CIO: Cyber security monthly newsletter

Cyber security and privacy news

WASHINGTON, DC—Introducing the new USDA Cyber Security Outreach, Awareness, and Training Solutions team!

As the world changes, cyberattack techniques become more advanced and dangerous. The CS-OATS team is looking to anticipate and prevent these attacks by empowering you with best practices to protect your data and systems through cyber security outreach and training.

Tips Corner

Always remember to take your LincPass with you when you finish work. Leaving your LincPass in your laptop unprotected can leave you vulnerable to cyberattacks.

For more information, please visit USDA's HSPD-12 website.

Controlled Unclassified Information: What is it and how should I handle it?

It is important to handle Controlled Unclassified Information with care! CUI includes your personally identifying information that is managed by HR and the sensitive security information handled by Chief Information Office employees on a daily basis.

Care to be Aware by using the following proactive security practices:

  • Add the official CUI Cover Letter to every document that contains any CUI, and mark or banner the enclosure (email subject, physical folder with printouts, etc.) with the text “Controlled Unclassified Information [CUI]” or at a minimum “[CUI]” (without quotes).
  • Use Skype chat to discuss CUI with authorized individuals.
  • Use Skype chat File Send to transfer CUI to authorized recipients.
  • Use Skype meeting screen sharing to share CUI and controlled distribution documents with authorized individuals.
  • Send CUI documents through encrypted email. If you include a recipient for which there is no private certificate (e.g., all external email addresses), Outlook will alert you of this fact when you click Send. Please note that you can continue to send the message, but recipients will receive a blank email.
  • You can transmit CUI over VPN since this is an encrypted path.
  • You can discuss most CUI over voice telephone lines. The preferred order of phone use for this purpose is first using cellphones and encrypted VoIP (WebEx) lines if available as they are the most secure, POTS (analogue dial tone) lines as the second most secure. Unencrypted VoIP lines are the least secure and should not be used for the most sensitive discussions.
  • Get approval from the Information Systems Program Manager before posting any CUI to an intranet webpage. Get USDA approval before posting any CUI to a public-facing webpage. Additionally, controlled distribution docs must be protected by an Access Control List on any server.
  • For more information, please visit:

For more information on Cyber Security and Privacy at the Forest Service, visit the cyber security website.

The CIO is committed to providing reasonable accommodation in all of its activities, services, and programs for individuals with disabilities. If you require reasonable accommodation in accessing and using the information contained in this email, please email CIO News.

COMMENTS, QUESTIONS, OR FEEDBACK?

Contact us in the following ways: If your comment, question or feedback concerns this message, use the contact methods specified in the message above. Go to the CIO home page and click Give us Feedback under Talk to Us on the left side of the web page. Want to know more about a CIO project, program or issue? Email us at CIO News. If you received excellent customer service, send us your story.