OPSEC Awareness Month accentuates need for operations security

Photo By Caroline Countryman | FORT RILEY, Kan. - National Counterintelligence and Security Center informs January is...... read more read more

Photo By Caroline Countryman | FORT RILEY, Kan. - National Counterintelligence and Security Center informs January is National Operations Security Awareness Month, a time for individuals, organizations, and government agencies to consider how to reduce the risks, threats, and vulnerabilities that may affect operations and risk compromise of personal information. (U.S. Army Graphic by Caroline Countryman, Fort Riley Public Affairs Office)  see less | View Image Page

FORT RILEY, KANSAS, UNITED STATES

01.13.2023

Story by Caroline Countryman 

Fort Riley Public Affairs Office

✔ ✗ Subscribe

10

FORT RILEY, Kan. - January is National Operations Security Awareness Month, a time for individuals, organizations, and government agencies to consider how to reduce the risks, threats, and vulnerabilities that may affect operations and risk compromise of personal information.

According to the National Counterintelligence and Security Center, the U.S. military first used the phrase OPSEC after the Vietnam War. The enemy was putting seemingly harmless, unprotected information together to learn U.S. military operations in advance. The adversary was able to gather and use information due to predictable behavior, a lack of communication discipline, and the unnecessary sharing of information. Today, OPSEC is a systematic and established security discipline for preventing adversaries from collecting, analyzing, and exploiting information, including capabilities and intentions.

In addition from the NCSC, intelligence is collected and analyzed through publicly available data. An adversary's actions can yield fatal results if they consolidate enough exposed knowledge about operations, capabilities, or other vital information. This adversary could be a competitor, criminal enterprise, terrorist group, or foreign nation. An organization's overall security can be significantly enhanced by taking the appropriate measures to make it more difficult for adversaries and competitors to gather unclassified and seemingly innocent information. OPSEC must be a continuous cycle that is integrated into an organization's overall security strategy.

The OPSEC process denies critical information to an adversary. The National Operations Security Program Office has developed a five-step process:
1 – Identify Critical Information: Examples of critical information can include military operations, deployment dates, location, travel itineraries, social security numbers, banking information and card numbers.
2 – Identify Threats: Threats can include actions by adversaries such as using the internet to collect data, going through trash, social media websites, observation of actions to detect patterns to predict behaviors and using people to collect information.
3 – Analyze Vulnerabilities: Vulnerabilities can include forgetting an ID badge, posting sensitive information online, discussing sensitive information in public or over the phone, and using a device, application or service with geolocation capabilities.
4 – Assess Risks: It is imperative to assess how likely an adversary would be to collect, analyze and exploit critical information, because it can negatively impact the mission safety.
5 – Apply OPSEC Countermeasures: Examples of countermeasures include knowing what Fort Riley leaders consider critical information, being aware of surroundings, understanding OPSEC, using social media with caution by limiting the amount of personal information posted and being aware of information put out in emails, online, in phone conversations, photos and open conversations in public.

“We need to remember OPSEC is something we should be practicing daily. If we are always cautious about what breadcrumbs that we are leaving out there, the chance of adversaries picking up the information is diminished” said the Fort Riley Garrison Protection Office. “During National OPSEC Awareness Month, take the opportunity to learn more about OPSEC, understand its role in securing your organization, and how that understanding can benefit you personally.”

From the Fort Riley Garrison Protection Office, the process of OPSEC can protect individuals, their families, and other loved ones. The practice of OPSEC instills security principles and a healthy skepticism in everyday settings. People today face a wide range of possible threats connected to technology, personal security, and finances. Critical family information to protect would be home addresses and phone numbers, birthdates, driver’s license numbers, medical records, family routines and bank information. The same OPSEC mindset and process that protects government agencies, and military units can help individuals reduce their own vulnerabilities.

For more information, tools, and awareness about OPSEC, contact the Fort Riley Installation OPSEC Program Office at (785)239-6767 or visit https://www.dni.gov/index.php/safeguarding-science/operations-security.