OPERATIONS SECURITY

1
OPERATIONS SECURITY
16 August 2004
2
OPERATIONS SECURITY
31 December 2003
3
OPERATIONS SECURITY REAR 530-1,
CH 1

• Is the process of analyzing friendly actions
  pursuant to
• military operations and other activities.
• OPSEC maintains essential secrecy, which is the
  condition
• achieved by the denial of critical information to
  adversaries.
• OPSEC is an operations function and not a
  security function
• which protect classified information. At
  battalion level the S-3
• is the staff proponent for OPSEC, he implements
  other OPSEC
• measures to maintain surprise and security.
• OPSEC applies during peace, crisis, and war to
  all Army
• operations and support activities.

VGT 1
4
5 STEPS IN THE OPSEC PROCESS REAR 530-1, CH 3

• Identification of Critical Information
• Analysis of Threats
• Analysis of Vulnerabilities
• Assessment of Risks
• Application of Appropriate Countermeasures

VGT 2
5

• (1)Identification of Critical Information
• para 3-4
• The purpose of this step is to determine what
  needs protection.
• Identify questions the enemy may ask (5Ws 1H)
• Facts about your intentions, capabilities,
  limitations
• Commanders EEFIs, samples in appendix C
• Information concerning protected person(s)
• Operational and Tactical information (OPORD)
• Test materials used in an academic environment
• Sensitive Information FOUO/Classified
  Information
• Identify the length of time critical information
  needs protection. The TF commander approves EEFI
  list.

VGT 3
6

• (2)Analysis of Threats para3-5
• The purpose of this step is to identify all
  vulnerabilities and/or indicators.
• A vulnerability exists when an adversary can
  collect an indicator, correctly analyze the
  information, make a decision, and take timely
  actions to degrade friendly operations.
• Indicators are data derived from open sources or
  from detectable actions that an adversary can
  piece together or interpret to reach conclusions
  or estimates concerning friendly intentions,
  capabilities or activities.
• Examine each part of the OPORD/FRAGO to find
  OPSEC vulnerabilities/indicators.

VGT 4
7
THREAT COLLECTION EFFORTS App E

• Human Intelligence (HUMINT)
• Overt, Covert and Clandestine
• Open Source Intelligence (OSINT) (New update)
• Imagery Intelligence (IMINT)
• Signal Intelligence (SIGINT)

8
3 TYPES OF INDICATORS App B-1, B-2

• PROFILE- Activity patterns and signatures that
  shows how your activities are normally conducted.
• 2. DEVIATION- Profile changes which helps an
  adversary learn about your intentions,
  preparations, time and place.
• TIP-OFF- Actions that warn or shows an adversary
  of friendly impending activity.

VGT 6
9
Characteristics of an Indicator Signature
an identifiable trace or something that causes
it to stand out. Associations compares current
with past indicator information for
relationship. Profiles other indicators that
have not been observed or detected. Contrast
only needs be recognized not understood. Exposure
duration, repetition, and timing of exposed
indicator.
VGT 7
10
(3)Analyze the Vulnerabilities para 3-6

• The purpose of this step is to identify possible
  OPSEC measures for each vulnerability/indicator.
• OPSEC measures are methods and means to gain and
  maintain essential secrecy about critical
  information using
• Action Control Select a COA, impose restraints
  on actions and determine the 5Ws 1H for actions
  necessary to accomplish collective/individual
  tasks.
• Countermeasures attack the adversaries collection
  efforts using Diversions, Camouflage,
  Concealment, Jamming, Deception, Police Powers
  and Force.
• 3. Counteranalysis provides a possible alternate
  analysis for an indicator. Confuse the adversary
  analyst through deception.

VGT 8
11
(3)Analyze the Vulnerabilities para 3-6

• The purpose of this step is to identify possible
  OPSEC countermeasures for each vulnerability/indic
  ator.
• Select two OPSEC countermeasures for each
  vulnerability/indicator.
• Some countermeasures interact and may apply to
  more than one vulnerability/indicator.
• Assess the sufficiency of routine security
  measures (PerSec, PhySec, InfoSec, ComSec). These
  will provide OPSEC countermeasures for residual
  vulnerabilities/indicator.

VGT 9
12
(4) Assessment of Risks para 3-7

• This step is to select the OPSEC countermeasures
  for implementation.
• The leader balance risking operational
  success/failure versus selecting the right/wrong
  OPSEC countermeasures.
• Check interaction of select OPSEC
  countermeasures.
• Coordinate select OPSEC countermeasures with
  lateral units and bring attach leaders into your
  briefings.
• The TF commander may decide on a no-measures
  alternative.

VGT 10
13
(5)Application of appropriate countermeasures
para 3-8

• Apply the select countermeasures, (directed by
  the TF commander or recommended by PLD) to the
  operation or incorporate into plans for future
  operations.
• Emphasize the adverse results if failure to
  maintain effective OPSEC.
• Implement countermeasures first on indicators
  requiring immediate action or as directed by the
  TF commander.
• Document the measures or state no-measures
  alternative.
• Monitor each countermeasures before and during
  execution, evaluate effectiveness.
• Recommend to improve effectiveness of
  countermeasures or select new measures when new
  vulnerabilities develop.

VGT 11
14
REVIEW

• Define OPSEC
• Define the 5 steps in the OPSEC Process
• Define the 4 Threats Capabilities
• Define the 3 Indicators

VGT 12