Information Management: Army Cybersecurity

Communications Security (COMSECCOMSECCommunications security)

By Order of the Secretary of the Army:

MARK A. MILLEY
General, United States Army
Chief of Staff

Official:

KATHLEEN S. MILLER
Administrative Assistant
to the Secretary of the Army

History. This publication is an administrative revision. The portions affected this administrative revision are listed in the summary of change.

Summary. This pamphlet implements DoDI 8523.01, DoDI 8500.01, and DoDI 8510.01 as they relate to communications security. It provides Army communications security guidance for all information technology capabilities used in and by the Army. Guidance is also provided regarding national security systems that utilize

commercial products and/or architectures for protecting information, both designated as data-at-rest and/or data-in-transit. This document provides procedural guidance that relates to the policies established in AR 25-2. It contains instructions, processes, formats, reporting requirements, and guidelines necessary to register and track all Army deployments and use of commercial solutions and equipment.

Applicability. This pamphlet applies to the Regular Army, the Army National Guard/Army National Guard of the United States, and the U.S. Army Reserve, unless otherwise stated. Also, it applies to Department of the Army civilian personnel, including civilian contractors.

Proponent and exception authority.

The proponent of this pamphlet is the Deputy Chief of Staff, G-6. The proponent has the authority to approve exceptions or waivers to this regulation that are consistent with controlling law and regulations. The proponent may delegate this approval authority, in writing, to a division chief within the proponent agency or its direct reporting unit or field operating

agency, in the grade of colonel or the civilian equivalent. Activities may request a waiver to this regulation by providing justification that includes a full analysis of the expected benefits and must include formal review by the activity's senior legal officer. All waiver requests will be endorsed by the commander or senior leader of the requesting activity and forwarded through their higher headquarters to the policy proponent. Refer to AR 25-30 for specific guidance.

Suggested improvements. Users are invited to send comments and suggested improvements on DA FormDA FormDepartment of the Army form 2028 (Recommended Changes to Publications and Blank Forms) via email to usarmy.pentagon.hqda-dcs-g-6.mbx.publications-management@army.mil.

Distribution. This pamphlet is available in electronic media only and is intended for the Regular Army, the Army National Guard/Army National Guard of the United States, and the U.S. Army Reserve.

This chapter provides Army standards and procedures for the acquisition, implementation, and life cycle management of cryptographic systems, products, and services used to protect Army controlled unclassified information (CUI) and classified NSI, systems, and networks.