OPSEC and PERSEC

[LT Guppy]

Merged from an old thread.

Quote:

Originally Posted by Kim

I think in the site info/rules area this should probably be posted. I know that most all of us know this but some do not and we want to make sure there is a ref. area just in case... We want our Sailors safe!

This was taken from MSOS.com

What is OPSEC?

Operations Security (OPSEC) is an analytic process used to deny an adversary information - generally unclassified - concerning our intentions and capabilities by identifying, controlling, and protecting indicators associated with our planning processes or operations. OPSEC does not replace other security disciplines - it supplements them.


OPSEC - A New Mindset

Our attention to security must change now. The events of September 11th, 2001 proved there is a demonstrated and known threat. How many times have we heard that terrorism is a threat? But, most of us thought it could only happen elsewhere - not in America.

Unfortunately, we have suffered several terrorist attacks in recent years - the Oklahoma City and U.S.S. Cole attacks, and the tragic events that unfolded on September 11, 2001. In these cases, the adversary was successful because they knew our vulnerabilities. Americans at large provided much of what was used against us. The only thing our enemies brought to the table was their personal agenda and their resolve.
As Federal employees, we are the representatives of the people. We develop, we plan, we execute - the American people trust us to do our jobs and keep them safe. The mishandling of information can put everything at risk and cost the lives of many Americans.


What OPSEC means to you on the Forums:

OPSEC is taken very seriously on our forums. Any violations of OPSEC will be promptly edited/removed and any future occurrences of breaking OPSEC will result in an automatic ban.

Things you are NEVER allowed to post under any circumstances:
ship/troop movement - this includes locations, arrival and departure dates, upcoming port visits and any other specifics pertaining to the present or future location or movement
personal information - addresses, phone numbers, last names, etc.
Why is it Important that We Learn about OPSEC?

The information that is often used against us is not classified information; it is information that is openly available to anyone who knows where to look and what to ask.

Operations Security is a tool that our adversaries believe in ... and one that we in the United States Government need to understand and integrate into our daily routine. Our work is information, and not all of it is classified. What we don't always realize is how much we are giving away by our predictable behavior, casual conversations, routine acquisitions and other Internet information. We must be careful of what we are revealing - failure to do so could provide our adversaries with the information they need to execute additional terrorist acts.


What can I do to Help Thwart any Further Attempts to Harm the U.S.A.?

We can all incorporate OPSEC into our everyday work routine. Practicing operations security will help you accomplish your goals. When you do something, ask yourself, "What could an adversary glean from the knowledge of this activity? Is it revealing information about what we do and how we do it?" It is helpful to view yourself and what you're doing as an adversary would. For example, what can be gained by observing your actions or reading what you place on a website?


What are OPSEC Indicators?

What do people observe about your schedule? What do you do when you go to work? What are you revealing by your predictable routines and the way you do business - these are indicators. OPSEC helps people identify the indicators that are giving away information about missions, activities, and operations.


Who is the Adversary?

Let's not focus strictly on terrorists right now. Remember that there are other adversaries - for example, foreign intelligence services that continue to collect information on us that could be used to hurt us in the future.
We sometimes only focus on what just happened - but it is a certainty that our adversaries will continually look for and find any weak links.


What are the Capabilities of our Adversary?

We can never underestimate the capabilities or strength of conviction of terrorists or any other adversary. Nothing is more dangerous than people who are willing to die for a cause.


What is the Risk?

The terrorist threat existed prior to September 11th, 2001. We just did not believe that such a horrific thing could ever happen. Everything we do involves risk - the application of the OPSEC process develops effective countermeasures to help us accomplish our future missions - by analyzing and minimizing the risk that we may inadvertently reveal critical information to our adversaries.


The Interagency OPSEC Support Staff

Our enemy took us by surprise and we will never be the same country again. In order to effectively bring the enemy to justice, we need to maintain the element of surprise. Every element of our operation is more sensitive than ever before. We must rededicate ourselves to our mission and our country to help ensure that what transpired on September 11th will not be repeated. Security must be incorporated into every aspect of our jobs. If we are not vigilant in protecting critical information, it will happen again. The future of America depends on changing the way we look at security. OPSEC can make the difference. It is absolutely essential that it be understood and incorporated into everything we do.


OPSEC taken in part from IOSS.gov

[Haasino]

I wanted to take a moment to bump this page and offer a link to an official Navy Blog regarding social media and open source intelligence gathering.

Four Things to Know about Operations Security and Your Privacy

For those who haven't been following the news, the names, photographs, addresses, and family of ~ 100 service members were posted online with calls for lone-wolf attacks against them. Many of those names are navy personnel... and a few of them are here at my base. While the direct threat from groups like ISIS are relatively low, we live in a society full of psychopaths who will do crazy sh*t to get a little fame or feel like they're supporting a cause.



I strongly encourage all Future Sailors, and even some of the Active Duty members, to follow the links provided and really think about what they're offering to the public through social media. The folks like CTT1 and I aren't the ones at risk here, because the nature of our jobs trains us about this type of thing... it's the DEPper, the recently graduated, the ABH, the LS, the MA, etc. who are unfortunately not given nearly enough PERSEC training and are essentially the most at-risk.





We're all proud of what we do/what we are preparing to do... and nobody is telling you that you should hide or feel ashamed of your oath or service... just be careful how public your affiliation is to those looking to do someone harm.

[Just4Kixs]

Ahh, OPSEC and PERSEC... the HIPPA of the military.

Thanks for sharing!

[sweetmtn]

I would also suggest family members as well change settings and delete important information....my son is apparently on that list and notified me as my home is still his home of record....he was told by his command in the army to notify me...Now I have several of his friends showing up at my house to "check on me" and even had one of his friends bring a semi auto rifle to me to keep as he puts it, "bedside insurance" For now my son has closed his FB account, but he feels the damage has already been done.

[ShotOfWSC]

Yes, this is very important...especially with everything that is going on now. Be wise about what you post and what information you are sharing and with who you share it with. DoD personnel are being targeted, and unfortunately some of the newer guys and deppers don't get enough training on this topic like Haasino stated. I cannot stress enough how important it is for you to protect yourself and your families, because you ARE a target...whether you are naive to it or not. Just be mindful of what you post on social media and be vigilant at all times.

[Auridan]

It's also not just what you put out, but what your family and friends say. Make sure they understand that just because you share a certain amount of information with them does NOT mean it's safe to continue sharing. My captain told us explicitly that he wants us to be able to share our underway schedule with our families, but he also made it clear that it is sensitive info and must be handled as such (i.e., shared quietly in person, not posted on Facebook).

And our secret folks are dead right: most of us are not trained for this. Don't come out the other end of your first OPSEC brief convinced you know everything. First, you probably already have a massive digital footprint, and you can only do so much damage control. Second, if your job doesn't deal with the security of information, you're going to forget the standards, because you don't think it'll happen to you. Odds are it won't, but just like any thief, hackers will go for the target of opportunity before anyone that looks like they'd take an effort. Start your over-share detox now and stick to it.