1 / 37

Operations Security (OPSEC)

Operations Security (OPSEC). DEFENSE-SENSITIVE INFORMATION. SUMMER CRUISES REQUIRED TRAINING OPNAVINST 3432. DEFINITIONS & BACKGROUND. OPSEC IS: ONE OF THREE COMPONENTS USED TO MAINTAIN THE SECRECY NEEDED TO ACHIEVE SURPRISE OPSEC IS NOT A SECURITY FUNCTION, BUT AN OPERATIONS FUNCTION

nicolereid
Download Presentation

Operations Security (OPSEC)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Operations Security(OPSEC)

  2. DEFENSE-SENSITIVE INFORMATION • SUMMER CRUISES • REQUIRED TRAINING • OPNAVINST 3432

  3. DEFINITIONS & BACKGROUND • OPSEC IS: • ONE OF THREE COMPONENTS USED TO MAINTAIN THE SECRECY NEEDED TO ACHIEVE SURPRISE • OPSEC IS NOT A SECURITY FUNCTION, BUT AN OPERATIONS FUNCTION • SECURITY PROGRAMS AND OPSEC MUTUALLY SUPPORT EACH OTHER

  4. DEFINITIONS & BACKGROUND • OPSEC IDENTIFIES & CONTROLS INFORMATION THAT INDICATES • OUR • FRIENDLY (U.S.) INTENTIONS • FRIENDLY (U.S.) CAPABILITIES • FRIENDLY (U.S.) ACTIVITIES

  5. DEFINITIONS & BACKGROUND • SECURITY PROGRAMS • DENY CLASSIFIED INFORMATION TO ADVERSARIES • PHYSICAL SECURITY • PERSONAL SECURITY • INFORMATION SECURITY • INFORMATION SYSTEMS SECURITY

  6. DEFINITIONS & BACKGROUND • COUNTERINTELLIGENCE PROGRAMS • SUPPORT BOTH SECURITY AND OPSEC PROGRAMS • IDENTITY INTELLIGENCE THREATS AND METHODS OF AN ADVERSARY

  7. FREEDOM OF ACTION • BY MAINTAINING OPERATIONAL SECURITY OF PLANS WE GAIN THE FULLEST POSSIBLE SURPRISE • THIS IN TURN GIVES US FREEDOM OF ACTION

  8. GOOD OPSEC • OPSEC, PROPERLY APPLIED, CONTRIBUTES TO: • OPERATIONAL EFFECTIVENESS • ENHANCES PROBABILITY OF SURPRISE • CAUSES ADVERSARIES TO MAKE BAD DECISIONS DUE TO: • LACK OF CRITICAL INFORMATION ABOUT OUR FORCES AND EQUIPMENT

  9. OPSEC REQUIRED FOR • OPSEC MEASURES ARE REQUIRED FOR OPERATIONS AND ACTIVITIES RELATING TO THE…: • EQUIPPING • PREPARING • DEPLOYING • SUSTAINING • EMPLOYMENT • …OF THE NAVY AND MARINE CORPS TEAM IN TIME OF WAR, CRISIS, OR PEACE • ALSO, PROTECT THE PLANS

  10. INADEQUATE OPSEC • DEGRADES OPERATIONAL EFFECTIVENESS BY HINDERING SURPRISE • CONVERSELY, EXCESSIVE OPSEC CAN INTERFERE WITH: • COORDINATION • TRAINING • LOGISTICAL SUPPORT

  11. SUMMATION • OPSEC IS THE CONTROL OF INFORMATION BY: • KNOWING THE THREAT • KNOWING WHAT TO PROTECT • DETERMINING RISKS • KNOWING HOW TO PROTECT INFORMATION

  12. OPSEC PROCESS • OPSEC PLANNING IS ACCOMPLISHED VIA THE OPSEC PROCESS • THE OPSEC PROCESS CONSISTS OF FIVE DISTINCT ACTIONS APPLIED IN A SEQUENTIAL MANNER DURING OPSEC PLANNING • BEFORE WE DISCUSS, YOU MUST KNOW SOME TERMINOLOGY

  13. OPSEC TERMINOLOGY • CRITICAL INFORMATION: Specific facts about friendly intentions, capabilities, and activities vitally needed by adversaries for them to plan and act effectively to guarantee failure or unacceptable consequences for friendly mission accomplishment.

