JEB – Little Creek (Bldg 1126)

Slides:



Advertisements
Similar presentations
Surfing the net: Ways to protect yourself. Internet Safety Look into safeguarding programs or options your online service provider might offer. Look into.
Advertisements

Fleet & Family Support Ombudsman Program & Operations Security
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Naval OPSEC Support Team Navy Information Operations Command, Norfolk #Don’tDoThat: Social Media Trends.
Introduction to Operations Security (OPSEC) Updated 09/28/11 1 Security is Everyone's Responsibility – See Something, Say Something!
NEW YORK NATIONAL GUARD FAMILY PROGRAMS Offered & presented by CW2 Walker Family Programs OPSEC Program Manager.
OPSEC Countermeasures Michael Chesbro DES OPSEC Officer OPSEC Countermeasures Michael Chesbro DES OPSEC Officer.
TLO 2: Action: Plan operational security. Intermediate-level training.
UNCLASSIFIED. Your loved one has the training, leadership and equipment needed to perform the mission and come back home to you. But did you know that.
Computer Security: Principles and Practice
One Team, One Fight One Mission Presented by the Ordnance Center & Schools Security Office.
Military families and Operational Security. Family members are vital to the success of our military. You may not know it, but you play a crucial role.
SEC835 Database and Web application security Information Security Architecture.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
UNCLASSIFIED VP-4 Skinny Dragons Operations Security (OPSEC) and Social Networking.
Following the terrorist attack on September 11, 2001 the President declared a national emergency … Secretary of Defense Donald Rumsfeld cautioned on the.
Presented by the 1st Information Operations Command.
Operations Security (OPSEC) Introduction  Standard  Application  Objectives  Regulations and Guidance  OPSEC Definition  Indicators.
Provided by OSPA ( OPSEC for Families Presented by: (Presenter’s Name)
Operational Security PCC. VII-F.1.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Provided by OSPA ( Vulnerabilities and Indicators The OPSEC Process, step 3 Presented by: (Presenter’s Name)
Topic 5: Basic Security.
Visual 1. 1 Lesson 1 Overview and and Risk Management Terminology.
OPSEC & Social Media dd mmm yy Overall Classification of this Briefing is UNCLASSIFIED//FOUO FLTCYBERCOM / C10F    U.S. FLEET CYBER COMMAND / U.S. TENTH.
Operational Security Awareness
OPSEC for Families. Your loved one has the training, leadership and equipment needed to perform the mission and come back home to you. But did you know.
TSP 310-C , Phase II, OCS TSP 310-C , Phase II, OCS Implement OPSEC.
UNCLASSIFIED // FOR OFFICIAL USE ONLY CMD LOGO Operations Security (OPSEC) CMD LOGO Assessment in-brief DD MMM YYYY Presenter Contact information.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
FLTCYBERCOM / C10F    U.S. FLEET CYBER COMMAND / U.S. TENTH FLEET    1 Overall Classification of this Briefing is UNCLASSIFIED//FOUO Phishing.
Technological Awareness for Teens and Young Adults.
Cyber Security Foundations Part 1. Cyber Security defined:  Protects computer base information and equipment  Deals with confidentiality of data  Protects.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Overall Classification of this Briefing is UNCLASSIFIED//FOUO
Internet Safety.

Headquarters U.S. Air Force
Policies Controlling Risk
EAST BEACH NEIGHBORHOOD CRIME WATCH (EBNCW)
Creating your online identity
Headquarters U.S. Air Force
OPSEC & Social Networking dd mmm yy
Operations Security (OPSEC) For New Hires
Information Security.
NSASB FRG Training Code of Conduct & OPSEC.
A Thread Relevant to all Levels of the EA Cube
CMD LOGO Operations Security (OPSEC) Assessment out-brief Presenter
Command Indoctrination
Overall Classification of this Briefing is UNCLASSIFIED
Unit 7 – Organisational Systems Security
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
OPSEC and Social Media DD MMM YY
OPSEC General Military Training DD MMM YY
Command Indoctrination Operations Security DD MMM YY
Risk of the Internet At Home
Protecting Yourself from Fraud including Identity Theft
Operations Security (OPSEC)
CMD LOGO Operations Security (OPSEC) Assessment in-brief Presenter
Overall Classification of this Briefing is UNCLASSIFIED
Provided by OSPA ( OPSEC for Families Presented by: (Presenter’s Name) Provided by OSPA (
Topic 5: Communication and the Internet
Internet Social Media. Internet Social Media Benefits: Internet is a useful tool if utilized appropriately. Uses Benefits: Internet is a useful tool.

Cyber security and Computer Misuse
OPSEC and Wireless Communications DD MMM YY
Naval Leadership and Ethics Center
OPSEC General Military Training DD MMM YY
Command Indoctrination Operations Security DD MMM YY
Overview OPSEC Threat Critical Information Indicators Data Aggregation
Presentation transcript:

Fleet & Family Support Program Ombudsman & Operations Security DD MMM YY

JEB – Little Creek (Bldg 1126) Overview OPSEC Threat Critical Information Indicators Data Aggregation Vulnerabilities Risk Countermeasures Ombudsmen and OPSEC Social Media OPSEC@Navy.mil 757-417-7100 opsec@navy.mil JEB – Little Creek (Bldg 1126) 2555 Amphibious Drive Virginia Beach, VA 23459-3225

OPSEC A 5 step process that Identifies, controls and protects sensitive, critical unclassified information about a mission, operation or activity Assesses potential threats, vulnerabilities, and risk Utilizes countermeasures to mitigate an adversary's effectiveness against a friendly operation

Threat Capabilities and intentions of an adversary to undertake any action detrimental to the success of friendly activities or operations. Conventional Threats Military opponents Unconventional Threats Terrorism (foreign and domestic) Hackers Insiders (Spies) Thieves, stalkers, pedophiles There are several factors that help you determine the treat to your command or unit’s mission. Geography plays a large role in threat identification. Example: If you are in the Arabian Gulf, then MS-13 will probably not make your threat list. The best source to request threat information will be the N2 shop if the command has one and if not, NCIS MTAC.

