United States

Department of

Agriculture

 

Office of

                                     The Chief

                                     Information

                                     Officer

 

                                     Cyber Security

 

 

 

                                                                            USDA

                                              Cyber Security Manual

                                                        Series  3500

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CYBER SECURITY CLASSIFICATION NUMBERING TABLE

 

Number       Subject                                                        Chapter

      

3505            COMPUTER INCIDENT RESPONSE          CHAPTER 1

 

3510            INFORMATION TECHNOLOGY                CHAPTER 2

(IT) RESTRICTED SPACE

 

3515            PRIVACY REQUIREMENTS                       CHAPTER 3

 

3520            CONFIGURATION MANAGEMENT           CHAPTER 4

 

3525            USDA INTERNET AND E-MAIL                 CHAPTER 5

                   SECURITY

 

3530           SECURITY PROTECTION                         CHAPTER 6

 

3535            C2 CONTROLLED ACCESS                       CHAPTER 7

                   PROTECTION

 

3540            USDA’S RISK MANAGEMENT                  CHAPTER 8

                   PROGRAM

 

3545            PERSONNEL SECURITY                           CHAPTER 9

 

3550            INFORMATION TECHNOLOGY                CHAPTER 10

                   SYSTEMS

 

3555            CERTIFICATION & ACCREDITATION      CHAPTER 11

 

3560            CAPITAL PLANNING AND                        CHAPTER 12

                   INVESTMENT CONTROL (CPIC)

FOR SECURITY

 

3565            CYBER SECURITY PLANS                        CHAPTER 13

 

3570            IT CONTINGENCY AND DISASTER          CHAPTER 14

                   PLANNING

 

3575            SECURITY CONTROLS                              CHAPTER 15

 

3580            FISMA                                                        CHAPTER 16

 

3585            IT INVENTORY                                          CHAPTER 17

 

3590            SECURITY INVESTIGATIONS                   CHAPTER 18

 

3595            APPENDIX A                                              GLOSSARY

 

 

 

 

 

Introduction

 

The USDA Cyber Security Manual, Series 3500, is published to address the needs of Cyber Security professionals and other technical specialists useful in the protection of departmental IT assets.  The manual is designed to be both a policy roadmap and an operational document.

 

The manual contains a wide variety of security information and had been structured by subject and related topics within a chapter and part arrangement.  Each subject has been assigned a unique number within the 3500 series; each topic has been given a part number.  Users should set up their handbook by number and part.  Assignment of the numbers is designed to facilitate organization of material in the Cyber Security Manual.

 

The manual is set up by chapters and parts to cover a full range of cyber security technology issues.  It covers the following topics:

 

·                    Computer Incident Response

·                    Security Protection

·                    Internet and E-mail Security

·                    Configuration Management

·                    Risk Management

·                    Security Plans

·                    Capital Planning for Security

·                    Contingency and Disaster Recovery Planning

·                    Other Security Matters

 

Responsibilities for security protection are delineated for information security and IT professionals who have the task of safeguarding IT resources.  This Manual references other departmental publications, regulations, and laws pertaining to the protection of IT assets and resources.

 

Questions regarding cyber security matters should be addressed to the Office of the Chief Information Officer, Associate Chief Information Officer for the Cyber Security Program on (202) 690-0048.