  14. OPSEC TERMINOLOGY • OPSEC INDICATORS: Friendly detectable actions and open-source information that can be interpreted or pieced together by an adversary to derive critical information.

  15. OPSEC TERMINOLOGY • OPSEC VULNERABILITY: A condition in which friendly actions provide OPSEC indicators that may be obtained and accurately evaluated by an adversary in time to provide a basis for effective adversary decision making.

  16. OPSEC ACTION #1 • IDENTIFICATION OF CRITICAL INFORMATION • What will our adversary want to know about our intentions, capabilities, and activities? • The answers to these three questions are known as Essential Elements of Friendly Information (EEFI). • EEFIs are what we protect from exposure to an adversary.

  17. OPSEC ACTION #1 (CONT.) • CRITICAL INFORMATION IS A SUBSET OF EEFI • IT IS ONLY THAT INFORMATION THAT IS VITALLY NEEDED BY AN ADVERSARY • IDENTIFYING CRITICAL INFORMATION ALLOWS US TO FOCUS OUR EFFORTS ON PROTECTING IT, INSTEAD OF TRYING TO PROTECT ALL CLASSIFIED OR SENSITIVE INFORMATION

  18. OPSEC ACTION #2 • ANALYSIS OF THREATS • RESEARCHING & ANALYZING INTELLIGENCE INFORMATION, COUNTERINTELLIGENCE, REPORTS, AND OPEN SOURCE INFORMATION TO IDENTIFY WHO THE LIKELY ADVERSARIES ARE TO THE PLANNED OPERATION • THROUGH THIS ANALYSIS WE SEEK ANSWERS TO THE FOLLOWING QUESTIONS:

  19. OPSEC ACTION #2 (CONT.) • WHO IS THE ADVERSARY? • WHAT ARE THE ADVERSARY’S GOALS? • What IS THE ADVERSARY’S STRATEGY FOR OPPOSING THE PLANNED OPERATION?

  20. OPSEC ACTION #2 (CONT.) • WHAT CRITICAL INFORMATION DOES THE ADVERSARY ALREADY KNOW ABOUT THE OPERATION • WHAT INFORMATION IS IT TOO LATE TO PROTECT? • WHAT ARE THE ADVERSARY’S INTELLIGENCE COLLECTION CAPABILITIES?

  21. OPSEC ACTION #3 • ANALYSIS OF VULNERABILITY • FRIENDLY ACTIONS/ACTIVITIES PROVIDE OPSEC INDICATORS TO AN ADVERSARY THAT MAY BE OBTAINED AND ACCURATELY EVALUATED IN TIME TO PROVIDE A BASIS FOR EFFECTIVE DECISION MAKING AND ACTION AGAINST US

  22. OPSEC ACTION #3 (CONT.) • OPERATIONS PLANNERS SEEK ANSWER TO THE FOLLOWING WHEN ANALYZING VULNERABILITY: • WHAT INDICATORS OF CRITICAL INFORMATION NOT KNOWN TO THE ADVERSARY WILL BE CREATED BY THE FRIENDLY ACTIVITIES IN PREPARATION FOR THE OPERATION?

  23. OPSEC ACTION #3 (CONT.) • WHAT INDICATORS CAN THE ADVERSARY ACTUALLY COLLECT? • WHAT INDICATORS WILL THE ADVERSARY BE ABLE TO USE TO THE DISADVANTAGE OF FRIENDLY FORCES? • CAN THE ADVERSARY ANALYZE THE INFORMATION, MAKE A DECISION, AND TAKE APPROPRIATE ACTION IN TIME TO INTERFERE WITH THE PLANNED OPERATION?

  24. OPSEC ACTION #4 • ASSESSMENT OF RISK • TWO COMPONENTS: • ANALYZE OPSEC VULNERABILITIES IDENTIFIED IN THE PREVIOUS ACTION AND CONSIDER OPSEC MEASURES TO ERASE OR COUNTER EACH VULNERABILITY • SPECIFIC OPSEC MEASURES ARE SELECTED FOR EXECUTION BASED UPON A RISK ASSESSMENT DONE BY THE COMMANDER AND STAFF

  25. OPSEC ACTION #4 (CONT.) • THESE OPSEC MEASURES SPECIFICALLY REDUCE THE ADVERSARY’S CAPABILITY TO ANALYZE OUR ACTIONS

  26. OPSEC ACTION #4 (CONT.) • OPSEC MEASURES CAN BE USED TO: • PREVENT THE ADVERSARY FROM DETECTING AN INDICATOR • PROVIDE AN ALTERNATIVE ANALYSIS OF AN INDICTOR • DECEIVE THE ADVERSARY • ATTACK THE ADVERSARY’S COLLECTION SYSTEM

