Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

OPSEC Program for Protecting Critical Information in Military Operations, Study Guides, Projects, Research of Logistics

The Operations Security (OPSEC) program for protecting critical information in military operations. It includes references to DOD Directives and Marine Corps Operations Security Programs, as well as instructions for developing OPSEC education and training programs. The document emphasizes the importance of identifying critical information and vulnerabilities, and implementing OPSEC measures to prevent enemy access.

Typology: Study Guides, Projects, Research

2021/2022

Uploaded on 09/27/2022

amodini
amodini ๐Ÿ‡บ๐Ÿ‡ธ

4.7

(19)

258 documents

1 / 25

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
UNITED STATES MARINE CORPS
MARINE CORPS LOGISTICS BASE
814 RADFORD BOULEVARD
ALBANY, GEORGIA 31704
BO
3070.1
OTD2000
APR
1 s
2mo
BASE
ORDER
3070.1
From:
To:
Subj:
Ref:
Encl:
Commanding
Officer
Distribution
List
OPERATIONS SECURITY (OPSEC)
(a)
DOD
Directive
5205.2,
DOD
Operations
Security
Program
(b)
Joint
Pub
3-13.3,
Joint
Doctrine
for
Operations
Security
(c)
MCO
3070.2_,
The
Marine
Corps
Operations
Security
Program
(d)
MARFORCOMO
3070.1,
Operations
Security
(1)
OPSEC
Terms
and
Definitions
(2)
The
OPSEC
Process
(3)
The
OPSEC
Assessment
(4)
Example
Format
for
Final
OPSEC
Assessment
Report
(5)
Examples
of
Critical
Information
1.
Situation
a.
The
current
security
environment
has
evolved
from
one
with
identifiable
adversarial
nation-states
to
one
with
less
identifiable
non-state
actors
and
terrorists.
Regardless
of
status,
these
adversaries
have
the
will
and
the
means
to
harm
U.S.
interests
at
home
and
abroad.
Rapid
advances
in
available,
affordable
information
technology
as
well
as
the
development
of
sophisticated,
aggressive
collection
organizations
demand
that
we
reconsider
what
information
can
be
used
to
compromise
on-
going
military
operations.
b.
The
protection
of
classified
information
remains
a
priority,
but
the
protection
of
unclassified
open
source
material
must
be
considered.
Methods
of
collecting
critical
pieces
of
information
may
include
Signals
Intelligence
(SIGINT)
,
Human
Intelligence
(HUMINT) ,
and
Open
Source
Intelligence
(OSINT),
to
name
a
few.
Today,
80
percent
of
collection
efforts
by
adversaries
are
directed
toward
open
source,
unclassified
information.
c.
In
many
cases,
classified
information
is
neither
essential
nor
necessary
to
build
an
accurate
intelligence
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19

Partial preview of the text

Download OPSEC Program for Protecting Critical Information in Military Operations and more Study Guides, Projects, Research Logistics in PDF only on Docsity!

UNITED STATES MARINE CORPS

MARINE CORPS LOGISTICS BASE 814 RADFORD BOULEVARDALBANY, GEORGIA 31704

BO 3070.

OTD

APR 1 s 2mo

BASE ORDER 3070.

From: To:

Subj:

Ref:

Encl:

Commanding Officer Distribution List

OPERATIONS SECURITY (OPSEC)

(a) DOD Directive 5205.2, DOD Operations Security Program (b) Joint Pub 3-13.3, Joint Doctrine for Operations Security (c) MCO 3070.2_, The Marine Corps Operations Security Program (d) MARFORCOMO 3070.1, Operations Security

(1) OPSEC Terms and Definitions (2) The OPSEC Process (3) The OPSEC Assessment (4) Example Format for Final OPSEC Assessment Report (5) Examples of Critical Information

