Department of the Navy Chief Information Officer
The DON IT Resource


Computer Network Incident Response and Reporting Instruction Released
April 1, 2008

An instruction that establishes the Department of the Navy’s Computer Network incident response and reporting policy was recently signed out by the DON Chief Information Officer.

SECNAVINST 5239.19, Department of the Navy Computer Network Incident Response and Reporting Requirements, provides the DON policy and procedures for the reporting of, and response to, malicious activity to include attempted entry, unauthorized entry, malicious code execution and/or an information attack on a DON information system.

This instruction establishes DON incident response policy consistent with SECNAVINST 5239.3A, Department of the Navy Information Assurance (IA) Policy and Department of Defense policy.

The main objectives of SECNAVINST 5239.19 are to:
  • Ensure an integrated and consistent DON approach in CND incident reporting and timelines for all DON organizations;
  • Define CND incidents as actual or potential adverse operational or technical impact to the DON networks;
  • Establish a baseline incident handling methodology to be followed by local network security personnel, the Navy Cyber Defense Operations Command (NCDOC), or the Marine Corps Network Operations and Security Center (MCNOSC) to detect, contain, assess and report relevant information on CND incidents; and
  • Detail responsibilities for Navy (NCDOC), Marine Corps (MCNOSC), DON CIO and Naval Criminal Investigative Service.
SECNAVINST 5239.19 applies to all commands, components and activities within the DON, and all DON-owned, DON-controlled, and DON-contractor-owned information systems that receive, process, store, display or transmit DoD information, regardless of mission assurance category, classification or sensitivity.