended

2004-annual-report
2004-annual-report2004-annual-report
2004-annual-report
Matthew W. Stephan, CISM, CISSP, CRISC, CGEIT, PMP
 
An Unmanned Aircraft System ( Uas )
An Unmanned Aircraft System ( Uas )An Unmanned Aircraft System ( Uas )
An Unmanned Aircraft System ( Uas )
Megan Espinoza
 
Government security classifications e learning
Government security classifications e learningGovernment security classifications e learning
Government security classifications e learning
accystanley
 
Infosec Law (Feb 2006)
Infosec Law (Feb 2006)Infosec Law (Feb 2006)
Infosec Law (Feb 2006)
Lance Michalson
 
Gao privacy updates
Gao privacy updatesGao privacy updates
Gao privacy updates
Ines Mergel
 
Identity Theft ResponseYou have successfully presented an expa
Identity Theft ResponseYou have successfully presented an expaIdentity Theft ResponseYou have successfully presented an expa
Identity Theft ResponseYou have successfully presented an expa
LizbethQuinonez813
 
Computer Forensics And Investigating Corporate Espionage
Computer Forensics And Investigating Corporate EspionageComputer Forensics And Investigating Corporate Espionage
Computer Forensics And Investigating Corporate Espionage
IRJET Journal
 
2002-annual-report
2002-annual-report2002-annual-report
2002-annual-report
Matthew W. Stephan, CISM, CISSP, CRISC, CGEIT, PMP
 
Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)
Dan Michaluk
 
Rvasec The Future of Govt Info Sharing
Rvasec The Future of Govt Info SharingRvasec The Future of Govt Info Sharing
Rvasec The Future of Govt Info Sharing
cwysopal
 
CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local Government
Donald E. Hester
 
The impact of regulatory compliance on DBA(latest)
The impact of regulatory compliance on DBA(latest)The impact of regulatory compliance on DBA(latest)
The impact of regulatory compliance on DBA(latest)
Craig Mullins
 
TCL_CUI_training.pptx
TCL_CUI_training.pptxTCL_CUI_training.pptx
TCL_CUI_training.pptx
AnthonyPearce17
 
INFORMATION SECURITY STUDY REGARDING PII
INFORMATION SECURITY STUDY REGARDING PIIINFORMATION SECURITY STUDY REGARDING PII
INFORMATION SECURITY STUDY REGARDING PII
- Mark - Fullbright
 
What are some of the challenges the intelligence community faces i.docx
What are some of the challenges the intelligence community faces i.docxWhat are some of the challenges the intelligence community faces i.docx
What are some of the challenges the intelligence community faces i.docx
philipnelson29183
 
Cyber Six: Managing Security in Internet
Cyber Six: Managing Security in InternetCyber Six: Managing Security in Internet
Cyber Six: Managing Security in Internet
Richardus Indrajit
 
2003-annual-report
2003-annual-report2003-annual-report
2003-annual-report
Matthew W. Stephan, CISM, CISSP, CRISC, CGEIT, PMP
 
Cybersecurity and Data Privacy Whistleblower Protections
Cybersecurity and Data Privacy Whistleblower ProtectionsCybersecurity and Data Privacy Whistleblower Protections
Cybersecurity and Data Privacy Whistleblower Protections
Zuckerman Law Whistleblower Protection Law Firm
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
Ulf Mattsson
 
wp-follow-the-data
wp-follow-the-datawp-follow-the-data
wp-follow-the-data
Numaan Huq
 
A 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron MountainA 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron Mountain
Pim Piepers
 
451 Research - Data Law 2015 - The Outlook for Data E-Discovery, Privacy and ...
451 Research - Data Law 2015 - The Outlook for Data E-Discovery, Privacy and ...451 Research - Data Law 2015 - The Outlook for Data E-Discovery, Privacy and ...
451 Research - Data Law 2015 - The Outlook for Data E-Discovery, Privacy and ...
Roshan Methananda
 
Lewallen final
Lewallen finalLewallen final
Lewallen final
JennaHajhassan
 
Trouble with the terroriest
Trouble with the terroriestTrouble with the terroriest
Trouble with the terroriest
baqerz
 
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptxKuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Reza743349
 
