OPERATIONS SECURITY 16 August August 2004

OPERATIONS SECURITY 31 December 2003

VGT 1 OPERATIONS SECURITY RE:AR 530-1, CH 1 Is the process of analyzing friendly actions pursuant to military operations and other activities.   OPSEC maintains essential secrecy, which is the condition achieved by the denial of critical information to adversaries.  not  OPSEC is an operations function and not a security function which protect classified information. At battalion level the S-3 is the staff proponent for OPSEC, he implements other OPSEC measures to maintain surprise and security.   OPSEC applies during peace, crisis, and war to all Army operations and support activities.

VGT 2 5 STEPS IN THE OPSEC PROCESS RE:AR 530-1, CH Identification of Critical Information 2. 2.Analysis of Threats 3. 3.Analysis of Vulnerabilities 4. 4.Assessment of Risks 5. 5.Application of Appropriate Countermeasures

VGT 3 (1)Identification of Critical Information para 3-4 The purpose of this step is to determine what needs protection.   Identify questions the enemy may ask (5Ws + 1H)   Facts about your intentions, capabilities, limitations   Commander’s EEFIs, samples in appendix C   Information concerning protected person(s)   Operational and Tactical information (OPORD)   Test materials used in an academic environment   Sensitive Information FOUO/Classified Information The TF commander approves EEFI list. Identify the length of time critical information needs protection. The TF commander approves EEFI list.

VGT 4 (2)Analysis of Threats (2)Analysis of Threats para3-5 The purpose of this step is to identify all vulnerabilities and/or indicators.   A vulnerability exists when an adversary can collect an indicator, correctly analyze the information, make a decision, and take timely actions to degrade friendly operations.   Indicators are data derived from open sources or from detectable actions that an adversary can piece together or interpret to reach conclusions or estimates concerning friendly intentions, capabilities or activities.  OPSECindicators.  Examine each part of the OPORD/FRAGO to find OPSEC vulnerabilities/indicators.

THREAT COLLECTION EFFORTS App E   Human Intelligence (HUMINT) Overt, Covert and Clandestine   Open Source Intelligence (OSINT) ( New update )   Imagery Intelligence (IMINT)   Signal Intelligence (SIGINT)

VGT 6 3 TYPES OF INDICATORS App B-1, B-2 1.PROFILE 1.PROFILE- Activity patterns and signatures that shows how your activities are normally conducted. DEVIATION 2. DEVIATION- Profile changes which helps an adversary learn about your intentions, preparations, time and place. 3.TIP-OFF 3.TIP-OFF- Actions that warn or shows an adversary of friendly impending activity.

Characteristics of an Indicator Signature Signature= an identifiable trace or something that causes it to stand out. Associations Associations= compares current with past indicator information for relationship. Profiles Profiles= other indicators that have not been observed or detected. Contrast Contrast= only needs be recognized not understood. Exposure Exposure= duration, repetition, and timing of exposed indicator. VGT 7

(3)Analyze the Vulnerabilities (3)Analyze the Vulnerabilities para 3-6 The purpose of this step is to identify possible OPSEC measures for each vulnerability/indicator. OPSEC measures are methods and means to gain and maintain essential secrecy about critical information using: 1.Action Control: 1.Action Control: Select a COA, impose restraints on actions and determine the 5Ws +1H for actions necessary to accomplish collective/individual tasks. 2.Countermeasures a Diversions, Camouflage, Concealment, Jamming, Deception, Police Powers and Force. 2.Countermeasures attack the adversaries collection efforts using Diversions, Camouflage, Concealment, Jamming, Deception, Police Powers and Force. Counteranalysis 3. Counteranalysis provides a possible alternate analysis for an indicator. Confuse the adversary analyst through deception. VGT 8

(3)Analyze the Vulnerabilities (3)Analyze the Vulnerabilities para 3-6 The purpose of this step is to identify possible OPSEC countermeasures for each vulnerability/indicator.   Select two OPSEC countermeasures for each vulnerability/indicator.   Some countermeasures interact and may apply to more than one vulnerability/indicator.   Assess the sufficiency of routine security measures (PerSec, PhySec, InfoSec, ComSec). These will provide OPSEC countermeasures for residual vulnerabilities/indicator. VGT 9

(4) Assessment of Risks (4) Assessment of Risks para 3-7 This step is to select the OPSEC countermeasures for implementation.   The leader balance risking operational success/failure versus selecting the right/wrong OPSEC countermeasures.   Check interaction of select OPSEC countermeasures.   Coordinate select OPSEC countermeasures with lateral units and bring attach leaders into your briefings.   The TF commander may decide on a “no-measures” alternative. VGT 10

VGT 11 (5)Application of appropriate countermeasures para 3-8 Apply the select countermeasures, (directed by the TF commander or recommended by PLD) to the operation or incorporate into plans for future operations.   Emphasize the adverse results if failure to maintain effective OPSEC.   Implement countermeasures first on indicators requiring immediate action or as directed by the TF commander.   Document the measures or state “no-measures” alternative.   Monitor each countermeasures before and during execution, evaluate effectiveness.   Recommend to improve effectiveness of countermeasures or select new measures when new vulnerabilities develop.

VGT 12 REVIEW   Define OPSEC   Define the 5 steps in the OPSEC Process   Define the 4 Threats Capabilities   Define the 3 Indicators