  27. OPSEC ACTION #4 (CONT.) • OPSEC MEASURES INCLUDE, AMONG OTHER ACTIONS: • COVER • CONCEALMENT • CAMOUFLAGE • DECEPTION • INTENTIONAL DEVIATIONS FROM NORMAL PATTERNS • DIRECT STRIKES AGAINST THE ADVERSARY’S INTELLIGENCE SYSTEM

  28. OPSEC ACTION #4 (CONT.) • GOAL OF OPSEC MEASURES: • HIGHEST POSSIBLE PROTECTION WITH THE LEAST IMPACT ON OPERATIONAL EFFECTIVENESS

  29. OPSEC ACTION #4 (CONT.) • RISK ASSESSMENT: • THIS REQUIRES COMPARING THE ESTIMATED COST WITH IMPLEMENTING PARTICULAR OPSEC MEASURES TO THE POTENTALLY HARMFUL EFFECTS ON MISSION ACCOMPLISHMENT RESULTING FROM AN ADVERSARY’S EXPLOITATION OF AN OPSEC VULNERABILITY • IN THE END, CAN THE ADVERSARY DO MUCH DAMAGE IF WE DON’T IMPLEMENT AN OPSEC MEASURE?

  30. OPSEC ACTION #4 (CONT.) • IMPLEMENTING OPSEC MESURES COSTS: • RESOURCES: • TIME • PERSONNEL • INTERFERES WITH NORMAL OPERATIONS • IF COST > HARMFUL EFFECT, IT IS NOT WORTH IT

  31. OPSEC ACTION #4 (CONT.) • TYPICAL QUESTIONS FOR ANALYSIS • WHAT IS THE RISK TO OUR OPERATIONAL EFFECTIVENESS? • WHAT IS THE RISK TO MISSION SUCCESS IF WE DON’T IMPLEMENT AN OPSEC MEASURE? • WHAT RISK TO MISSION SUCCESS IS LIKELY IF AN OPSEC MEASURE FAILS TO BE EFFECTIVE?

  32. OPSEC ACTION #4 (CONT.) • THE INTERACTION OF OPSEC MEASURES MUST BE ANALYZED • IN SOME SITUATIONS, CERTAIN OPSEC MEASURES MAY ACTUALLY CREATE INDICATORS OF CRITICAL INFORMATION • EXAMPLE: CAMOUFLAGING OF PREVIOUSLY UNPROTECTED FACILITIES COULD BE AN INDICATOR OF PREPARATIONS FOR MILITARY ACTIONS

  33. OPSEC ACTION #4 (CONT.) • COORDINATE OPSEC ACTIONS WITH OTHER COMMAND AND CONTROL COMPONENTS TO ENSURE ACTIONS DO NOT COMPROMISE SECURITY • ACTIONS SUCH AS JAMMING OF INTELLIGENCE NETS OR THE PHYSICAL DESTRUCTION OF CRITICAL INTELLIGENCE CENTERS CAN BE USED AS OPSEC • CONVERSELY, DECEPTION AND PSYOP PLANS MAY REQUIRE THAT OPSEC MEASURES NOT BE APPLIED TO CERTAIN INDICATORS IN ORDER TO PROJECT A SPECIFIC MESSAGE TO THE ADVERSARY

  34. OPSEC ACTION #5 • APPLICATION OF APPROPRIATE OPSEC MEASURES • THE COMMAND IMPLEMENTS THE OPSEC MEASURES SELECTED IN STEP #4 • THE REACTION OF ADVERSARIES TO OPSEC MEASURES IS MONITORED TO DETERMINE EFFECTIVENESS AND TO PROVIDE FEEDBACK • FEEDBACK IS USED TO ADJUST OPSEC MEASURES AND FOR FUTURE OPSEC PLANNING

  35. OPSEC & THE PUBLIC • OPSEC ACTIONS ARE HELD ACCOUNTABLE BY THE AMERICAN PUBLIC • OPSEC IS NOT AN EXCUSE TO DENY THE PUBLIC ACCESS TO NON-CRITICAL INFORMATION

  36. QUESTIONS

  37. SUMMARY

More Related