ITN 267 Assignment 8Answer the following to the best of .docx
ITN 267 Assignment 8Answer the following to the best of .docxITN 267 Assignment 8Answer the following to the best of .docx
ITN 267 Assignment 8Answer the following to the best of .docx
vrickens
 
Mulin Holstein PKI-strategy
Mulin Holstein PKI-strategyMulin Holstein PKI-strategy
Mulin Holstein PKI-strategy
fEngel
 
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Financial Poise
 
Holiday Season is Scam Season
Holiday Season is Scam SeasonHoliday Season is Scam Season
Holiday Season is Scam Season
Tom Huskerson
 
OnTechStreet Phising.potx
OnTechStreet Phising.potxOnTechStreet Phising.potx
OnTechStreet Phising.potx
Tom Huskerson
 

More Related Content

Similar to CUI Permanent Presentation.ppt

The impact of regulatory compliance on DBA(latest)
The impact of regulatory compliance on DBA(latest)The impact of regulatory compliance on DBA(latest)
The impact of regulatory compliance on DBA(latest)
Craig Mullins
 
What are some of the challenges the intelligence community faces i.docx
What are some of the challenges the intelligence community faces i.docxWhat are some of the challenges the intelligence community faces i.docx
What are some of the challenges the intelligence community faces i.docx
philipnelson29183
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
Ulf Mattsson
 
wp-follow-the-data
wp-follow-the-datawp-follow-the-data
wp-follow-the-data
Numaan Huq
 
Trouble with the terroriest
Trouble with the terroriestTrouble with the terroriest
Trouble with the terroriest
baqerz
 
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptxKuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Reza743349
 
ITN 267 Assignment 8Answer the following to the best of .docx
ITN 267 Assignment 8Answer the following to the best of .docxITN 267 Assignment 8Answer the following to the best of .docx
ITN 267 Assignment 8Answer the following to the best of .docx
vrickens
 
Mulin Holstein PKI-strategy
Mulin Holstein PKI-strategyMulin Holstein PKI-strategy
Mulin Holstein PKI-strategy
fEngel
 
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Financial Poise
 

Similar to CUI Permanent Presentation.ppt (20)

Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)
 
Rvasec The Future of Govt Info Sharing
Rvasec The Future of Govt Info SharingRvasec The Future of Govt Info Sharing
Rvasec The Future of Govt Info Sharing
 
CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local Government
 
The impact of regulatory compliance on DBA(latest)
The impact of regulatory compliance on DBA(latest)The impact of regulatory compliance on DBA(latest)
The impact of regulatory compliance on DBA(latest)
 
TCL_CUI_training.pptx
TCL_CUI_training.pptxTCL_CUI_training.pptx
TCL_CUI_training.pptx
 
INFORMATION SECURITY STUDY REGARDING PII
INFORMATION SECURITY STUDY REGARDING PIIINFORMATION SECURITY STUDY REGARDING PII
INFORMATION SECURITY STUDY REGARDING PII
 
What are some of the challenges the intelligence community faces i.docx
What are some of the challenges the intelligence community faces i.docxWhat are some of the challenges the intelligence community faces i.docx
What are some of the challenges the intelligence community faces i.docx
 
Cyber Six: Managing Security in Internet
Cyber Six: Managing Security in InternetCyber Six: Managing Security in Internet
Cyber Six: Managing Security in Internet
 
2003-annual-report
2003-annual-report2003-annual-report
2003-annual-report
 
Cybersecurity and Data Privacy Whistleblower Protections
Cybersecurity and Data Privacy Whistleblower ProtectionsCybersecurity and Data Privacy Whistleblower Protections
Cybersecurity and Data Privacy Whistleblower Protections
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
wp-follow-the-data
wp-follow-the-datawp-follow-the-data
wp-follow-the-data
 
A 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron MountainA 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron Mountain
 
451 Research - Data Law 2015 - The Outlook for Data E-Discovery, Privacy and ...
451 Research - Data Law 2015 - The Outlook for Data E-Discovery, Privacy and ...451 Research - Data Law 2015 - The Outlook for Data E-Discovery, Privacy and ...
451 Research - Data Law 2015 - The Outlook for Data E-Discovery, Privacy and ...
 
