Protecting your sensitive and proprietary information form adversaries is vital to your company and mission success. Whether you are a major DoD contractor, a small company or one of our police and fire department public safety organizations (our country’s first responders to terrorism), inadvertent compromise of your activities, capabilities, or intentions, can significantly reduce operational effectiveness. Operations Security (OPSEC) is a systematic and proved process by which you can deny to potential adversaries information about capabilities and intentions by identifying, controlling, and protecting these sensitive activities.
OPSEC is an analytical process involving five steps: identification of critical information, analysis of threats, analysis of vulnerabilities, assessment of risks, and application of appropriate countermeasures. The process begins with an examination of the totality of an activity to determine what exploitable evidence could be acquired in light of the known collection capabilities of potential adversaries. Such evidence usually derives from easily available open source material. Certain indicators may be pieced together or interpreted to discern critical information. Indicators most often stem from the routine administrative, physical, or technical actions taken to prepare for or execute a plan or activity. Once identified, they are analyzed against the threat to determine the extent to which they may reveal critical information. Then you can use these threat and vulnerability analyses in risk assessments to assist in the selection and adoption of countermeasures.
ForensIQ can provide the necessary consultation and training you need to secure your most sensitive information. The following are a list of those products and services:
Operations Security assessment: A thorough evaluation of the effectiveness of a customer’s implementation of OPSEC methodology, resources, and tools. Assessments (a) are used to evaluate the effectiveness of the customer’s corporate level OPSEC program and (b) can be used at the program level to determine whether or not a program is a viable candidate for an OPSEC survey.
Operations Security survey: The application of OPSEC methodology at the program level. It is a detailed analysis of all activities associated with a specific operation, project or program in order to determine what exploitable evidence of classified or sensitive activity could be acquired in light of the known collection capabilities of potential adversaries.
Operations Security plan: A strategy that analyzes an operation or activity and includes specific operations security measures.
Operations Security program: An OPSEC program is the vehicle by which the principles and practices of OPSEC are employed within an organization.
Operations Security working group: A (normally formally) designated body representing a broad range of line and staff activities within an organization that provides OPSEC advice and support to leadership and all elements of the organization.
Operations Security Awareness presentation: A one hour awareness presentation delivered to your personnel, to make them aware of what your sensitive information is and how to protect it. See Tom Mauriello’s presentation, “OPSEC — An Out of Body Experience,” for further information on this service and how to schedule it for your company click here.