OPSEC . A process of - PowerPoint Presentation

OPSEC. A process of identifying critical information and analyzing friendly actions attendant to military operations and other activities to: identify those actions that can be observed by adversary intelligence systems; determine indicators and vulnerabilities that adversary intelligence systems might obtain that could be interpreted or pieced together to derive critical information in time to be useful to adversaries, and determine which of these represent an unacceptable risk; then select and execute countermeasures. OPSEC assessment. An evaluative process of an organization, operation, activity, exercise, or support function to determine if sufficient countermeasures are in place to protect critical information. This term and its definition are approved for inclusion in the next edition of Reference (k). What’s wrong with this picture? OPSEC

UPAR Responsibilities Enforce OPSEC in all UPAR ProductsEnforce OPSEC amongst your peersEducate fellow service members on OPSEC for their personal social media sites

Steps to Identify OPSECIdentify Critical InformationAnalyze the threatAnalyze the vulnerabilityAssess the riskApply CountermeasuresSoldiers serving on border mission – what’s wrong with picture?

What is the enemy looking for?“Information about government personnel, officers, important personalities, and all matters related to them (residence, work place, times of leaving and returning, and children).” - Al Qaeda Handbook

What Information Should We Protect? (Critical Information)Military movements (deployment/redeployment dates, dates of field exercises, flight information etc.)… next Tuesday IS a specific date Using timeframes – Deploying next spring – is OKAny issues with the unitAnything concerning securityAvoid pictures with Afghan children (PII)Equipment issues (what, no flak vests?)Locations of units (it’s OK to say they’re in Afghanistan, but not to say that your spouse's battalion is at 14th and Ramadan in Tora Bora) i.e. CELL PHONESKIAs, WIAs – DO NOT POST ABOUT THIS ON FACEBOOK! COMMON SENSE

TMD Critical Information

OPSEC Countermeasures

10 or less – Publish IAW unit publishing guidelines11-15 – Review with PA OPSEC manager to mitigate concerns prior to publishing16 or greater – Review with PA OPSEC manager & State PAO to mitigate concerns and determine if product should be publishedOPSEC Countermeasures

OPSEC CountermeasuresBe careful what you post on social media sites (Facebook, Instagram, web-pages).Be careful what you post elsewhere (i.e. bumper stickers)

OPSEC CountermeasuresTake a close look at all privacy settings. Set security options to allow visibility to “friends only.”Do not reveal sensitive information about yourself such as schedules and event locations.Ask, “What could the wrong person do with this information?” and “Could it compromise the safety of myself, my family or my unit?”Closely review photos before they go online. Make sure they do not give away sensitive information which could be dangerous if released.Make sure to talk to family about operations security and what can and cannot be posted.Videos can go viral quickly, make sure they don’t give away sensitive information.

E-mail can be intercepted and read by an adversary, unless it’s encrypted.MS Outlook can encrypt e-mail with a digital certificate.Other encryption is also an option. OPSEC Countermeasures

Telephones are NOT secure! Cell phones, cordless phones and land-lines can all be compromised. Face to Face contact is! Limit what you discuss on the phone because you never know who could be listening in on you. OPSEC Countermeasures

To Summarize

Now repeat after me…

Questions?There is a fine line between posting too much information and not enough. We need YOU to help keep your unit right in the middle.