  1. Situation

a. The current security environment has evolved from one with identifiable adversarial nation-states to one with less identifiable non-state actors and terrorists. Regardless of status, these adversaries have the will and the means to harm U.S. interests at home and abroad. Rapid advances in available, affordable information technology as well as the development of sophisticated, aggressive collection organizations demand that we reconsider what information can be used to compromise on- going military operations.

b. The protection of classified information remains a priority, but the protection of unclassified open source material must be considered. Methods of collecting critical pieces of information may include Signals Intelligence (SIGINT) , Human Intelligence (HUMINT) , and Open Source Intelligence (OSINT), to name a few. Today, 80 percent of collection efforts by adversaries are directed toward open source, unclassified information.

c. In many cases, classified information is neither essential nor necessary to build an accurate intelligence

APR 1 5 ยท?

picture of what our military forces are doing. Using the assortment of easily obtained, unprotected information, our objectives can be determined and a plan can be developed to deny us those objectives. Now, more than ever, each Marine, Sailor, and civilian Marine must be aware of his or her responsibility to protect unclassified, but potentially useful, information from those who would harm this nation and its military forces.

  1. Mission. Marine Corps Logistics Base, Albany (MCLBA) will implement an OPSEC program in order to protect critical information from exploitation by any adversary seeking to obstruct or deny the success of our military operations.
  2. Execution

a. Commander's Intent and Concept of Operations

(1) Commander's Intent. To deny potential adversaries access to information that could be useful in developing actions intended to be disruptive to military operations. This will be accomplished by:

(a) Implementing OPSEC programs and policies for MCLBA;

(b) Educating Marines, Sailors, civilian Marines, and contractors at all levels in order to raise awareness and increase control over available information;

(c) Requiring both military and civilian directors, managers and supervisors at all levels, to reinforce the importance of good OPSEC practices with their subordinates. All personnel must adhere to the OPSEC policies designed and implemented to protect our information from exploitation. End state: deny potential adversaries access to critical information by eliminating or mitigating existing vulnerabilities.

(2) Concept of Operations. References (a) through (d), provide specific guidance for OPSEC plans, program development and establishment. MCLBA will achieve the Commanding Officer's intent by developing and implementing OPSEC programs based on the references listed. MCLBA will also share their OPSEC concerns with Public Affairs and family members to reduce inadvertent disclosures. An annual OPSEC assessment will ensure that the MCLBA program receives regular command attention and is continually evaluated in order to remain relevant to command needs. By implementing

APR 1 5 2010

  1. Ensure all personnel are provided OPSEC education and awareness training annually.
  2. Develop a program for ensuring newly joined personnel are provided OPSEC education.
  3. Ensure education and awareness program stresses the importance and role of family in OPSEC.

(m) Conduct assessment annually of OPSEC program effectiveness utilizing the CGRI checklist (to be distributed via separate correspondence) as well as references (a) through (d).

(2) Command Inspector General

(a) In conjunction with the OPSEC Program Manager, create an OPSEC Inspection Checklist utilizing the inspection checklist found in reference (c) as a guide.

(b) Incorporate OPSEC as a functional area to be inspected during Commanding General's Readiness Inspections (CGRI).

(3) Directors and Special Staff Sections

(a) Serve as a member of OPSEC Assessment Team when required.

(b) Provide representation to the OPSEC working group as required by the OPSEC Program Manager.

c. Coordinating Instructions

(1) At a minimum, the following will be included as part of MCLBA OPSEC education programs:

(a) Navy OPSEC Course; http://www.nioc- norfolk.navy.mil/

(b) DoD 2400 Course; http://www.dss.mil/

(c) OPSE 2380-2390 Course; http://www.ioss.gov/

(d) Army OPSEC Planner's Course; https://www.1stiocmd.army.mil/

APR 1 s 70! (2) MCLBA Program Manager will attend a resident course within 90 days of appointment.

