IMPORTANCE OF USER CYBERSECURITY RESPONSIBILITIES:

UNCLASSIFIED// 
ROUTINE 
R 252109Z FEB 22 MID200001508684U 
FM CNO WASHINGTON DC 
TO NAVADMIN 
INFO CNO WASHINGTON DC 
BT 
UNCLAS 
 
NAVADMIN 048/22 
 
MSGID/NAVADMIN/CNO WASHINGTON DC/N2N6/FEB// 
 
SUBJ/IMPORTANCE OF USER CYBERSECURITY RESPONSIBILITIES// 
 
REF/A/LTR/DOD/28JAN22// 
REF/B/DOC/CNO/JAN21// 
REF/C/MSG/CNO/301719ZSEP21// 
REF/D/MSG/CNO/282139ZOCT21// 
 
NARR/REF A IS THE DEPUTY SECRETARY OF DEFENSE MEMORANDUM ON THE IMPORTANCE OF 
MAINTAINING CYBER AWARENESS.   
REF B IS THE CHIEF OF NAVAL OPERATIONS NAVIGATION PLAN ON THE NAVY'S 
STRATEGIC DIRECTION AND LONG-TERM COMPETITION 
WITH CHINA AND RUSSIA.   
REF C IS NAVADMIN 216/21, OCTOBER 2021 CYBERSECURITY AWARENESS MONTH.   
REF D IS NAVADMIN 244/21, FISCAL YEAR 2022 CYBERSECURITY AWARENESS 
CHALLENGE.// 
 
RMKS/1.  Adversaries of our nation are constantly working to find and exploit 
our vulnerabilities.  We MUST exercise good cybersecurity habits at work and 
at home to protect the Department of Defense (DoD) against cyberattacks. 
 
2.  Cyberattacks against businesses and U.S. infrastructure are increasing in 
frequency and complexity.  DoD and federal law enforcement report adversary 
interest in our remote work infrastructure.  This means that you are a target 
- for your access and your information. 
 
3.  Over the past two years, the Navy has modernized and extended the reach 
of our information technology outside traditional security boundaries.  As we 
provide access to more capabilities in more places, every member of the Navy 
team must play an active part in our cyberspace defense.  This boils down to 
two things: 
    a.  You MUST follow policy.  You signed the Navy Acceptable Use Policy 
and completed your annual cyber awareness challenge.  You know what is and is 
not allowed on our networks.  Those rules exist for a reason - to protect you 
and to protect the network - follow them. 
    b.  You MUST report.  When something does not look right, report it.  If 
someone is trying to do something that is not right, report it.  Do NOT 
accept that "this is just the way things are" or "this is not a big 
deal."  Your Information Systems Security Manager and our cybersecurity 
professionals are responsible for determining where the reporting stops. 
 
4.  We have seen adversaries exploit policy transgressions on Navy and 
private home networks by: 
    a.  Stealing or guessing weak, non-unique, or overused credentials and 
passwords. 
    b.  Downloading and unknowingly installing malware embedded within 
documents like evaluations, fitness reports, and pay tables from unofficial 
websites and sources. 
    c.  Posing as fellow service members, patriotic military supporters, and 
veterans to dupe you into revealing sensitive and sometimes classified 
information or inadvertently download malware. 
 
5.  Each of these incidents cost time and resources to address and put our 
Sailors and our national maritime sustainment and capabilities at risk.  Do 
your part - be cyber smart and protect Navy data and systems. 
 
6.  With heightened tensions throughout the world, ensure your team 
understands how the actions of a single user can impact our global 
force.  Take time at quarters or your next staff meeting to discuss why 
vigilance by everyone will make the difference between our continued mission 
success and our failure to meet the tasking of our nation.  Every one of us 
is crucial to our cyberspace defense. 
 
7.  Released by VADM Jeffrey E. Trussler, Deputy Chief of Naval Operations 
for Information Warfare, OPNAV N2N6.// 
 
BT 
#0001 
NNNN 
UNCLASSIFIED//