OPERATIONS SECURITYOPERATIONS SECURITY

16 August 200416 August 2004

OPERATIONS SECURITYOPERATIONS SECURITY

31 December 200331 December 2003

VGT 1

OPERATIONS SECURITYOPERATIONS SECURITY RE:AR 530-1, CH 1

Is the process of analyzing friendly actions pursuant to military operations and other activities.OPSEC maintains essential secrecy, which is the conditionachieved by the denial of critical information to adversaries. OPSEC is an operations function and notnot a security functionwhich protect classified information. At battalion level the S-3is the staff proponent for OPSEC, he implements other OPSEC measures to maintain surprise and security. OPSEC applies during peace, crisis, and war to all Army operations and support activities.

VGT 2

5 STEPS IN THE OPSEC PROCESS5 STEPS IN THE OPSEC PROCESSRE:AR 530-1, CH 3RE:AR 530-1, CH 3

1. Identification of Critical Information

2. Analysis of Threats

3. Analysis of Vulnerabilities

4. Assessment of Risks

5. Application of Appropriate Countermeasures

VGT 3

(1)Identification(1)Identification of Critical Informationof Critical Information para 3-4

The purpose of this step is to determine what needs protection. Identify questions the enemy may ask (5Ws + 1H) Facts about your intentions, capabilities, limitations Commander’s EEFIs, samples in appendix C Information concerning protected person(s) Operational and Tactical information (OPORD) Test materials used in an academic environment Sensitive Information FOUO/Classified Information Identify the length of time critical information needs protection. The TF commander approves EEFI list.The TF commander approves EEFI list.

VGT 4

(2)Analysis of Threats(2)Analysis of Threats para3-5

The purpose of this step is to identify all vulnerabilities and/or indicators.

A vulnerability exists when an adversary can collect an indicator, correctly analyze the information, make a decision, and take timely actions to degrade friendly operations. Indicators are data derived from open sources or from detectable actions that an adversary can piece together or interpret to reach conclusions or estimates concerning friendly intentions, capabilities or activities. Examine each part of the OPORD/FRAGO to find OPSECOPSEC vulnerabilities/indicators.indicators.

THREAT COLLECTION EFFORTSTHREAT COLLECTION EFFORTSApp E

Human Intelligence (HUMINT)

Overt, Covert and Clandestine

Open Source Intelligence (OSINT) (New update)

Imagery Intelligence (IMINT)

Signal Intelligence (SIGINT)

VGT 6

3 TYPES OF INDICATORS3 TYPES OF INDICATORSApp B-1, B-2

1.1. PROFILEPROFILE- Activity patterns and signatures that shows how your activities are normally conducted.

2. DEVIATIONDEVIATION- Profile changes which helps an adversary learn about your intentions, preparations, time and place.

3.3. TIP-OFFTIP-OFF- Actions that warn or shows an adversary of friendly impending activity.

Characteristics of an IndicatorCharacteristics of an Indicator

SignatureSignature= an identifiable trace or something that causes it to stand out.

AssociationsAssociations= compares current with past indicator information for relationship.

ProfilesProfiles= other indicators that have not been observed or detected.

ContrastContrast= only needs be recognized not understood.

ExposureExposure= duration, repetition, and timing of exposed indicator.

VGT 7VGT 7

(3)Analyze the Vulnerabilities(3)Analyze the Vulnerabilities para 3-6

The purpose of this step is to identify possible OPSEC measures for each vulnerability/indicator.

OPSEC measures are methods and means to gain and maintain essential secrecy about critical information using:

1.1. Action ControlAction Control:: Select a COA, impose restraints on actions and determine the 5Ws +1H for actions necessary to accomplish collective/individual tasks.

2.2. CountermeasuresCountermeasures a attack the adversaries collection efforts using Diversions, Camouflage, Concealment, Jamming, Diversions, Camouflage, Concealment, Jamming, Deception, Police Powers and Force.Deception, Police Powers and Force.

3. CounteranalysisCounteranalysis provides a possible alternate analysis for an indicator. Confuse the adversary analyst through deception. VGT 8

(3)Analyze the Vulnerabilities(3)Analyze the Vulnerabilities para 3-6

The purpose of this step is to identify possible OPSEC countermeasures for each vulnerability/indicator.

Select two OPSEC countermeasures for each vulnerability/indicator.

Some countermeasures interact and may apply to more than one vulnerability/indicator.

Assess the sufficiency of routine security measures (PerSec, PhySec, InfoSec, ComSec). These will provide OPSEC countermeasures for residual vulnerabilities/indicator.

VGT 9

(4) Assessment of Risks(4) Assessment of Risks para 3-7

This step is to select the OPSEC countermeasures for implementation.

The leader balance risking operational success/failure versus selecting the right/wrong OPSEC countermeasures.

Check interaction of select OPSEC countermeasures.

Coordinate select OPSEC countermeasures with lateral units and bring attach leaders into your briefings.

The TF commander may decide on a “no-measures” alternative.

VGT 10

VGT 11

(5)Application of appropriate countermeasures(5)Application of appropriate countermeasures para 3-8

Apply the select countermeasures, (directed by the TF commander or recommended by PLD) to the operation or incorporate into plans for future operations.

Emphasize the adverse results if failure to maintain effective OPSEC.

Implement countermeasures first on indicators requiring immediate action or as directed by the TF commander.

Document the measures or state “no-measures” alternative.

Monitor each countermeasures before and during execution, evaluate effectiveness.

Recommend to improve effectiveness of countermeasures or select new measures when new vulnerabilities develop.

VGT 12

REVIEWREVIEW

Define OPSEC

Define the 5 steps in the OPSEC Process

Define the 4 Threats Capabilities

Define the 3 Indicators