(3) OPSEC Program Manager and Coordinators will complete an OPSEC Fundamentals Course within 30 days of appointment. The course is available on-line. It is listed as "CBT 1301" and is available at the Navy Information Operations Command website; https://www.nioc-norfolk.navy.mil/operations/opsec/main.shtml. Copies of this course can be obtained by emailing the following organizational mailbox, opsec@navy.mil or by mailing a request to: Navy Information Operations Command, ATTN: OPSEC, 2555 Amphibious Drive, Norfolk, VA 23521

(4) Minimum annual OPSEC training requirements for all personnel are:

  1. An overview of the OPSEC process.
  2. Defining OPSEC and its relationship to the command's security programs.
  3. Reviewing the command's current critical information list.
  4. Reviewing the list of the command's personnel fulfilling OPSEC responsibilities for situational awareness.

(5) Enclosure (1) is provided as a list of common OPSEC definitions.

(6) Enclosure (2) is provided as an explanation and outline of the OPSEC Process.

(7) Enclosure (3) describes how assessments may be conducted.

(8) Enclosure (4) is provided as an example format of a Final OPSEC Assessment Report.

(9) Enclosure (5) is provided as examples of Critical Information.

(10) MCLBA will submit an annual report, based on fiscal-year time period, detailing their OPSEC program. Guidance on the format and submission date for this report will be released via separate correspondence.

OPSEC Terms and Definitions

15 Apr 10

  1. This enclosure contains common use terms and definitions associated with OPSEC and are provided for a clearer understanding of OPSEC as well as assisting with the OPSEC Program creation process.

a. Critical Information. These are specific facts about friendly intentions, capabilities, and activities vitally needed by adversaries for them to plan and act effectively so as to guarantee failure or unacceptable consequences for friendly mission accomplishment.

b. Excessive OPSEC. Excessive OPSEC can degrade operational effectiveness by interfering with activities such as coordination, training, and logistical support. Military operations are inherently risky, and the commander must evaluate each activity and operation, and then balance required OPSEC measures against operational needs. Using the OPSEC process will help commanders assess the risk and apply appropriate OPSEC measures.

c. Essential Elements of Friendly Information(EEFI). EEFI is a term used extensively throughout the Marine Corps and is defined as "Key questions likely to be asked by adversary officials and intelligence systems about specific friendly intentions, capabilities, and activities, so they can obtain answers critical to their operational effectiveness."

d. OPSEC Assessments. An OPSEC assessment is an examination of an operation or activity to determine if adequate protection from adversary intelligence exploitation exists. The OPSEC assessment is used to verify the effectiveness of OPSEC measures and determine if critical information is being protected. An assessment cannot be conducted until after critical information has been identified. Without understanding critical information which should be protected, there can be no specific determination that OPSEC vulnerabilities exist.

e. OPSEC Measures. These are actions taken to reduce the probability of an enemy from either collecting OPSEC indicators or to correctly analyze their meaning.

f. OPSEC Process. OPSEC planning is accomplished through the OPSEC Process. This has five steps which are usually applied in a sequential order. In dynamic situations, the steps

Enclosure (1)

15 Apr 10

may be revisited at any time to adjust to new threats or information. Enclosure (2) provides a detailed explanation of the OPSEC Process.

g. OPSEC Program Managers and Coordinators. Program Managers are personnel who have OPSEC duties as their primary job. Coordinators are personnel who perform OPSEC functions as an additional duty. Commanders will use their discretion in determining whether they require OPSEC Program Managers or Coordinators to fulfill their responsibilities.

h. OPSEC Working Groups. These are teams of personnel with representatives from the different elements of the command's organization designed to assist the command with OPSEC matters and its program.

i. Threat. A threat is any individual or organization that seeks to do harm by interrupting ongoing military operations or activities. In order to be classified a threat two conditions must be satisfied:

(1) An intent to do harm must exist.

(2) A capability to do harm must exist.

