Toni Fink | Directorate of Plans, Training, Mobilization and Security
Operations Security (OPSEC) is a term often heard in the military en-vironment, but do you understand what OPSEC is or what your responsibilities are as a service member, civilian or contractor?
The official military definition of OPSEC is “the process by which a person protects information that can be used by the enemy against them, with the end goal of ensuring a safe and se-cure environment.”
The OPSEC process consists of five steps that provide a framework to identify, analyze and protect sensitive information.
1. Identification of critical information
2. Analysis of threats
3. Analysis of vulnerabilities
4. Assessment of risk
5. Application of OPSEC measures
OPSEC is the responsibility of everyone. Each service member, civilian and contractor has a responsibility to implement OPSEC in his/her daily operations.
“Proper Operations Security is critical to protecting our forces, ensuring our mission success and implementing the National Defense Strategy. History is full of examples of poor OPSEC leading to the unnecessary loss of life and mission failure, and it can mean the difference between our winning and losing as we face great power competitors that will not hesitate to exploit and weaponize information,” the secretary of Defense released in a memorandum July 21, 2020, entitled, “Reinforcing Operations Security and the Importance of Preventing Unauthorized Disclosures.
”The secretary of Defense’s memorandum went on to state, “Ongoing reviews reveal a culture of insufficient OPSEC practices and habits within the DoD. My goal, through an OPSEC campaign, is to change that culture across Department of Defense by re-minding Department of Defense personnel to:
Be deliberate and careful with all classified, controlled unclassified and predecisional policy information and proposals. Just because someone has a clearance, or previously worked for DoD, does not mean they have a need to know. You must protect non-public information appropriately when communicating with any party, including ensuring that the person receiving the information is authorized access and has a need-to know or lawful government purpose for such information prior to any disclosure.
Comply with DoD policies regarding public disclosures. Ensure that an appropriate DoD Public Affairs office authorizes the release of official DoD information to the news media, or that information is released according to appropriate procedures (e.g., Freedom of Information Act).
Comply with all prepublication review policies, with which you are required to comply even after you re-tire, resign or are dismissed from your
government service or contract.
Comply with security clearance-related obligations to report certain contacts to your security offices.
Review current DoD-wide and organization-specific OPSEC and traditional security practices, and ensure compliance with those procedures.”
Be smart, safe and practice good OPSEC!