Lewallen final
Lewallen finalLewallen final
Lewallen final
 
Trouble with the terroriest
Trouble with the terroriestTrouble with the terroriest
Trouble with the terroriest
 
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptxKuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptx
 
ITN 267 Assignment 8Answer the following to the best of .docx
ITN 267 Assignment 8Answer the following to the best of .docxITN 267 Assignment 8Answer the following to the best of .docx
ITN 267 Assignment 8Answer the following to the best of .docx
 
Mulin Holstein PKI-strategy
Mulin Holstein PKI-strategyMulin Holstein PKI-strategy
Mulin Holstein PKI-strategy
 
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
 

More from Tom Huskerson

More from Tom Huskerson (6)

Holiday Season is Scam Season
Holiday Season is Scam SeasonHoliday Season is Scam Season
Holiday Season is Scam Season
 
OnTechStreet Phising.potx
OnTechStreet Phising.potxOnTechStreet Phising.potx
OnTechStreet Phising.potx
 
Social Engineering.pptx
Social Engineering.pptxSocial Engineering.pptx
Social Engineering.pptx
 
Bridgewater College Cyber Security Presentation
Bridgewater College Cyber Security PresentationBridgewater College Cyber Security Presentation
Bridgewater College Cyber Security Presentation
 
Hiring Contract Security - Common Sense and Basic Guidelines for Hiring a Sec...
Hiring Contract Security - Common Sense and Basic Guidelines for Hiring a Sec...Hiring Contract Security - Common Sense and Basic Guidelines for Hiring a Sec...
Hiring Contract Security - Common Sense and Basic Guidelines for Hiring a Sec...
 
Navigating Workplace Violence - A Managers Guide
Navigating Workplace Violence - A Managers GuideNavigating Workplace Violence - A Managers Guide
Navigating Workplace Violence - A Managers Guide
 

Recently uploaded

Our nurses, our future. The economic power of care.
Our nurses, our future. The economic power of care.Our nurses, our future. The economic power of care.
Our nurses, our future. The economic power of care.
Christina Parmionova
 
RIMJHIM $ best call girls in Nandurbar Call Girls Service 👉📞 6378878445 👉📞 Ju...
RIMJHIM $ best call girls in Nandurbar Call Girls Service 👉📞 6378878445 👉📞 Ju...RIMJHIM $ best call girls in Nandurbar Call Girls Service 👉📞 6378878445 👉📞 Ju...
RIMJHIM $ best call girls in Nandurbar Call Girls Service 👉📞 6378878445 👉📞 Ju...
gragfaguni
 
Competitive Advantage slide deck___.pptx
Competitive Advantage slide deck___.pptxCompetitive Advantage slide deck___.pptx
Competitive Advantage slide deck___.pptx
ScottMeyers35
 
RIMJHIM $ best call girls in Anand Call Girls Service 👉📞 6378878445 👉📞 Just📲 ...
RIMJHIM $ best call girls in Anand Call Girls Service 👉📞 6378878445 👉📞 Just📲 ...RIMJHIM $ best call girls in Anand Call Girls Service 👉📞 6378878445 👉📞 Just📲 ...
RIMJHIM $ best call girls in Anand Call Girls Service 👉📞 6378878445 👉📞 Just📲 ...
manju garg
 
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
Christina Parmionova
 
Unique Value Prop slide deck________.pdf
Unique Value Prop slide deck________.pdfUnique Value Prop slide deck________.pdf
Unique Value Prop slide deck________.pdf
ScottMeyers35
 
Nitrogen filled high expansion foam in open Containers
Nitrogen filled high expansion foam in open ContainersNitrogen filled high expansion foam in open Containers
Nitrogen filled high expansion foam in open Containers
Harm Kiezebrink
 
Call Girls Service Ajmer 6378878445 Book Escort Models Any Time
Call Girls Service Ajmer 6378878445 Book Escort Models Any TimeCall Girls Service Ajmer 6378878445 Book Escort Models Any Time
Call Girls Service Ajmer 6378878445 Book Escort Models Any Time
vershagrag
 

Recently uploaded (20)

Our nurses, our future. The economic power of care.
Our nurses, our future. The economic power of care.Our nurses, our future. The economic power of care.
Our nurses, our future. The economic power of care.
 