If both conditions cannot be met than a threat does not exist.

j. Vulnerability. This is a condition in which friendly actions provide OPSEC indicators that may be obtained and accurately evaluated by an adversary in time to provide for a basis for effective adversary decision-making.

k. Indicator. These are friendly detectable actions and open sources of information that adversary intelligence systems can potentially detect or obtain and then interpret to derive friendly critical information.

  1. Many of these terms are further subdivided into categories. Their definitions can be found in references (a) through (d).

15 Apr 10

(5) What critical information does the enemy already know?

(6) What critical information is it too late to protect?

(7) What are the enemy's intelligence collection capabilities?

(8) How does the enemy process and disseminate their collected data?

c. Step 3: Analysis of Vulnerabilities. This action identifies an operation's or activity's vulnerabilities. This requires examining the parts of the planned operation and identifying OPSEC indicators that could reveal critical information. Vulnerabilities exist when the enemy is capable (with the available collection and processing assets) of observing an OPSEC indicator, correctly analyzing it, and then taking appropriate and timely action. The commander will need answers to questions such as these:

(1) What OPSEC indicators of critical information not known to the enemy will be created by friendly actions that result from the planned operation or activity?

(2) What OPSEC indicators can the enemy actually collect?

(3) What OPSEC indicators can the enemy actually use to our disadvantage?

d. Step 4: Assessment of Risk. This step essentially has two components. First, planners analyze the identified vulnerabilities and then identify possible OPSEC measures against them. Second, specific OPSEC measures are selected for execution based on the risk assessment done by the commander and staff.

(1) OPSEC Measures can be used to:

(a) Prevent the enemy from detecting an OPSEC indicator.

(b) Provide an alternate analysis of an indicator from the enemy viewpoint (deception).

(c) Directly attack the enemy's collection system(s).

include:

15 Apr 10

(2) Besides physical destruction, OPSEC measures can

(a) Concealment and camouflage.

(b) Deception (across all aspects of operations and Information Operations).

(c) Intentional deviations from normal patterns; and conversely, providing a sense of normality.

(d) Practicing sound information security, physical security, and personnel security.

(3) More than one OPSEC measure may be identified for each vulnerability and one OPSEC measure can be identified for multiple vulnerabilities. Primary and secondary OPSEC measures can be identified for single or multiple OPSEC indicators. OPSEC measures are most effective when they provide the maximum protection while minimally effecting operational effectiveness.

(4) Risk assessment involves comparing the estimated cost (time, effort, resource allocation, and money) of implementing an OPSEC measure to the potential effects on mission accomplishment resulting from an enemy exploiting a particular vulnerability. Questions to ask include:

(a) What is the risk to mission effectiveness if an OPSEC measure is taken?

(b) What is the risk to mission effectiveness if an OPSEC measure is not taken?

(c) What is the risk to mission effectiveness if an OPSEC measure fails to be effective?

(d) Will the cost of implementing an OPSEC measure be too much as compared to the enemy's exploitation of the vulnerability?

(e) Will implementing a particular OPSEC measure create an OPSEC indicator? Will it create an OPSEC indicator that you want the enemy to see (e.g., deception)?

(f) Do we even have the capability to implement the OPSEC measure? If we do, can the assets under our control

15 Apr 10

(g) Do we need to devise new OPSEC measures to replace ineffective OPSEC measures?

(h) Have we identified new requirements, or unforeseen OPSEC indicators that will need new OPSEC measures? Again, this is dynamic process, and previous steps may have to be revisited.

(2) In addition to ongoing operations, feedback provides information for OPSEC planning for future operations through lessons learned.

(3) The OPSEC Assessment is an excellent method and tool for providing feedback on the effectiveness of OPSEC measures.

