The OPSEC age

  • Published
  • By Victor Duckarmenn
  • 21SW OPSEC manager
PETERSON AIR FORCE BASE, Colo --  In 1941, we had our first real computer called the Z-3. By 1971, we had e-mail. In 1989, the World Wide Web. Wireless devices by the year 2000. Additional wonders of technology increase every decade. 

What are the consequences of all this "progress" and technological change? Did personal or mission related information become more secure? Did space operations Essential Elements of Friendly Information become more or less important or just disappear in the advent of our space business? 

I'm afraid our technical information, space mission secrets, our personal and space system data are all under attack every moment of the day. What information do you need to protect? Let's look at critical information and its nature. 

The nature of critical information is defined in one word "vulnerable." With advancing technology, we find ourselves bracing for insider and hacker-cracker attacks, our systems are open to increased access via Commercial-Off-The-Shelf purchases without the need identified to protect our internal information. Identity theft activity is on the rise. The crime of the 21st century will obviously be the theft of personal information. Data-mining, war-driving, and the lack of attention to our privacy and 1972 Privacy Act, has become the "white noise" behind our wireless vulnerabilities. Consider if you will, the tempo of information flow today. There is so much information available on the "net" or "grid," it scares information assurance, operations security, computer security and information security subject matter experts to death. What are the "points of information contact" we need to watch for? 

What are the four OPSEC arenas in the information protection battle? They are the physical, administrative, action and technical. In 1941 we began the information age and the "Info-war." What can you, the information warrior, do? Let's look at generic measures in the four OPSEC arenas. 

In order to combat the physical issues in protecting space operations information, it is very simple: lock up mission sensitive, controlled unclassified, "For Official Use Only" and Privacy Act information. Implement two locks where possible, i.e. door cipher and a key lock to your overhead. This can lower your risk or eliminate corporate and individual liabilities. The lack of individual consequences for failures in the past to protect private information and leaving mission critical controlled unclassified in the trash has caused the extinction of the double lock or double security measure. Apathy and complacency is your adversary's tools in the information war. I call them the "gruesome two-some".
What about administration? Don't leave your private information, recall rosters or sensitive data out in the open, on your desk or transmit it into the airwaves for all to receive. Administration has many natural controls to include 100-percent cross-cut shredding, both at home and at work, the sanitization of voice mail and out of office replies. Just a simple clean desk policy without posting retirement orders or system information could win the OPSEC "info-war." 

What about actions? Conversations are a form of action. Stopping off-base conversations about mission failure or success, which can also be electronic, or talking out loud where local people do not have a "need to know" can be key to the denial of information to your intelligence enemies. 

What about the technical area? One recommendation on how to ensure our success in the technical arena is to simply restrict our wireless usage during government business. Use a landline to discuss command and control information. A cell phone or personal assistant device is like lighting up a cave with a halogen flashlight - the bats know you're in the cave! It is important not to lose a cell phone or government thumb drive that is filled with critical information. 

So what? The information age is still growing and the value of protecting our space operations information is more "value added" everyday. Protect your wingman's personal information. Protect your missions' operation information. Your personal OPSEC has come of age ... the information age!