AHMR volume 10 number 1 January-April 2024
AHMR volume 10 number 1 January-April 2024AHMR volume 10 number 1 January-April 2024
AHMR volume 10 number 1 January-April 2024
 
RIMJHIM $ best call girls in Nandurbar Call Girls Service 👉📞 6378878445 👉📞 Ju...
RIMJHIM $ best call girls in Nandurbar Call Girls Service 👉📞 6378878445 👉📞 Ju...RIMJHIM $ best call girls in Nandurbar Call Girls Service 👉📞 6378878445 👉📞 Ju...
RIMJHIM $ best call girls in Nandurbar Call Girls Service 👉📞 6378878445 👉📞 Ju...
 
Competitive Advantage slide deck___.pptx
Competitive Advantage slide deck___.pptxCompetitive Advantage slide deck___.pptx
Competitive Advantage slide deck___.pptx
 
The Outlook for the Budget and the Economy
The Outlook for the Budget and the EconomyThe Outlook for the Budget and the Economy
The Outlook for the Budget and the Economy
 
Contributi dei parlamentari del PD - Contributi L. 3/2019
Contributi dei parlamentari del PD - Contributi L. 3/2019Contributi dei parlamentari del PD - Contributi L. 3/2019
Contributi dei parlamentari del PD - Contributi L. 3/2019
 
RIMJHIM $ best call girls in Anand Call Girls Service 👉📞 6378878445 👉📞 Just📲 ...
RIMJHIM $ best call girls in Anand Call Girls Service 👉📞 6378878445 👉📞 Just📲 ...RIMJHIM $ best call girls in Anand Call Girls Service 👉📞 6378878445 👉📞 Just📲 ...
RIMJHIM $ best call girls in Anand Call Girls Service 👉📞 6378878445 👉📞 Just📲 ...
 
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
 
Unique Value Prop slide deck________.pdf
Unique Value Prop slide deck________.pdfUnique Value Prop slide deck________.pdf
Unique Value Prop slide deck________.pdf
 
YHRGeorgetown Spring 2024 America should Take Her Share
YHRGeorgetown Spring 2024 America should Take Her ShareYHRGeorgetown Spring 2024 America should Take Her Share
YHRGeorgetown Spring 2024 America should Take Her Share
 
Sustainability by Design: Assessment Tool for Just Energy Transition Plans
Sustainability by Design: Assessment Tool for Just Energy Transition PlansSustainability by Design: Assessment Tool for Just Energy Transition Plans
Sustainability by Design: Assessment Tool for Just Energy Transition Plans
 
Nitrogen filled high expansion foam in open Containers
Nitrogen filled high expansion foam in open ContainersNitrogen filled high expansion foam in open Containers
Nitrogen filled high expansion foam in open Containers
 
PPT Item # 5 -- Announcements Powerpoint
PPT Item # 5 -- Announcements PowerpointPPT Item # 5 -- Announcements Powerpoint
PPT Item # 5 -- Announcements Powerpoint
 
Spring 2024 Issue Punitive and Productive Suffering
Spring 2024 Issue Punitive and Productive SufferingSpring 2024 Issue Punitive and Productive Suffering
Spring 2024 Issue Punitive and Productive Suffering
 
Item # 7-8 - 6900 Broadway P&Z Case # 438
Item # 7-8 - 6900 Broadway P&Z Case # 438Item # 7-8 - 6900 Broadway P&Z Case # 438
Item # 7-8 - 6900 Broadway P&Z Case # 438
 
BioandPicforRepKendrick_LastUpdatedMay2024
BioandPicforRepKendrick_LastUpdatedMay2024BioandPicforRepKendrick_LastUpdatedMay2024
BioandPicforRepKendrick_LastUpdatedMay2024
 
Call Girls Service Ajmer 6378878445 Book Escort Models Any Time
Call Girls Service Ajmer 6378878445 Book Escort Models Any TimeCall Girls Service Ajmer 6378878445 Book Escort Models Any Time
Call Girls Service Ajmer 6378878445 Book Escort Models Any Time
 
POKKUVARAVU OF RR property-directions for mutation
POKKUVARAVU OF RR property-directions for mutationPOKKUVARAVU OF RR property-directions for mutation
POKKUVARAVU OF RR property-directions for mutation
 
Plant health, safe trade and digital technology.
Plant health, safe trade and digital technology.Plant health, safe trade and digital technology.
Plant health, safe trade and digital technology.
 
