






































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
The importance of Operations Security (OPSEC) in military operations and the distinction between OPSEC and cover. It explains the role of OPSEC officers, the identification and protection of critical information, and the integration of OPSEC with Military Deception (MILDEC) and military information support operations. The document also covers the use of OPSEC in preventing adversary intelligence from detecting critical operations and exercises, and the importance of integrating OPSEC at all levels.
Typology: Lecture notes
1 / 78
This page cannot be seen from the preview
Don't miss anything!







































































DE
PA
O TM ENT FTHE AR M Y
-^ •
E
U NI TE D STA T S O
A
FA
M ER
IC
R^ THI SWE' LL (^) DEFEND
Preface
ii JP 3-13.
Intentionally Blank
iii
v
EXECUTIVE SUMMARY .............................................................................................. vii
CHAPTER I OPERATIONS SECURITY OVERVIEW
Policy .......................................................................................................................... I- Operational Context .................................................................................................... I- Purpose of Operations Security .................................................................................. I- Operations Security and Intelligence .......................................................................... I- Characteristics of Operations Security........................................................................ I- Operations Security and Information Operations ....................................................... I- Operations Security and Cover ................................................................................... I- Operations Security and Cyberspace .......................................................................... I- Operations Security Responsibilities .......................................................................... I-
CHAPTER II THE OPERATIONS SECURITY PROCESS
General .......................................................................................................................II- Identify Critical Information ......................................................................................II- Threat Analysis ..........................................................................................................II- Vulnerability Analysis ...............................................................................................II- Risk Assessment ........................................................................................................II- Apply Operations Security Countermeasures ............................................................II-
CHAPTER III OPERATIONS SECURITY PLANNING
General ..................................................................................................................... III- Operations Security Factors ..................................................................................... III- Operations Security Indicators ................................................................................. III- Operations Security Countermeasures ..................................................................... III- Operations Security Process in Planning ............................................................... III- Planning Coordination ........................................................................................... III- Joint and Interagency Planning .............................................................................. III- Multinational Planning ........................................................................................... III- Intergovernmental and Nongovernmental Organization Considerations .............. III-
CHAPTER IV OPERATIONS SECURITY ASSESSMENTS AND SURVEYS
Assessments and Surveys ........................................................................................ IV- Assessment Planning ............................................................................................... IV- Assessment Execution ............................................................................................. IV- Analysis and Reporting ............................................................................................ IV-
Table of Contents
vi JP 3-13.
A Operations Security Indicators ......................................................................... A- B Functional Outlines and Profiles .......................................................................B- C Sample Operations Security Plan ......................................................................C- D References ........................................................................................................ D- E Administrative Instructions ............................................................................... E-
GLOSSARY
Part I Abbreviations and Acronyms .................................................................. GL- Part II Terms and Definitions ............................................................................. GL-
FIGURE
II-1 The Operations Security Process................................................................II- II-2 Examples of Critical Information ...............................................................II- IV-1 Assessment–Survey Comparison ............................................................. IV-
Executive Summary
viii JP 3-13.
Select countermeasures that eliminate or reduce vulnerability or indicators to observation and exploitation.
Preserve a commander’s decision cycle and allow options for military actions.
OPSEC and Intelligence Tailored to the OPSEC process, joint intelligence preparation of the operational environment is a useful methodology for intelligence professionals to support the OPSEC planner.
Characteristics of OPSEC OPSEC’s most important characteristic is that it is a capability that employs a process. OPSEC is not a collection of specific rules and instructions. It is an analytical, planning, and executional process that can be applied to any operation or activity for the purpose of denying critical information to an adversary.
OPSEC and Information Operations
OPSEC, as an information-related capability (IRC), denies the adversary the information needed to correctly assess friendly capabilities and intentions. It is also a tool hampering the adversary’s use of its own information systems and processes and providing the necessary support to all IRCs.
OPSEC and Cover The important distinction between OPSEC and cover is that OPSEC denies information without misrepresenting it; cover misrepresents information.
OPSEC and Cyberspace OPSEC officers, in coordination with the public affairs officer and cybersecurity personnel, should review their command’s presence on the World Wide Web through the eyes of the adversary.
Only information of value to the general public and that does not require additional protection should be posted to publicly accessible sites on the Internet.
OPSEC Responsibilities Chairman of the Joint Chiefs of Staff advises the Secretary of Defense concerning OPSEC support to the combatant commands (CCMDs) and is responsible for providing joint OPSEC policy and doctrine.
Executive Summary
ix
Joint Staff J-3, Director of Operations, executes primary Joint Staff responsibility for OPSEC and supports OPSEC planning and training by the Joint Staff, Services, CCMDs, and Department of Defense agencies.
Service Chiefs provide Service OPSEC policy, doctrine, and planning procedures and OPSEC- related training to all Service members.
Combatant commanders provide OPSEC guidance for all operations, exercises, and other joint activities of the command; plan for and execute OPSEC countermeasures in support of assigned missions.
