Hugs4MilitaryLoved1s


 
HomeHome  PortalPortal  GalleryGallery  FAQFAQ  SearchSearch  RegisterRegister  Log inLog in  
Log in
Username:
Password:
Log in automatically: 
:: I forgot my password
August 2018
MonTueWedThuFriSatSun
  12345
6789101112
13141516171819
20212223242526
2728293031  
CalendarCalendar
Social bookmarking
Social bookmarking digg  Social bookmarking delicious  Social bookmarking reddit  Social bookmarking stumbleupon  Social bookmarking slashdot  Social bookmarking yahoo  Social bookmarking google  Social bookmarking blogmarks  Social bookmarking live      

Bookmark and share the address of Hugs4MilitaryLoved1s on your social bookmarking website

Share | 
 

 What is OPSEC?

Go down 
AuthorMessage
NovArmyWife
CINC
CINC
avatar

Number of posts : 274
Age : 28
Location : Indiana
First Name : April
About Me : I love to go fishing
Registration date : 2007-07-31

Personnel File
Currently Handling Deployment: No
Deployments Survived: 2

PostSubject: What is OPSEC?   Wed Aug 01, 2007 8:15 pm

Operations Security (OPSEC):

"Intelligence is a curious business. The more you gather competitive information and analyze it, the more you begin to realize others may be doing the same to you. You and your competition constantly release information into the marketplace. You can never lock it all up, simply because of your need to conduct business. Yet, many companies recklessly expose more information than they need to; critical information that they should be protecting. Are you one of them?" - Complete Resource for Finding, Analyzing, and Using Information About You Competitors. John Wiley & Sons, Inc.

The steps to apply OPSEC to a situation

Identify critical information (and its indicators). What is the information or resource that you have other people might consider important?

What is the value of this information? Is it important to you? Would it be important to someone else? If someone else had access to this information could this be a threat to your company or country?

What are some tricks, methods an adversary could use to get at this information or resource? Or perhaps just to modify it. What are the capabilities of a potential adversary? Could they possibly access the information (if you are connected to a network that is connected to the internet, this is a distinct possibility). If your information is locked in an access controlled vault and the adversary would have to send in a Mission Impossible team, it is less likely.

How likely is it that someone can get at this information? How much work is involved to actually do the tricks you just thought up. *HINT* fix the ones that are very likely and very easy fast!

Begin to make it harder for these tricks to work. Fix problems, put in countermeasures. Make sure your employees and co-workers are aware of what you are doing to improve their job security. That's right, lousy security can lead to the loss of a company's marketshare, or a country's very existence.

OPSEC INDICATORS - Common Research Facility Indicators (You should know!)

Dates, times, and places information not protected. If a test or event is classified or sensitive, don't leave a breadcrumb trail of pointers to check for "further information".

Objectives. Unprotected statements like the "the purpose of this test/program/weapon system is to .... allow adversaries to quickly assess what interest it migt be to them.

Associated nicknames and acronyms .. very often we sum up how one program is associated with others and then mail that information over the internet.

Contingencies. If the wazoo rocket fails the SEP 97 test, RTD&E efforts will be focused on the bananna missle which is based on the Windows 97 operating system from Microsoft ... is not the sort of thing to post on a web page.

Funding. Sure we all get mad if your funding gets cut, but if you carefully describe the milestones that cannot be met and the capabilities that can never get fielded if your program has to sustain a 3% cut and that document ends up in a trash can (and you can bet that it will, nobody reads that stuff except adversaries) you may have done more damage and a 30% cut.

INTERNET IS NO.1 CHOICE FOR FOREIGN SNOOPERS

A report released by the National Counterintelligence Center (NACIC) indicates that the Internet is the fastest growing method used by foreign entities to gather intelligence about U.S. companies. "All requests for information received via the Internet should be viewed with suspicion," says the report, which urges caution in replying to requests coming from foreign countries or foreign governments, particularly with regard to questions about defense-related technology. NACIC works in close coordination with the CIA, but is an autonomous agency reporting the National Security Council. (BNA Daily Report for Executives 6 Jan 97 A15)

The whole point of operations security is to have a set of operational (daily, habit ingrained) practices that make it harder for another group to compile critical information. This can be as simple as shredding documents with sensitive information. You would be amazed what can be collected from a dumpster. I love dumpster diving, when you see me in jeans and a t-shirt, you can just bet I have been collecting information. If everything else I have written doesn't motivate you to protect your country's or company's proprietary information, then you should know I have also come up with bank statements and phone billing records.

*I got this information from the following link:
http://www.nswc.navy.mil/ISSEC/Docs/Ref/GeneralInfo/opsec_basics.html
Back to top Go down
View user profile http://www.myspace.com/novarmywifelirpa
 
What is OPSEC?
Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
Hugs4MilitaryLoved1s :: Protocol: First Things First :: Mission Statement, OPSEC, & Golden Guidelines-
Jump to: