OPSEC: Identify Critical Info, Analyze Threats & Vulnerabilities, Apply Countermeasures, Lecture notes of Decision Making

Download OPSEC: Identify Critical Info, Analyze Threats & Vulnerabilities, Apply Countermeasures and more Lecture notes Decision Making in PDF only on Docsity!

04 January 2012

Operations Security

Joint Publication 3-13.

II-

CHAPTER II

THE OPERATIONS SECURITY PROCESS

1. General

a. OPSEC planning is based upon the OPSEC process. This process, when used in conjunction with the joint planning process, provides the information required to write the OPSEC section of any plan or order. OPSEC planning is done in close coordination with the overall IO planning effort.

b. The OPSEC process is applicable across the range of military operations. Use of the process ensures that the resulting OPSEC countermeasures address all significant aspects of the particular situation and are balanced against operational requirements. OPSEC is a continuous process. The OPSEC process (Figure II-1) consists of five distinct actions: identification of critical information, analysis of threats, analysis of vulnerabilities, assessment of risk, and application of appropriate OPSEC countermeasures. These OPSEC actions are applied continuously during OPSEC planning. In dynamic situations, however, individual actions may be reevaluated at any time. New information about the adversary’s intelligence collection capabilities, for instance, would require a new analysis of threats.

c. An understanding of the following terms is required before the process can be explained.

(1) Critical Information. These are specific facts about friendly intentions, capabilities, and activities needed by adversaries to plan and act effectively against friendly mission accomplishment.

(2) OPSEC Indicators. Friendly detectable actions and open-source information that can be interpreted or pieced together by an adversary to derive critical information.

(3) OPSEC Vulnerability. A condition in which friendly actions provide OPSEC indicators that may be obtained and accurately evaluated by an adversary in time to provide a basis for effective adversary decision making.

2. Identify Critical Information

a. The identification of critical information is a key part of the OPSEC process because it focuses the remainder of the OPSEC process on protecting vital information

“Little minds try to defend everything at once, but sensible people look at the main point only; they parry the worst blows and stand a little hurt if thereby they avoid a greater one. If you try to hold everything, you hold nothing.”

Frederick the Great Instructions for His Generals, 1747

The Operations Security Process

II-

(1) Who is the adversary? (Who has the intent and capability to take action against the planned operation?)

(2) What are the adversary’s goals? (What does the adversary want to accomplish?)

(3) What is the adversary’s COA for opposing the planned operation? (What actions might the adversary take? Include the most likely COA and COA most dangerous to friendly forces and mission accomplishment.)

Figure II- 2. Examples of Critical Information

Examples of Critical Information

Shape

Model Joint Operation Phases

Deter

Seize the Initiative

Dominate

Stabilize

Enable Civil Authority

Negotiating positions Intelligence verification capabilities Forces available Targets Timing

Intentions Alert posture Military capabilities Forces assigned and in reserve Target selection

Intentions Military capability Critical communication nodes Forces assigned and in reserve

Forces assigned and in reserve Target selection Tactics, techniques, and procedures

Lines of communications Tactics, techniques, and procedures

Identity of military forces Military support of law enforcement Host-nation support Capabilities

Tactics, techniques, and procedures Logistic capabilities and constraints Critical communication nodes Exercise concept plans and operation plans

Tactics, techniques, and procedures Logistic capabilities and constraints Mobilization Purpose, targets and processing of intelligence collection

Target selection Tactics, techniques, and procedures Logistic capabilities and constraints

Logistic capabilities and constraints Critical communication nodes

Logistic capabilities and constraints Critical communication nodes

Third nation support Lines of communications Critical communication nodes Tactics, techniques, and procedures

Chapter II

II-4 JP 3-13.

(4) What critical information does the adversary already know about the operation? (What information is too late to protect?)

(5) What are the adversary’s intelligence collection capabilities?

(6) Who are the affiliates of the adversary, and will they share information?

