Fandom

The IT Law Wiki

Operations security

32,191pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Definitions Edit

Computer crime Edit

Operations security (OPSEC) relates to

[o]peration of computers requires many controls. Isolation of sensitive computer production jobs to minimize exposure to modification, destruction, exposure, or unauthorized use especially separating production and testing activities, is essential. Computer system trouble logs and activity records must be kept and used. Magnetic tapes and disks and output documents must be appropriately identified, and copies must be made and kept safe for backup. Contingency and recovery plans must be prepared and tested. Employee identification on work products and other practices to assure worker trustworthiness must be carried out.[1]

Military Edit

Operations security (OPSEC) is a process of identifying critical information and subsequently analyzing friendly actions attendant to military operations and other activities to:

  1. identify those actions that can be observed by adversary intelligence systems;
  2. determine indicators that hostile intelligence systems might obtain that could be interpreted or pieced together to derive critical information in time to be useful to adversaries; and
  3. select and execute measures that eliminate or reduce to an acceptable level the vulnerabilities of friendly actions to adversary exploitation.[2]

Operations security (OPSEC) is the

[s]ystematic and proven process by which potential adversaries can be denied information about capabilities and intentions by identifying, controlling, and protecting generally unclassified evidence of the planning and execution of sensitive activities. The process involves five steps: identification of critical information, analysis of threats, analysis of vulnerabilities, assessment of risks, and application of appropriate countermeasures.[3]

Overview Edit

OPSEC contributes to offensive IO by slowing the adversary's decision cycle and providing opportunity for easier and quicker attainment of friendly objectives. OPSEC focuses on having a good understanding of the adversary decision maker's ability to collect reliable, adequate, and timely intelligence, and, when integrated with other capabilities, shapes to our advantage the adversary's knowledge and beliefs about a military's operations.

OPSEC denies the adversary critical information about friendly capabilities and intentions needed for effective and timely decision making, leaving the adversary vulnerable to other offensive capabilities. Early integration of OPSEC into mission planning is essential to reduce a friendly operation’s revealing indicators to a minimum and better target the adversary's decision making process.

References Edit

  1. Computer Crime: Computer Security Techniques, at ix.
  2. U.S. Department of Defense, Joint Pub. 1–02: DOD Dictionary of Military and Associated Terms (Apr. 2010) (full-text).
  3. CNSSI 4009.

See also Edit

Also on Fandom

Random Wiki