Information Operations - Operations Security (OPSEC)

Operations Security (OPSEC)

• OPSEC as an IO Core Capability. OPSEC denies the adversary the information needed to correctly assess friendly capabilities and intentions. In particular, OPSEC complements MILDEC by denying an adversary information required to both assess a real plan and to disprove a deception plan. For those IO capabilities that exploit new opportunities and vulnerabilities, such as EW and CNO, OPSEC is essential to ensure friendly capabilities are not compromised. The process of identifying essential elements of friendly information and taking measures to mask them from disclosure to adversaries is only one part of a defense-in-depth approach to securing friendly information. To be effective, other types of security must complement OPSEC. Examples of other types of security include physical security, IA programs, computer network defense (CND), and personnel programs that screen personnel and limit authorized access.

• What occurs, often, is that data is either leaked, stolen, or hacked online and the enemy has access to and can decipher what that information may say. This is especially true for defensive operational security. US servicemen and servicewomen may have facebook, multiple blogs, or upload photos, which can lead to the enemy knowing troop movements and locations. With this information, setting up ambush and wreaking havoc on US and support personnel becomes much easier. Geo-tagging features of cellular phones especially, may cause this type of breach in OPSEC.

In perhaps the most egregious failure in OPSEC to hit the US military in recent years, is Wikileaks.

• "WikiLeaks founder Julianne Assange's release of some 76,000 classified reports is clearly a breach of our national security, but underscores a growing problem in balancing information sharing with operations security (OPSEC) since the end of the Cold War. Consider that the U.S. has been involved with coalition operations over the past two decades including Bosnia, Kosovo, Iraq and Afghanistan, and has endeavored to change the attitude of military forces from a "Cold War/OPSEC mindset" to one that encourages information and intelligence sharing. This attitude change emphasizes resisting the temptation to over classify information. While this is especially necessary in COIN operations, where intelligence is fleeting and requires quick action, recent events suggest that the Department of Defense may have gone too far."