An official website of the United States government Here's how you know

OPSEC safeguards installation, community

By Cynthia Flores-Wilkin, and Installation Operational Security program manager, Directorate of Plans, Training, Mobilization and SecurityFebruary 7, 2024

(Photo Credit: U.S. Army) VIEW ORIGINAL

February is a month of love and operational security (OPSEC).

January marked a new year and the third annual national OPSEC Awareness Month. Many start the new year with an idea of achieving personal goals or resolutions made on New Year’s Eve while other’s just ring in the new year on a positive note.

Well, OPSEC must begin the year with a theme to enhance awareness and address the importance of OPSEC and express the need for applying security discipline. This year’s theme was “Preventing and Reporting Unauthorized Disclosures.” The definition of an unauthorized disclosure is the communication or physical transfer of classified national security information (CNSI) or controlled unclassified information (CUI) – including OPSEC critical information – to an unauthorized recipient. All known or suspected unauthorized disclosures should be reported to the local security manager or information security office.

Despite February being the shortest month of the year it has several events, including holidays, and is widely known as the month of “love.” Should we say, “Dear Cupid, for the love of OPSEC.”

What is OPSEC? It is a security discipline designed to deny adversaries the ability to collect, analyze and exploit information that might provide an advantage against the United States by preventing inadvertent compromise of critical information. This is done through a process of continual assessment that identifies and analyzes critical information, vulnerabilities, risks and external threats.

What is critical information? Any information the adversary needs to act against you. Critical information is valuable information that is fundamental to both your organization’s and mission’s success, as well as to the adversary’s success.

Critical information is essential to an organization’s:

  • Capabilities — What it can do.
  • Activities — What it is doing.
  • Limitations — What it cannot do.
  • Intentions — What it plans to do.

Why for the love of OPSEC? Well, the more we do to help raise threat awareness and share risk mitigation practices, the more we safeguard the installation and our community. OPSEC starts at home and is everyone’s responsibility. Are you using it?