10Sep Guest post- The Information Age and OPSEC
The Information Age and OPSEC
By Victor Duckarmenn
In 1941, we had our first real computer called the Z-3. By 1971, we had E-mail, in 1989, the world- wide -web, (WWW) and wireless devices by the year 2000. Additional wonders of technology increase every decade. What are the consequences of all this “progress” and technological change? Did personal or mission related information become more secure? Did space operations Essential Elements of Friendly Information (EEFI) become more or less important or just disappear in the advent of our space business? I am afraid our technical information, space mission secrets, our personal and space system data are all under attack every moment of the day. What information do you need to protect? Let’s look at critical information and its nature.
The nature of critical information is defined in one word “vulnerable”. With advancing technology we find ourselves bracing for insider and hacker-cracker attacks, our systems are open to increased access via commercial Off -The -Shelf (COT) purchases without the need identified to protect our internal information. Identity theft activity is on the rise. The crime of 21st century will obviously be the theft of personal information. Data-mining, war-driving, and the lack of attention to our privacy and 1972 Privacy Act, has become the “white noise” behind our wireless vulnerabilities. Consider if you will, the tempo of information flow today. There is so much information available on the “net” or “grid” it scares Information Assurance (IA), Operations Security (OPSEC), computer security (COMPUSEC) and Info-Security (INFOSEC) subject matter experts (SME) to death. What are the “points of information contact” we need to watch for? What are the four OPSEC arenas in the information protection battle? They are the physical, administrative, action and technical. In 1941 we began the information age and the “Info-war”. What can you, the information warrior do? Let’s look at generic measures in the four OPSEC arenas.
In order to combat the physical issues in protecting space operations information it is very simple, lock up mission sensitive, controlled unclassified, “For Official Use Only” (FOUO) and Privacy Act information. Implement double locks where possible to eliminate corporate and individual liabilities. The lack of consequences for our failures in the past for violations of the Privacy Act, or leaving mission critical controlled unclassified in the trash caused the death of this very simple measure. Apathy and complacency is your adversary’s tools in the information war. I call them the “gruesome two-some”. What about administration?
Don’t leave your private information, recall rosters or sensitive data out in the open, on your desk or transmit it into the airwaves for all to receive. Administration has many natural controls to include 100% cross cut shredding, both and home and at work, the sanitization of the voice mail and out of office replies. Just a simple clean desk policy without posting retirement orders or system information could win the OPSEC “info-war”. What about actions?
Conversations are a form of action. Stopping off base conversations about the mission failure or success, which can also be electronic, or talking out loud where local people do not have a “need to know” can be key to the denial of information to your intelligence enemies. What about the technical area?
One recommendation is to ensure success in the technical arena is to simply restrict your wireless usage during government business. Use a landline to discuss command and control information. A cell phone or personal assistant device (PAD) is like lighting up a cave with a halogen flashlight – the bats know you’re in the cave! It is important not to lose a cell phone or government thumb drive that is filled with critical information. So what?
The information age is still growing and the value of protecting our space operations information is more “value added” everyday. Protect your wingman’s personal information. Protect your missions’ operation information. Your personal OPSEC has come of age; the information age!
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
June 14th, 2009 at 5:54 pm
You’re right, here, Vic. This is a brand new day and age, and new technologies are definitely changing the nature of the game. Of course, OPSEC itself stays very simple, no matter what happens with the technology!