"What the Heck is OPSEC?"

Lucky Green shamrock at cypherpunks.to
Wed Dec 12 23:11:13 PST 2001 

As a member of the OPSEC Professionals Society (OPS)
<http://www.opsec.org/>, I would encourage any Cypherpunk interested in
operational security to make use of the wealth of information and
training material that can be ordered from the US Interagency OPSEC
Support Staff website at http://www.ioss.gov/

I highly recommend the D*I*C*E Man's OPSEC training videos. I haven't
yet seen this year's video, but last year's video (mostly dealing with
the Chinese thread) was pretty much on target. The interactive CDROM's
aren't too bad, either. Any or all of which can be yours "free of
charge", courtesy of the DOE, NSA, and your tax dollars.

The daily ZGRAM intelligence briefing OPS members receive are downright
priceless. Easily worth the $40/year membership fee. Not to mention that
as an OPS member you qualify to join the Pentagon Credit Union (yes,
that Pentagon). Which offers nifty VISA cards.

--Lucky

> -----Original Message-----
> From: owner-cypherpunks at lne.com 
> [mailto:owner-cypherpunks at lne.com] On Behalf Of Faustine
> Sent: Wednesday, December 12, 2001 1:54 PM
> To: cypherpunks at lne.com
> Subject: FYI: "What the Heck is OPSEC?"
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> What the Heck is OPSEC?
> prepared by Zhi Hamby, Executive Director, OPS 
> http://www.opsec.org/who/who02.htm
> - 
> --------------------------------------------------------------
> ------------------
> 
> In a nutshell, OPSEC is a process that teaches you to examine 
> your day-to-day activities from an adversary's point of view, 
> to understand what an adversary can learn about you and/or 
> your organization from these activities (observables), 
> 
> to assess the amount of risk this places on you and/or your 
> organization, and then to develop and apply countermeasures 
> so that the bad guys don't win. 
> 
> Thus, the goal of OPSEC is to control information and 
> observable actions about your capabilities and intentions in 
> order to keep them from being used by your adversary.
> 
> OPSEC works best when incorporated in the planning stages of 
> any project - don't try to close the barn door after the cow 
> has followed the bull to the pasture! To be successful, the 
> integration of OPSEC into plans and projects should be done 
> by the folks who are the most familiar with the particular 
> plan or project. Those are the people who can best identify 
> the plan's or project's critical information (i.e. 
> information that either makes or breaks the project).
> 
> OPSEC analysis focuses mainly on open sources information and 
> actions (i.e. unclassified or uncontrolled). The scary word 
> here is "uncontrolled". The very fact that the information 
> and activities are open source make the implementation of a 
> good OPSEC plan much more challenging.
> 
> Okay, let's take a look at the OPSEC Process.... 
http://www.opsec.org/who/who03.htm




***
The right to be let alone is indeed the beginning of all freedoms.
- --William O. Douglas, Associate Justice, US Supreme Court

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1 (C) 1997-1999 Network Associates, Inc. and
its affiliated companies. (Diffie-Helman/DSS-only version)

iQA/AwUBPBfSE/g5Tuca7bfvEQI9MACfQzpmqHQarndS7vi7CemH0wEHwjYAoMjf
/yvKw9qZ4VtT6x8Nwvul872D
=O8d9
-----END PGP SIGNATURE-----

More information about the cypherpunks-legacy mailing list