Before the 1960s almost everything about living openly as a lesbian, gay, bisexual, or transgender (LGBT) person was illegal. New York City laws against homosexual activities were particularly harsh. The Stonewall Uprising on June 28, 1969 is a milestone in the quest for LGBT civil rights and provided momentum for a movement.
Vine Creek Ranch at Death Valley National Park. Steady drought and record summer heat make Death Valley a land of extremes. Towering peaks are frosted with winter snow. Rare rainstorms bring vast fields of wildflowers. Lush oases harbor tiny fish and refuge for wildlife and humans. Despite its morbid name, a great diversity of life survives in Death Valley.
Located 2,600 miles southwest of Hawaii, the National Park of American Samoa is the most remote unit of the National Park System and the U.S. National Park south of the Equator. The Park spreads across three islands, 9,500 acres of tropical rainforest, and 4,000 acres of ocean, including coral reefs. While remote, the islands of American Samoa, true to the meaning of the word Samoa (Islands of Sacred Earth), are welcoming and offer beautiful landscapes and centuries of culture and history.
Seasoned backpacker and adventurer Yang Lu earned the grand prize in the 2015 Share the Experience photo contest with this image of a sunburst captured at sunrise in Glen Canyon National Recreation Area, Utah. Yang has made the outdoors part of his daily life and finds deep connection to the land through his lens.
“My photography is not just for recreation, it is to inspire people to explore these areas." -- Yang Lu
Photo by Yang Lu (www.sharetheexperience.org).
Functions of the Information Assurance Division include:
Developing Enterprise IT Security policies, standards, guidelines and procedures
Ensuring the Confidentiality, Integrity and Availability of DOI Information and Systems
Oversight of System Assessments & Authorizations across the Department
Support for the Department's Cyber Security Assessment and Management (CSAM) system allowing for the oversight of A&A packages and Plan of Action and Milestone (POA&M) reporting
Management of Office of the Secretary (OS) POA&M items in CSAM
Developing an Enterprise Risk Management Framework
Establishing an Enterprise Continuous Monitoring Program
Developing Privacy Act policies, standards, guidelines and procedures
Identifying relevant IT infrastructure controls for implementation to meet Privacy Act requirements
The Information Assurance Division's revised structure is comprised of the following functional areas:
Enterprise IT Security Policy and Planning
Enterprise Assessment and Authorization Oversight
IT Security Education, Awareness and Training
IT Security Program Management including Information Technology Security Team (ITST) Coordination
IT Security Policy and Planning
DOI IT security policies are created to set management expectations for securing IT systems and ensuring clear guidelines are defined for system user behavior, and ensuring consistent system performance. They are necessary for compliance with federal mandates, such as the Federal Information Security Management Act (FISMA), Office of Management and Budget (OMB) memoranda and circulars, National Institute of Standards and Technology (NIST) guidance, and industry best practices.
Assessment and Authorization Management
Security accreditation is the official management decision given by a senior agency official to authorize operation of an information system and to explicitly accept the risk to agency operations, agency assets, or individuals based on the implementation of an agreed-upon set of security controls. Required by OMB Circular A-130, Appendix III, security accreditation provides a form of quality control and challenges managers and technical staffs at all levels to implement the most effective security controls possible in an information system, given mission requirements, technical constraints, operational constraints, and cost/schedule constraints. By accrediting an information system, an agency official accepts responsibility for the security of the system and is fully accountable for any adverse impacts to the agency if a breach of security occurs. Thus, responsibility and accountability are core principles that characterize security accreditation.
IT Security Education, Awareness and Training
Awareness training plays an important role in achieving the Department's goals for information security and privacy. Annual information security and privacy awareness training is provided to all DOI employees, and others who have access to DOI information systems. The training objectives are to enhance awareness of the threats to, and vulnerabilities of, information systems; and to encourage the use of good information security practices within the Department.
The Department established the IT Security Team (ITST) in January 2002. The Team's mission is to help ensure the successful implementation of the Office of Management and Budget (OMB) Circular A-130, Appendix III. The ITST is chaired by the DOI CISO with membership comprised of Bureau CISOs and representatives from the Inspector General's office. The team works on issues relating to information security such as policy, procedures, security technologies and reporting to oversight agencies.