The Operations Security Process
The OPSEC process consists of five steps or elements.
Identify Critical Information. Critical information answers key questions likely to be asked by adversaries about specific friendly intentions, capabilities, and activities.
Threat analysis involves the research and analysis of intelligence, counterintelligence, and open-source information to identify the likely adversaries to the planned operation.
Vulnerability Analysis. The purpose of this action is to identify an operation’s or activity’s vulnerabilities. A vulnerability exists when the adversary is capable of collecting critical information, correctly analyzing it, and then taking timely action to exploit the vulnerability to obtain an advantage.
Risk assessment has three components: analyze the vulnerabilities and identify possible OPSEC countermeasures; estimate the impact to operations; and select specific OPSEC countermeasures for execution
Apply Countermeasures. The command implements the OPSEC countermeasures selected in the risk assessment process or, in the case of planned future operations and activities, includes the countermeasures in specific operations plans.
Executive Summary
xi
administrative countermeasures; as well as OPSEC and military deception.
Operations Security Assessments and Surveys
Assessments and Surveys An OPSEC assessment is an intensive application of the OPSEC process to an existing operation or activity.
An OPSEC survey is conducted by a team of external subject matter experts from multiple disciplines to simulate adversary intelligence processes.
OPSEC assessments are different from security evaluations or inspections.
An assessment attempts to produce an adversary’s view of the operation or activity being assessed. A security inspection seeks to determine if an organization is in compliance with the appropriate security directives and regulations.
CONCLUSION
This publication provides joint doctrine to plan, execute, and assess OPSEC within joint operations and activities.
Executive Summary
xii JP 3-13.
Intentionally Blank
Chapter I
c. In OPSEC usage, an indicator is data derived from friendly detectable actions and open-source information that adversaries can interpret and piece together to reach conclusions or estimates of friendly intentions, capabilities, or activities. Selected indicators can be developed into an analytical model or profile of how a force prepares and how it operates. An indication is an observed specific occurrence or instance of an indicator. OPSEC indicators are friendly detectable actions and open-source information that can be interpreted or pieced together by an adversary to derive critical information.
d. Adversary intelligence personnel continuously analyze and interpret collected information to validate and/or refine the model. As adversary analysts apply more information to the analytical model, the likelihood increases that the analytical model will replicate the observed force. Thus, current and future capabilities and courses of action (COAs) can be revealed and compromised. Critical information consists of specific facts about friendly intentions, capabilities, and activities needed by adversaries to plan and act effectively so as to guarantee failure or unacceptable consequences for friendly mission accomplishment. Critical information can be either classified or unclassified.
e. OPSEC considerations must also be observed while working with interagency partners.
3. Purpose of Operations Security
a. The purpose of OPSEC is to reduce the vulnerability of US and multinational forces to successful adversary exploitation of critical information. OPSEC applies to all activities that prepare, sustain, or employ forces.
b. The OPSEC process is a systematic method used to identify, control, and protect critical information and subsequently analyze friendly actions associated with military operations and other activities to:
(1) Identify those actions that may be observed by adversary intelligence systems.
(2) Determine what specific indications could be collected, analyzed, and interpreted to derive critical information in time to be useful to adversaries.
(3) Select countermeasures that eliminate or reduce vulnerability or indicators to observation and exploitation.
(a) Avoid drastic changes as OPSEC countermeasures are implemented. Changes in procedures alone may indicate to the adversary that there is an operation or exercise starting.
(b) Prevent the display or collection of critical information, especially during preparation for and execution of actual operations.
Operations Security Overview
(c) Avoid patterns of behavior, whenever feasible, to preclude the possibility of adversary intelligence constructing an accurate model.
(4) Preserve a commander’s decision cycle and allow options for military actions.
c. OPSEC is a force multiplier that can maximize operational effectiveness by saving lives and resources when integrated into operations, activities, plans, exercises, training, and capabilities.
4. Operations Security and Intelligence
a. Intelligence plays a key role in the OPSEC process. Joint intelligence preparation of the operational environment (JIPOE) is the analytical process used by joint intelligence organizations to produce intelligence assessments, estimates, and other intelligence products in support of the joint force commander’s (JFC’s) decision-making process. JIPOE’s main focus is to provide predictive intelligence designed to help the JFC discern the adversary’s probable intent and most likely future COA. Tailored to the OPSEC process, JIPOE is a useful methodology for intelligence professionals to support the OPSEC planner.
b. The first step of JIPOE is to define the operational environment—operational areas and areas of interest. In the case of OPSEC and protecting unclassified critical information, the operational environment can be considerably larger where an adversary intelligence organization can collect on friendly activities. Also during this step, the intelligence professional analyzes the mission and JFC’s intent. This provides great insight into potential areas where the adversary could collect information.
c. The second step of the JIPOE process is to describe the impact of the operational environment on adversary, friendly, and neutral military capabilities and broad COAs. From an OPSEC perspective, this could entail the expected physical, cognitive, and informational impact from the friendly mission. If a unit’s deployment had not been previously announced, and then is, what impact does that have? Is it the same to say that a unit is deploying in the second half of the year or on October the 12th at noon from the local airport? What friendly actions can be taken to minimize the impact of releasing that type of information? What information needs to be protected?
