Unauthorized Disclosures: Prevention and Reporting
Unauthorized Disclosures: Prevention and Reporting
Outline
What is Controlled Unclassified Information? Why protect CUI? Impacts to National Security Leaks, Espionage, and Spills Safeguarding Measures The Insider Threat Reporting
2
What is Controlled Unclassified Information or CUI?
CUI is information that needs protection. Laws, Regulations, or Government wide policies call for this information to be protected.
? The CUI Registry provides information on the specific categories and subcategories of information that the Executive branch protects. The CUI Registry can be found at:
CUI includes, but is not limited to:
? Privacy (including Health) ? Tax ? Law Enforcement ? Critical Infrastructure ? Export Control
? Financial ? Intelligence ? Privilege ? Unclassified Nuclear ? Procurement and Acquisition
3
Why Protect CUI?
The loss or improper safeguarding of CUI could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.
significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced;
significant damage to organizational assets; significant financial loss; or significant harm to individuals that does not involve loss of life or serious life
threatening injuries
The loss or improper safeguarding of CUI has a direct impact on national security
4
Impacts to National Security
The OPM Data breach is a significant CUI incident
- Personnel files of 4.2 million former and current government employees. - Security clearance background investigation information on 21.5 million
individuals.
"The intelligence and counterintelligence value of the stolen background investigation information for a foreign nation cannot be overstated, nor will it
ever be fully known."
? The OPM Data Breach: How the Government Jeopardized Our National Security for More than a Generation September 7, 2016.
Government expense (to notify and protect those impacted) = $350 Million
5
Leaks, Espionage, and Spills
Leaks ? When CUI is deliberately disclosed (media). Espionage ? Activities designed to obtain or transmit CUI in
order to harm the United States or to provide advantage to a foreign nation or transnational entity. Spill ? The willful, negligent, or inadvertent disclosure of CUI across computer systems (internet and email).
6
Safeguarding measures
? Policy and procedures ? Training and awareness ? Physical and Electronic protections ? Oversight Measures ? Reporting
7
CUI Registry = What we protect
The CUI Registry is the repository for all information, guidance, policy, and requirements on handling CUI.
The CUI Registry is a catalogue of what the Executive branch should be protecting.
The CUI Registry identifies all approved CUI categories and subcategories, provides general descriptions for each , identifies the basis for controls, establishes markings, and includes guidance on handling procedures.
? Categories and Subcategories ? Limited Dissemination Controls ? Marking Guidance ? CUI Notices ? Training and awareness ? Annual Reports to the President
cui
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Controlled Unclassified Information (CUI)
Home> OJI
Established by Executive Order 13556, the Controlled Unclassified Information (CUI) program standardizes the way the Executive branch handles unclassified information that requires safeguarding or dissemination controls pursuant to and consistent with law. regulations, and Government-wide policies. Learn About CUI ?
Registry
The CUI R?11y is lilt ..-t>ontw.1 SOl.ltt for gim.ce ltgardng CUI policies and prKlices
Search Ille Regisuy.
Access Regisuy by ? Category.Subcotegory
Policy end Guidance ? Executive Order 13556 ? 32 CFR Pilf1 2002
Omplemerlllg RtglJllion) ? CUI Nollces
Additional Information ? CUI Glossary
mi CO'lriillOlllO U~ lA\\lfllD ,,,..._"""' ?"
Use the CUI Logo Conlact Us News ~nd Notices
, S.ptfmber 14, 2016 - 32 CfR Pirt 2002 ~s bffn pulllishod
, StpUmbtr 14, 2016 - CUI Nooe? 201Hl: lmplfmenu:ion Glldooc? ~s b..n issued.
Under Deve/opmenr Regisuy
? M?r\Jng H?ndboolc ? Mir' ................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- early prediction of antibiotics in intensive care unit
- cdc 47201 hazardous materials awareness supplement 1
- august 2nd 2006
- dodm 5200 01 vol 1 dod information security program
- chapter 17 supply discrepancy reporting
- 1 what are dot it resources check all that apply
- controlled unclassified information cui introduction to
- national university of singapore at the trec 13 question
- welcome to the nist sp 800 171 questionnaire ref 1 1
- 1 0 georgia tech procurement assistance center
Related searches
- financial management and reporting syste
- analytics and reporting best practices
- stars tracking and reporting system nyc
- kpmg accounting and reporting guide
- management control and reporting system
- substance tracking and reporting system
- financial accounting and reporting pdf
- diagnostic coding and reporting guidelines
- financial accounting and reporting cpa
- stars tracking and reporting system
- infection prevention and control
- chronic disease prevention and health