HOME

‘May’ OPSEC be more vital in workplace than we realize?

By Cynthia Flores-Wilkin Installation, OPSEC Program Manager Operations specialist, Directorate of Plans, Training, Mobilization and SecurityMay 1, 2024

‘May’ OPSEC be more vital in workplace than we realize?
Operations security vigilance reinforces awareness on what information to protect, measures to take to prevent collection, and who to report to for unauthorized disclosures. (Photo Credit: U.S. Army Graphic Illustration) VIEW ORIGINAL

Operations Security (OPSEC) is vital and has become a governmentwide requirement dating back to 1988, when President Ronald Reagan signed Directive 298. In January 2021 the White House released National Security Presidential Memorandum-28 (NSPM-28) that requires all Executive Branch departments and agencies to implement OPSEC capabilities that identify and protect their most critical assets, identify and mitigate vulnerabilities, consider foreign adversarial threats in their organization’s risk management activities and apply sufficient threat mitigation practices to counter the threat.

Why would this be required? Well, in previous headlines across the news you have topics such as “Ex-colonel accused of divulging US secrets on foreign dating website,” where officials say he illegally transmitted documents that “could be used to the injury of the United States.” This is a vital example of OPSEC in the workplace and how critical information was not protected.

What is critical information? This includes details about your intentions, capabilities and activities that an adversary can exploit to compromise or interrupt your mission. Vulnerabilities can be observed in many ways, as noted in the article “US airman pleads guilty to Pentagon documents leak.”

What went wrong? Documents were posted to Discord, a platform popular with gamers. The material included maps, satellite images and intelligence on U.S. allies. Again, no protection of critical information and no measures were taken to prevent data collection. Knowing what to protect and keeping critical information safe is vital.

Maybe OPSEC annual training isn’t such a bad requirement. After all, being OPSEC vigilant reinforces awareness on what information to protect, measures to take to prevent collection, and who to report to for unauthorized disclosures. Training is made available not only as a requirement to DOD employees but is available to all as a learning tool at OPSEC for All.

Reinforcing OPSEC is ongoing and essential and should be implemented amongst one’s life personally and professionally. Are you OPSEC vigilant?

RELATED STORIES