d. The third step of JIPOE involves evaluating the adversary and other relevant actors. For OPSEC purposes, what capabilities does the adversary have to collect on friendly operations? Does it have a robust open-source, human intelligence or signals intelligence (SIGINT) capability? What are its tactics, techniques, and procedures? What are its critical capabilities and vulnerabilities? Intelligence support to OPSEC personnel will often compile the adversary’s capabilities into a threat brief to present to OPSEC planners.
e. The fourth and final step of the JIPOE process is to determine the adversary’s COAs. The purpose of step four is to identify the COA the adversary is most likely to adopt and the COA that would be most dangerous to the friendly force or to mission
Operations Security Overview
security (DISO) plans. For capabilities that exploit new opportunities and vulnerabilities, such as electronic warfare and cyberspace operations, OPSEC is essential to ensure friendly capabilities that might be easily countered are not compromised. The process to identify critical information and apply measures to mask them from disclosure to adversaries is only one part of a defense-in-depth approach to securing friendly information. To be effective, other types of security must complement OPSEC. Examples of other types of security include physical security, cybersecurity, and personnel programs that screen personnel and limit authorized access. In particular, COMSEC plays a vital role in OPSEC. While COMSEC’s primary purpose is to protect classified materials, it can aid to identify vulnerabilities to the loss of critical information through monitoring communications within legal constraints.
For further information on IO, refer to JP 3-13, Information Operations.
7. Operations Security and Cover
OPSEC protects critical information without misrepresentation. Cover is the concealment of true identity or organizational affiliation with assertions of false information as part of, or in support of, official duties to carry out authorized activities and lawful operations. The important distinction between OPSEC and cover is that OPSEC denies information without misrepresenting it; cover misrepresents information. Whether it is used in conjunction with OPSEC or MILDEC, all cover must be authorized in an approved cover plan.
For more information refer to Department of Defense Directive (DODD) S-5205.61, (U) DOD Cover and Cover Support Activities_._
8. Operations Security and Cyberspace
a. OPSEC officers, in coordination with the public affairs officer (PAO) and cybersecurity personnel, should review their command’s presence on the World Wide Web through the eyes of the adversary, looking for critical information and indicators that may reveal sensitive operations, movement of certain assets, personal information about US citizens and employees, and technological data.
b. Only information of value to the general public and that does not require additional protection should be posted to publicly accessible sites on the Internet. Information requiring additional protection, such as FOUO [For Official Use Only], or information not specifically cleared and approved for public release poses an unacceptable risk and should only be placed on sites with security and access controls.
c. While the Internet provides a powerful tool to convey information quickly and efficiently to conduct daily activities, it also increases the vulnerability of the organization and employees. The particular problem posed by today’s technology is that Internet connectivity provides a singular user with new and increasingly efficient tools for reviewing and compiling information. Through a variety of techniques, attackers can hijack a person’s social network account to use as a launching pad for additional attacks against other users. Department of Defense (DOD) and other United States Government
Chapter I
(USG) departments and agencies are active on social networking sites. If the adversary can observe the same action carried out in the same way at the same time, then they can easily identify not only routine activities but deviations as well.
d. Today’s data-mining capabilities enable individuals to collect information from any number of different sources and quickly compile them into a product that contains sensitive or controlled, and very possibly, classified information. Both state and non- state actors have proven effective at this technique. Geography is no longer a primary factor in information gathering, to select and develop knowledge about a target. Additionally, Internet search tools use algorithms, which may tie or aggregate sensitive information.
e. Geotagging on social networking sites is increasing in popularity. From virtual check-ins to simply uploading photos with geographical and time-stamped information included in the data, users are posting detailed physical location metadata online for the world to see. The technology for geotagging now comes standard on newer digital cameras and smartphones and is easily extracted with a simple software downloadable for free in many cases.
f. This means, information posted on websites may pose more risk than information about the organization and its mission that is available through other means. Using information obtained through the Internet, an adversary can quickly search the multiple sites and derive indicators that point to or ascertain the critical piece of information necessary to counter a mission or operation. Because of the increased risk that someone may piece together the information puzzle, small items of information posted on publicly accessible websites are of increased OPSEC significance. An OPSEC officer/planner can no longer simply review their activity on their websites for items that may be targets for an adversary, since there is no way of specifically identifying which items in conjunction with information from other sites or sources may become critical indicators.
g. OPSEC officers/planners should caution employees on what should or should not be posted on DOD publicly-accessible websites, personal websites, and social media outlets. Some information, such as locations of, and hazards from, storage sites within an area of interest may require approval prior to posting. Civil defense considerations must be balanced against providing targeting data to an adversary.
h. Contracts can and should contain OPSEC guidelines wherein the activity reviews and approves information prior to posting on the contractor’s website to minimize inadvertent disclosure of critical information. An OPSEC solution to the possible security vulnerability is to adopt a zero-based approach to website content. Decide which items combined with other information would be critical to an outside collector. Use OPSEC procedures to determine what information is absolutely necessary to post on websites to fulfill the mission and do not post any other information. Below are the most important considerations in zero-based website security:
(1) Assess the benefits to be gained by posting specific types of information on a website. Identify a target audience for each type of information and why their need for