The OPSEC Assessment

  1. General. The purpose of the OPSEC Assessment is to thoroughly examine an operation or activity to determine if adequate protection from adversary intelligence exploitation exists. The operation or activity being assessed uses OPSEC measures to protect its critical information. The OPSEC assessment is used to verify the effectiveness of OPSEC measures. The assessment will determine if critical information identified during OPSEC planning process is being protected. An assessment cannot be conducted until after an operation or activity has at least identified its critical information. Without a basis of critical information, there can be no specific determination that actual OPSEC vulnerabilities exist.
  2. Requirement

a. At a minimum, each command will conduct an annual Command Assessment using the Inspector General's Checklist criteria.

b. Any command may request a Formal Assessment after they have completed their internal assessment.

  1. Two Types of Assessments

a. Command Assessment. Concentrates on events within the command and is normally performed by using only personnel assigned to the command being reviewed. The majority of assessments will be this type. The scope of these assessments can vary depending on the commander's guidance. Recognizing that an all-encompassing assessment would levy a high burden on a typical command, commanders are encouraged to develop an approach in which functions are routinely evaluated, but done so over a period of time. For example, a commander could evaluate administrative OPSEC during one period, while evaluating website OPSEC on the next period.

b. Formal Assessment. Is composed and conducted by members from within and outside the command. The formal assessment will often cross command lines and needs to be coordinated appropriately. Formal assessment are normally directed by higher headquarters to subordinate echelons, but may be requested by subordinate commands. These formal assessments are typically large scale endeavors requiring large amounts of personnel (25+) and lead times in excess of four months.

  1. Each OPSEC Assessment is unique. This is due to the differing activities of varied units. Additional factors are the nature of the information to be protected, the enemy's

Enclosure (3)

15 Apr 10

e. Conduct Empirical Studies (if possible). An example would be to review results of preparations (workups) for a major operation or activity such as support operations for tenant operating forces, computer simulations, war games, sand table exercises, field exercises, and command post exercises. This may already be available from information used to complete step 3 of the OPSEC Process. These reviews can help the team identify vulnerabilities that cannot be determined through observation of the operation and interviews of personnel.

f. Develop a Functional Outline. Functional outlines for each functional area to be surveyed will be completed.

(1) Start by developing a timetable of events to occur. Comparing the event chronology with the known or projected threat intelligence collection capabilities can often identify vulnerabilities not previously identified. All of the functional chronologies can later be correlated to build the big picture of the operation.

(2) Next, use the chronology to build a functional outline. An example is provided on the next page. The functional outlines project a time-phased picture of events associated with the planning, preparation, execution, and conclusion of the operation. The outline provides an analytical basis for identifying events and activities that are vulnerable to enemy exploitation.

g. Determine the Vulnerabilities. Review of the OPSEC Plan, the projected enemy intelligence threat, the chronology of events, and any empirical studies will identify the potential OPSEC indicators. Friendly vulnerabilities can now be confirmed or identified.

h. Determine Procedures to Conduct the Assessment. Develop any SOP needed, including coordinating for free access to units and personnel. Determine if any training is required, or if members need familiarization with a particular functional area (if they do not have expertise in that area).

i. Announce the Assessment. Announce the assessment far enough in advance to allow the command to prepare for the assessment, and to support the assessment team. Include in the announcement:

(1) Assessment purpose and scope.

(2) List of team members and clearances.

(3) List of required briefing and orientations.

(4) Timeframe involved.

15 Apr 10

(5) Administrative or logistical support requirements.

(6) Any other details deemed pertinent.

  1. Example of a Functional Outline. The outline below can be applied to all the different functional areas such as intelligence, logistics, communications, operations, and administration and support.

a. Planned Event Sequence. The OPSEC Program or OPLAN and command/staff briefs form the basis for this timeline. This can be formulated using a lineal listing, a matrix, or another suitable method as required.

b. Actual Event Sequence. Observe and record events as they actually occur while surveying activities. Be especially cognizant of the information listed in paragraphs 10c(3) through 10c(5)of this enclosure.

c. Critical Information. List critical information that the command has identified in their OPSEC Program or OPLAN.