4. Vulnerability Analysis

a. The purpose of this action is to identify an operation’s or activity’s vulnerabilities. It requires examining each aspect of the planned operation to identify any OPSEC indicators or vulnerabilities that could reveal critical information and then comparing those indicators or vulnerabilities with the adversary’s intelligence collection capabilities identified in the previous action. A vulnerability exists when the adversary is capable of collecting critical information, correctly analyzing it, and then taking timely action. The adversary can then exploit that vulnerability to obtain an advantage.

b. Continuing to work with the intelligence personnel, the operations planners seek answers to the following vulnerability questions:

(1) What indicators (friendly actions and open-source information) of critical information not known to the adversary will be created by the friendly activities that will result from the planned operation?

All personnel must understand the adversary’s capability to collect information and take operations security countermeasures to deny the use of that capability.

Chapter II

II-6 JP 3-13.

(1) OPSEC countermeasures may entail some cost in time, resources, personnel, or interference with normal operations. If the cost to mission effectiveness exceeds the harm that an adversary could inflict, then the application of the measure is inappropriate. Because the decision not to implement a particular OPSEC countermeasure entails risks, this step requires the commander’s approval. Critical intelligence operations and sources may be compromised if OPSEC countermeasures are applied. Some operations and collection methods/sources may be too important to be compromised if the adversary detects friendly OPSEC countermeasures.

(2) Typical questions that might be asked when making this analysis include the following:

(a) What effect is likely to occur if a particular OPSEC countermeasure is implemented?

(b) What impact to mission success is likely to occur if an OPSEC countermeasure is not implemented?

(c) What impact to mission success is likely if an OPSEC countermeasure fails to be effective?

(d) What additional indicators may be collected by the adversary if an OPSEC countermeasure is implemented?

(3) The interaction of OPSEC countermeasures should also be analyzed. In some situations, certain OPSEC countermeasures may actually create indicators of critical information. For example, camouflaging previously unprotected facilities can indicate preparations for military action.

d. The selection of measures must be coordinated with other capabilities of IO. Actions such as jamming of intelligence nets or the physical destruction of critical intelligence centers can be used as OPSEC countermeasures. Conversely, MILDEC and military information support operations plans may require that OPSEC countermeasures not be applied to certain indicators in order to project a specific message to the adversary.

For more detailed discussion on risk assessment, see DOD 5205.02-M , DOD Operations Security (OPSEC) Program Manual_._

6. Apply Operations Security Countermeasures

a. The command implements the OPSEC countermeasures selected in the risk assessment process or, in the case of planned future operations and activities, includes the measures in specific operations plans. Before OPSEC countermeasures can be selected, security objectives and critical information must be known, indicators identified, vulnerabilities assessed, and risks assessed.

The Operations Security Process

II-

b. A general OPSEC countermeasure strategy should be to:

(1) Minimize predictability from previous operations.

(2) Determine detection indicators and protect them by elimination, control, or deception.

(3) Conceal indicators of key capabilities and potential objectives.

(4) Counter the inherent vulnerabilities in the execution of mission processes and the technologies used to support them.

c. During the execution of OPSEC countermeasures, OPSEC personnel should establish measures of effectiveness (MOEs) and measures of performance (MOPs) to assess if their OPSEC analysis is correct.

(1) MOE. The adversary’s reaction is monitored to determine the countermeasures’ effectiveness and to provide feedback. As it has been indicated above, implementing OPSEC countermeasures should not reveal additional critical information. As a corollary to that, if an OPSEC countermeasure is identified by the adversary, that, in itself, may be enough to alert the adversary that a military operation is imminent.

(2) MOP. Provides OPSEC personnel a way to determine if OPSEC countermeasures are being properly implemented.

A key action during the operations security process is to analyze potential vulnerabilities to joint forces. It requires identifying any operations security indicators that could reveal critical information about the operation, such as increased troop movement.