CIO: Cyber Security Outreach, Awareness, and Training Solutions monthly newsletter

Header: Cyber Security and Privacy News, Chief Information Office

As the world changes, cyber-attack techniques become more advanced and dangerous. The Cyber Security Outreach, Awareness, and Training Solutions team is looking to anticipate and prevent these attacks by empowering you with best practices to protect your data and systems through cyber security outreach and training.

Welcoming Cindy Towers, our new privacy officer!

Most of my career was spent supporting the Department of Defense doing software development, configuration management, quality assurance, business analysis, project and program management, technical support, infrastructure management and cyber security. In my last position as the Farm Production and Conservation Information Assurance Branch Engineering and Planning Section Chief, I was responsible for the Farm Service Agency infrastructure. My security background extends back to the late 90s when I wrote security and privacy policies for Bethesda Naval Hospital and initiated forensics activities on the hospital network. Recently, my cyber activity includes vulnerability remediation and contingency planning/disaster recovery for FSA prior to its merger into FPAC.

I am an advanced open water scuba diver, equestrian and motorcycle enthusiast. My most recent dive excursion was to Bonaire in the Netherlands Antilles. I’m planning my next big dive in the Red Sea. I have a 30-acre hay farm and horse ranch in Kansas City, Missouri, and 40 acres of timber in southeast Virginia.

Assisting the Forest Service with building security and privacy controls that decreases exposure of privacy data is a priority for me. The mission of the Forest Service states “Caring for the land and serving people.” Part of that mission includes protecting the personally Identifiable Information of those that do business with us.

Privacy is important because it is a responsibility of every employee. Insider threats (i.e., threats from employees, contractors, subcontractors and other business partners) are just as important to circumvent as threats from external sources. And it’s easier to control if everyone understands their role.

The first question you should always ask yourself is, “Does the information I’m working with at this moment contain PII or other sensitive but unclassified information?” The second question should be “If so, am I handling it, transmitting it, and storing it properly?”

Tips Corner

It is important to handle controlled unclassified information with care! CUI includes your personally identifying information being managed by Human Resources Management, and the sensitive security information handled by Chief Information Office employees on a daily basis. 

Always remember to protect data you have access to and know where it is going. 

For additional information on how to store, transmit and destroy sensitive PII, please review the "How to Safeguard Sensitive PII" fact sheet on the Department of Homeland Security’s PII website. The Privacy Office will be looking to update our own in-house privacy policy within the coming months.

For more information on cyber security and privacy at the Forest Service, visit the cyber-security website.

The CIO is committed to providing reasonable accommodation in all of its activities, services, and programs for individuals with disabilities. If you require reasonable accommodation in accessing and using the information contained in this email, please email CIO News.

Please do not respond directly to this mass email.