2017 State of OPSEC Survey Thank you for taking the 2017 State of OPSEC survey. This survey helps to determine the application of Operations Security (OPSEC) in different industries. For the purposes of this survey, we're referring to the 5-step process as defined here. 1. What is your industry / enterprise? Construction Consulting (Non-government) Education Finance Government (Includes state and federal, government agencies, military, government contractors and consultants Health care IT Law Enforcement Manufacturing Maritime News / Journalism real Estate Research and Development Security and Investigations Social Work Telecommunications Travel Self-employed Other2. What is the size of your organization? 1-99 100-499 500-1,499 1,500-9,999 10,000 or more3. In which country is your organization based? (For international organizations, mark "International")4. Does your organization have a formal OPSEC program? Yes No Don't know Have an informal policy Policy under development5. Are employees required to receive OPSEC instruction and agree to policies as a requirement for employment? Yes No Don't know6. How many personnel in your organization are primarily dedicated to OPSEC duties? 1-2 3-5 6+ Don't know None7. If any personnel are assigned OPSEC as a secondary duty, what is their primary job function? None or NA Don't know IT Information Security Physical Security Emergency Management Information Assurance / Cybersecurity Management Other Information Operations External (Law Enforcement, Security Consultant)8. How would you rate your organization's understanding and implementation of OPSEC?NADon't KnowFailingPoorNeeds ImprovementAverageGoodVery GoodExcellent9. Has your organization experienced a security breach of any type or magnitude within the last year, in which OPSEC was a factor? (either where better OPSEC practices could have prevented the breach or OPSEC-related concepts contributed to it)YesNoDon't Know10. Do you feel that your customers, clients, stakeholders, or partners are confident in your ability to protect their information or data?YesNoDon't Know11. Do you feel that your customers, clients, stakeholders, or partners are confident in your ability to protect your own information or data?YesNoDon't Know12. Has your organization completed a formal OPSEC survey?Yes, within the last yearYes, more than a year agoNoDon't know13. Does your organization have a security plan that addresses personal electronic devices (mobile devices, fitness trackers, etc)YesNoDon't know14. Does your organization have a formal OPSEC plan?YesNoDon't know15. Which of the following would you consider to be an actual or imminent threat to your organization? Insider Threats Foreign Intelligence Services (FIS) Hackers Corporate Espionage International Terrorism Domestic Terrorism None of the Above Other (Please note below)16. Has your organization implemented any countermeasures to address OPSEC-related risks or concerns? Yes No Have not attempted to identify OPSEC risks or concerns Have not identified OPSEC risks or concerns Don't know17. Do you feel that your organization would benefit from additional OPSEC instruction or courses? Yes No Don't know Already do18. Does your organization create its own OPSEC awareness material, such as posters, labels, presentations, etc?YesNoDon't know19. (Optional) Are there any specific OPSEC resources or tools that would help your organization?Do you have any additional comments? Thank you for taking the time to complete this survey!