PPT Item # 9 2ndQTR Financial & Inv. Report
PPT Item # 9 2ndQTR Financial & Inv. ReportPPT Item # 9 2ndQTR Financial & Inv. Report
PPT Item # 9 2ndQTR Financial & Inv. Report
 

CUI Permanent Presentation.ppt

  • 1.
  • 2.
  • 3. CONTROLLED UNCLASSIFIED INFORMATION PROTECTING CONTROLLED UNCLASSIFIED INFORMATION IN NON- FEDERAL SYSTEMS AND ORGANIZATIONS
  • 4. Introduction to the CUI Program
  • 5.
  • 6. The objective of this course is to gain a thorough understanding of the CUI program.
  • 7. This course will cover the following topics History and Why of the CUI program. What is CUI & PII Mosaic Intelligence Gathering Theory Types of information provided in the CUI Registry CUI & Lawful Government Purpose Marking Control Requirements
  • 8. This course will cover the following topics Physical & Electronic Controlled Environments Reproduction of CUI Transmission of CUI Incident Reporting Destruction of CUI Decontrol of CUI Freedom of Information
  • 9. What is the CUI Program? Executive Order 13556 established the comprehensive Controlled Unclassified Information Program in November 2010.
  • 10. Controlled Unclassified Information The order designated the National Archives and Records Administration (NARA) to serve as the Executive Agent (EA) to implement and oversee agency actions to ensure compliance.
  • 11. Executive Order 13556 Controlled Unclassified Information. The Archivist of the United States established the CUI Office within NARA to fulfill the responsibilities of CUI Executive Agent. The Director of the Information Security Oversight Office (ISOO) is appointed as Director of the CUI Office.
  • 12. Executive Order 13556 Controlled Unclassified Information. 32 CFR Part 2002 CUI This directive was issued by the ISOO to establish policy for agencies designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI, self-inspection and oversight requirements, and other facets of the Program
  • 13. Executive Order 13556 Controlled Unclassified Information. 32 CFR Part 2002 CUI The rule affects Federal executive branch agencies that handle CUI and all organizations (sources) that handle, possess, use, share, or receive CUI—or which operate, use, or have access to Federal information and information systems on behalf of an agency. So what does this all mean?
  • 14. Executive Order 13556 Controlled Unclassified Information. 32 CFR Part 2002 CUI It means that any government agency and anyone doing business with the federal government is responsible for the security of any data they receive from that agency.
  • 15. Executive Order 13556 Controlled Unclassified Information Q) What is the purpose of this executive order?
  • 16. Executive Order 13556 Controlled Unclassified Information Q) What is the purpose of this executive order? A) To ensure standards for classification, handling, storage and destruction of CUI.
  • 17. Why was the CUI program necessary? Controlled information has, in the past, been managed by various government agencies resulting inconsistent standards, labeling and handling.
  • 18. Protecting Controlled Unclassified Information Companies working under federal contract or intend to compete for government contracts must understand the importance of protecting even unclassified information.
  • 19. Protecting Controlled Unclassified Information Federal contractors are routinely trusted with government information. This information maybe unclassified but it is always of vital importance.
  • 20. Protecting Controlled Unclassified Information Classified information can have extremely serious consequences if compromised. Unclassified information can still have intelligence value. In addition unclassified information can be dangerous in hands of criminals.
  • 21. For Official Use Only FOUO is a document designation, not a classification. This designation is used by Department of Defense and a number of other federal agencies to identify information or material which, although unclassified, may not be appropriate for public release. FOUO is being phased out and being replaced by CUI.
  • 22. Controlled Unclassified Information CUI is sensitive information that requires protection under laws, regulations and government-wide policies.
  • 23. Controlled Unclassified Information CUI is controlled by the principle of Lawful Government Purpose.
  • 24. Lawful Government Purpose Lawful Government Purpose means that authorized holders of CUI must refrain from sharing CUI where sharing is prohibited, restricted, or further subject to Limited Dissemination Controls.
