operations security (opsec) · operations security ... capabilities, operations, and other...
TRANSCRIPT
Operations Security (OPSEC)
What is OPSEC?
Operations Security
We have information the “bad guys” need to
hurt us and we don’t want them to get it!
Another “tool” in the security toolbox
Goal of OPSEC
If the adversary can’t
figure out what we are
doing, then he will
have a harder time
defeating us.
ADVERSARIES
An adversary is anyone who contends with, opposes or acts against your interest and must be denied critical information. It could be as simple and obvious as your opponent in any game, or as complex and unknown as a spy, agent of a foreign government, or a criminal.
Types of adversaries include: International Terrorists Groups
Criminals
Organized Crime and Drug Trafficking Groups
Domestic Militia Groups
Extremists Groups and Cults
Foreign Intelligence Agencies
Hackers and Crackers
Insider
Each adversary will have different motives and capabilities. It is important to understand the motives and capabilities of each adversary
CRITICAL INFORMATION
1. Critical Information is essential to the success of an operation, mission
or project.
2. Our Critical Information is what the Adversary needs to defeat us.
You need to think about what is critical to the adversary, not just to your organization.
Critical information includes specific facts about friendly intentions, capabilities, operations, and other activities vitally needed by adversaries for them to plan and act effectively, so as to guarantee failure or unacceptable consequences for friendly mission accomplishment.
A vulnerability is a weakness that
can be exploited by an adversary to
obtain your critical information,
and it can be present in any facet
of your operations.
Indicators are observable or detectable activities or information that can be pieced together to reveal sensitive information regarding your operation. They act as clues to an activity that adversaries can exploit to their advantage through analysis.
Threat is the capability
of an adversary coupled
with his intentions to
undertake any actions
detrimental to the
success of friendly
activities or operations.
Risk is the probability an adversary
will compromise your critical
information, and the impact this
would have if the adversary is
successful.
A countermeasure is anything that
effectively negates or reduces an
adversary’s ability to exploit our
vulnerabilities
OPSEC ProcessIdentify
Critical Information
Analyze the
Threat
Analyze
VulnerabilitiesAssess Risk
Apply
Countermeasures
Why use OPSEC?
Protect the mission
Preserve lives
Protect plans and procedures
When to use OPSEC?
Special Operations Mission Planning
Planning for Special Events
Special Operations Training Exercises
Plans and Standard Operating Procedures
Methods, Sources, and Technical Tradecraft