What are they looking for? Names, photographs of important people Present/future operations Information about military facilities Location Number of personnel Ammo depot locations Dates and times of operations Family details Spouse, children Location of work, school

Critical Information Information we must protect to ensure success Information the adversary needs to prevent our success Capabilities Operations Personnel Security procedures

Family Critical Information Some examples of critical information that apply to your family life: Names and photos of you and your children Usernames and passwords Length and location of spouse’s deployment Social Security Numbers Credit card/banking information Significant dates (birthdays, anniversaries) Addresses and phone numbers Everyday schedules Travel itineraries

Indicators Friendly, detectable actions that reveal critical information and vulnerabilities Longer working hours Rehearsals Sudden changes in procedures Onloads Large troop movements Not all indicators are bad Indicators are signatures of an event or action an adversary can observe via collection methods available to them. Indicators can point to vulnerabilities and possibly reveal Critical Information.

Avoid Indicators This slide depicts common indicators for families.

Data Aggregation Information collection from multiple sources Open source collection provides enemy most of their intelligence Manchester Document: 80% of information collected is done so legally Internet Trash Media Small details put together give big picture Countermeasures are used to address vulnerabilities that an adversary may exploit to gain access to critical information. The objective is to lower the vulnerability rating which will in turn lower the risk level. The remaining risk is referred to as residual risk. The ultimate goal of countermeasures is to reduce Risk to the commanders acceptable level. Two things that must be considered when developing countermeasures are “Cost & benefit”.

Vulnerabilities Weakness the adversary can exploit to get critical information Some common vulnerabilities are: Lack of awareness Social networking Social engineering Data aggregation Technology Trash Poor policy enforcement Unsecure communications Like with anything, a vulnerability is something that can be exploited to cause damage or disruption. This slide is a list of the most common vulnerabilities a person or organization may experience.

Risk The probability an adversary will gain knowledge of your critical information and the impact if they are successful Impact: How much will it cost if your critical information is lost? Lives Mission Money Time How much are you willing to risk by displaying this indicator or not correcting that vulnerability? The Risk assessment step of the OPSEC process aids decision makers in understanding what aspects of an operation or mission could be compromised and how resources could be affected. The cost can be measured by what is shown on this slide. Always keep in mind that the “Commander” is the only only one who can accept risk, therefore will determine the acceptable level of risk.

Countermeasures Anything that effectively negates or reduces an adversary's ability to exploit vulnerabilities or collect & process critical information Hide/control indicators Vary routes Modify everyday schedules Influence or manipulate an adversary’s perception Take no action React too late Take the wrong action Countermeasures are used to address vulnerabilities that an adversary may exploit to gain access to critical information. The objective is to lower the vulnerability rating which will in turn lower the risk level. The remaining risk is referred to as residual risk. The ultimate goal of countermeasures is to reduce Risk to the commanders acceptable level. Two things that must be considered when developing countermeasures are “Cost & benefit”.

Ombudsmen and OPSEC Knowledge of command’s critical information Families must understand OPSEC process Educate the family members whenever possible Newsletters Meetings - Sailors bring home their command’s Critical Information. Family members must know what information they receive is critical and what is not. The easiest way to do ensure that family members are not posting Critical Information is to educate them. There are several ways to spread the OPSEC message across the FRG. If you maintain a newsletter, you can push the OPSEC message that way. Always have some sort of OPSEC training at any and all FRG meetings that you have, whether you do it or you request outside assistance (NOST). Family members protecting information is just as important as the service member protecting the information. Educate the families, especially teenagers that are active on social media.

Social Media Highly recommended Open groups on Facebook Monitor the site Never post PII Regularly check security settings Be careful using public wireless networks - Social media is the easiest way to communicate with large groups of people. It is highly recommended for ombudsmen to use Facebook and other social media sites to keep in touch the family members. Facebook is the easiest way to communicate with large groups of people at the same time. If an ombudsman is running a Facebook group, it is recommended to keep the group open. People think or assume that if a Facebook group is closed to the general public, it is unable to be seen by outsiders. This causes some people to think it is acceptable to post sensitive information. Adversaries could easily hack into the closed group to access the page. Also, anybody who shares a post from the closed group to their personal page has made it accessible to the general public. You should always know who is a member of your page. Block any suspicious followers to your pages. Obviously, never post PII on social media, whether it be a service member or family member. Also, never go into detail about your personal life on social media. The adversary could be watching your online activity. Don’t give him an opportunity to take advantage of you because of the information you provide on Facebook. Facebook changes or updates their security settings often. When an update occurs, it may change your security settings back to default, which isn’t very secure. Always keep an eye on this. Be very careful about your online activity when you are using a public wireless network (airport, hotel, coffee shop, etc), especially if you are overseas. Always assume the adversary is watching. Equipment can be easily obtained to monitor devices on public networks.

Summary OPSEC Threat Critical Information Indicators Data Aggregation Vulnerabilities Risk Countermeasures Ombudsmen and OPSEC Social Media

JEB – Little Creek (Bldg 1126) Questions www.navy.mil/OPSEC Naval OPSEC App Collaboration at Sea @NavalOPSEC Facebook.com/NavalOPSEC Youtube.com/USNOPSEC OPSEC@Navy.mil 757-417-7100 opsec@navy.mil JEB – Little Creek (Bldg 1126) 2555 Amphibious Drive Virginia Beach, VA 23459-3225

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.