4. Operational Security

7/28/2019 4. Operational Security

1/16

Introduction to OperationsSecurity (OPSEC)

Updated 09/28/111

Security is Everyone's Responsibility See


2/16

Understand the core of Operations

Security (OPSEC)

Define & identify targets and threats

Establish countermeasures

Identify the Critical InformationCommandments

Decipher the value of information

Objective

2Security is Everyone's Responsibility See


3/16

What is OPSEC?

Have you ever taken precautions against

Someone

breaking into your house while youre on

vacation?

stealing your purse?

stealing packages from your car while yourshopping?

fraudulently using your credit card?

Then you have used OPSEC!



4/16

OPSEC is a risk management instrument

that enables a manager or commander

to view an operation or activity from the

perspective of an adversary. It is a

process of identifying, analyzing andcontrolling critical information.


What is OPSEC?


5/16

Identify Critical Information

Analyze Threats

Discover Vulnerabilities

Assess Risks

DevelopCountermeasures

Spies

Ops

Privacy

Caution

Foresight

Terror

Home

Theft


What is OPSEC?


6/16

Identify Critical Information: Personal information, operational info, itineraries,

passwords, patterns, changes in patterns, OPLAN andorders, information base systems, etc..

Analyze Threat: Adversaries, Intelligence agencies Open source

information, clandestine operations, eavesdropping,photographing, etc


What is OPSEC?


7/16

Discover Vulnerabilities: Flow of information, operations, timing of events,

how an adversary would acquire the information,etc

How would the adversaries access to suchinformation impact the organization?

Assess Risks: Estimated loss x impact of risk x likelihood of risk = $

Does the solution outweigh the loss?


What is OPSEC?


8/16

Develop Countermeasures: are based on the vulnerabilities and inherent risks.

Are dictated by cost, timing, feasibility, andimagination of involved personnel. Simplicity,straightforwardness, and inexpensiveness are key tothe most effective countermeasure solutions.

OPSEC is a DIFFERENT WAY of SEEING


What is OPSEC?


9/16

Take note of suspicious behavior

HUMINT-

If you see something, say something

Be consistent with the testing of systems There is always room for improvement

Security is Everyone's Responsibility See9

How Do I Identify Threats &

Vulnerabilities?


10/16

Critical Information Commandments

1. Thou must protect the information that

the adversary needs to accomplish his

mission.

2. Thou shall not try to protect everything.

3. Consider who thy adversaries are and whatinformation they require to inflict harm to

you.



11/16

4. Thou shall consult all sources of

information to determine what thine

enemies know about you.

5. Once thou has determined what

information is critical, thou shalldetermine if that information is associated

with thine activities.


Critical Information Commandments


12/16

Information that the adversary needs to

accomplish their mission.

Intelligence information

Technical information on

communications


What Information Should I Protect?


13/16

Tactical information concerning

intentions

Scientific information regarding newtechnologies

Military capabilities

Commercial information on new

technologies




14/16Security is Everyone's Responsibility See1


Military weapons information: Capabilities, manufactures, purpose, vulnerabilities,

effectiveness, type, testing details, etc

Scientific Industrial Information Technology & Research

Technical specifications Marketing plans

Key personnel

Breakthroughs


15/16



Law Enforcement plans & information

sources Warrants, Witnesses, Evidence, Capabilities, Raids,

Who, What, Where, How, etc


16/16

Conclusion

OPSEC is critical to our National Security

OPSEC is everyones concern and

responsibility

OPSEC may mean the success or failure

of our mission


4. Operational Security

Documents

Transcript of 4. Operational Security