Mr. Ray Letteer Director, Information Assurance Division within the Command, Control, Communications, and Computer (C4) Department, Headquarters Marine Corps was the guest speaker at the Quantico-Potomac AFCEA Chapter on June 16th. Mr. Letteer provided an overview the Marine Corps Information Assurance Program and Certification & Accreditation (C&A) as it relates to Information Assurance requirements for the Marine Corps and for Industry.
Highlights included mission requirements for his position, issues that currently cause concern and require resolution, and the certification and accreditation requirements as related to cyber security quality assurance. Mr. Letteer also focused on understanding information and terminology as associated with the utilization of documentation and standardization to meet C&A requirements. He discussed IA Control Inheritance to demonstrate that “ Applications inherit IA Controls from the workstation/server on which they reside; Workstations/Servers inherit IA Controls from the environment in which they reside”.
Mr. Letteer wrapped up the presentation with a focus on a balance of all the IT factors and stressed that utilization of Security Technical Implementation Guides (“STIGS”) as the key in the certification process. Assessing risk was the last major point of the presentation to insure the right balance to reduce risk, but at the same time to provide operational access to enable the Marine Corps to meet mission requirements. An active question and answer period followed the presentation.
Ray A. Letteer
Director, Information Assurance Division, C4
Serves as the Senior Information Assurance Official for the Marine Corps as required by the Federal Information Systems Management Act (FISMA). Responsible for the overall creation, promulgation, and execution of the Marine Corps Information Assurance Program (MCIAP). Serves as the supervisor for the Information Assurance (IA) Division and as the Designated Approval Authority (DAA) for the Marine Corps Enterprise Network (MCEN), managing the $10M IA budget in the Command, Control, Communications, & Computer (C4) department. Requirements include working IA programs and related security projects of the National Security Agency (NSA) and Joint Task Force-Global Network Operations (JTF-GNO), as well as the investigative and forensic standards of the Department of Justice. It also includes coordinating and approving law enforcement and counter-intelligence cybercrime investigation access to Marine Corps systems.
Mr. Letteer establishes and oversees all Marine Corps base-line security policies, to include firewall settings, wireless security standards, forensic and incident handling methodologies, cyber-investigations, system security architecture, and certification & accreditation processes. He is also co-chair the Department of the Navy (DoN) Information Assurance Workforce Working Group (IAWWG), and the Marine Corps voting representative to the DoD IA Panel (IAP), IA Steering Group (IASG), IA Senior Leaders (IASL), Enterprise Security Solutions Group (ESSG), DoD IA Security Accreditation Working Group (DSAWG), and the Committee for National Security Systems (CNSS).