  • 26. Controlled Unclassified Information Even though information is unclassified it can still have great value to criminals and foreign hostile governments.
  • 27. Controlled Unclassified Information In order to understand why CUI is so important We need to understand the theory of intelligence collecting.
  • 28. Intelligence Collection Theory Like a puzzle, intelligence gathering is all about gathering small bits of information that will reveal the larger image.
  • 29. Intelligence Collection Theory If you have enough of the small pieces then you can easily determine what the larger image is. This is known as the Mosaic Theory of intelligence gathering.
  • 30. Mosaic Collection Theory Gathering enough unclassified and seemingly disconnected pieces can give an adversary insight into a classified project. This is why CUI is extremely important to protect!
  • 31. Controlled Unclassified Information Almost anything can be considered CUI. CUI is determined by the contracting government agency in accordance with EO 13556.
  • 32. Groupings of CUI Critical Infrastructure Defense Export Control Financial Immigration Intelligence Law Enforcement Nuclear Patent Information Privacy Procurement & Acquisition Proprietary Business Information Provisional Natural and Cultural Resources Tax Information Legal Statistical North Atlantic Treaty Organization (NATO)
  • 33. Personally Identifiable Information Also known as PII this is information that is identifiable to the individual. Social Security Number Medical Information Payroll data Family data Driver’s License Biometric Data Employment History and Resume Performance Evaluations Human Resources Actions
  • 34. Did any of the information on the previous slide look familiar?
  • 35. Social Security Number Medical Information Payroll data Family data Driver’s License Biometric Data Employment History and Resume Performance Evaluations Human Resources Actions All the information above was stolen from Office of Personnel Management in a massive data breach in June of 2015
  • 36. Office of Personnel Management Data Breach in June of 2015 Total records lost – 21.5 million What other records were lost? Biometric data; Fingerprints Security Clearance Records Background Investigation Reports Personal History Data & Details Although extremely sensitive the data was not classified. However it is definitely considered CUI and PII.
  • 37. Class Discussion What is the value of unclassified information? 1. Give three examples of unclassified information that needs protection. 2. Who would be interested in CUI and why? 3. Who is responsible CUI?
  • 38. Mosaic Intelligence Collection Lets Play a Game! Can you figure what is happening? There will be 10 clues in all.
  • 39. Mosaic Intelligence Collection Clue # 1 The VP of product development for an aviation parts company will be out of the office indefinitely.
  • 40. Mosaic Intelligence Collection Clue # 2 A small company that makes synthetic plastic and rubber is shut down and all employees are laid off
  • 41. Mosaic Intelligence Collection Clue # 3 NTSB issues warning to makers and suppliers of jet fuel to review safety measures for aircraft fuel leaks.
  • 42. Mosaic Intelligence Collection Clue # 4 Several defense contractors begin review of supplier credentials manufacturing techniques and product specifications.
  • 43. Mosaic Intelligence Collection Clue # 5 Several generals from allied countries arrive at the Pentagon.
  • 44. Mosaic Intelligence Collection Clue # 6 The USAF and several other countries have temporarily suspended mid-air refueling operations .
  • 45. Mosaic Intelligence Collection Clue #7 Stock prices for companies that manufacture synthetic plastic and rubber begin to fall.
  • 46. Mosaic Intelligence Collection Clue # 8 FBI launches investigation into a chemical company for falsifying test data.
  • 47. Mosaic Intelligence Collection Clue # 9 Air Force personnel go to the hospital after inhaling fuel fumes from a jet fighter.
  • 48. Mosaic Intelligence Collection Clue # 10 VP of product development is found dead in his home. Suicide is suspected.
  • 49. Mosaic Intelligence Collection Clue # 11 Air Force commanders order all fighter jets to be grounded for a safety inspection of fuel systems.
  • 50. Mosaic Intelligence Collection Clue # 12 FAA orders all commercial airlines to replace rubber seal to fuel tank filling cap.
  • 51. Mosaic Intelligence Collection Class Discussion Using the clues given what is your theory of what is happening?