d. OPSEC Indicators. List OPSEC indicators of critical information that you expect to see based on review of the OPSEC Program or OPLAN and command/staff briefs prior to field assessment commencing.

e. OPSEC Measures. List the OPSEC measures developed in the OPSEC Program or OPLAN that you can expect to see during the assessment.

f. Analysis. Determine any OPSEC vulnerabilities through review of OPSEC Program, command/staff briefs, and actual activities/operations observed. You are looking for OPSEC indicators that can reveal critical information. This condition creates a vulnerability that can be exploited by the enemy. Are the identified OPSEC measures effective in protecting the critical information by preventing the enemy from collecting and accurately interpreting the OPSEC indicators?

  1. OPSEC Field Assessment Phase. This phase involves observing operations and activities, reviewing documents, and interviewing personnel. The following actions are required:

15 Apr 10

(5) Conduct a daily post brief among the assessment team. This is a chance to compare and correlate data, assess the functional outlines and refine as needed, and redirect team efforts or members as needed.

  1. Analysis and Reporting Phase

a. During this phase, the assessment team correlates and assesses the data collected in the field assessment phase.

b. Identify Vulnerabilities. Correlate and assess the data to identify vulnerabilities, those that were previously developed, and those that were identified during the field assessment. OPSEC indicators that were observed are identified as potential vulnerabilities. Again, vulnerabilities are conditions that the threat may be able to exploit to reveal critical information. The key characteristics of vulnerabilities are observable OPSEC indicators, and the threat's ability to collect or observe the indicators. The ability of the threat to effectively exploit the vulnerability in a timely manner indicates the actual risk to friendly forces.

c. OPSEC Assessment Report. The report is generated, addressed, and delivered to the Commander of the operation/activity surveyed. A suggested format is included in enclosure (4). Format for findings can be presented in chronological order, order of significance, or grouped into the different functional areas. The report should discuss:

(1) Observed OPSEC indicators.

(2) Ability of the enemy to collect and process the indicators.

(3) Vulnerabilities identified.

(4) Analysis of the vulnerability's risk to the command's operations. (5) Recommended OPSEC measures or modification to existing OPSEC measures.

(6) Answer the question: Is the critical information being protected?

(7) Care must be taken to ensure the appropriate level of classification is given to discussions of vulnerabilities, and recommended OPSEC measures.

15 Apr 10

Example Format for Final OPSEC Assessment Report

  1. Overview

a. Background. Address the purpose and scope of the OPSEC assessment.

b. Conduct of Assessment. Brief discussion of team composition, procedures used, units or commands visited, timeframes involved, and any problems encountered.

c. Critical Information. List the critical information identified in the OPSEC Program or OPLAN.

d. Threat. List the enemy intelligence collection capabilities.

  1. Findings, Analysis, Conclusions/Recommendations. This is the main body of this report. Discussions may be listed chronologically, by command, chronologically by commands, by the different functional areas, or a combination of all the above. Compress the recorded facts observed into the significant points. List the positive and negative points. The intent is to reinforce OPSEC that is working, and changing that which is not working or filling an existing void. The following is the suggested format for this section of the final report:

a. Observation. List the observed OPSEC indicators that could reveal identified information. This will include previously identified indicators (from the OPSEC Program or OPLAN and briefs); and indicators not previously identified but observed during the assessment.

b. Analysis. Discuss the vulnerabilities observed. The key here is whether or not the enemy has the intelligence collection capability to observe and process the OPSEC indicators. If the command or other types of units (not involved in the operation) can reasonably expect to face future threats that will have the collection capability, include this in the discussion. This information can be important to future operations and can be disseminated appropriately. The main points of your analysis will be whether or not the indicator revealed critical information. If so, then the OPSEC measure is not working. Did the OPSEC indicator even have an OPSEC measure applied to protect the critical information? If the OPSEC indicator revealed or can be inferred to have revealed critical information, then this condition is a vulnerability.

Enclosure (4)