Official websites use .mil
Secure .mil websites use HTTPS
By DCMA Information Security
January is “National Operations Security Awareness Month,” and this week’s focus is the OPSEC cycle. Per National Security Presidential Memorandum (NSPM)-28, “The National Operations Security Program,” the intent is for OPSEC to be a repetitive cycle, not a single process.
“We need to think about OPSEC awareness as more than training and hanging some awareness posters throughout the office,” said Charles Vadnais, DCMA Central Region OPSEC specialist. “We now live our everyday lives well into the Information Age — an age defined by an abundance of information meshed with technology making information readily available. This presents unique challenges when it comes to safeguarding our nation’s information.”
The purpose of OPSEC is to prevent adversaries from obtaining sensitive information that can be used maliciously. This is done by identifying Critical Information and Indicators, known as CII, and implementing safeguards for protection. OPSEC methodology operates by a never-ending analytic and objective process cycle.
Vadnais explains the six steps below:
“The desired output of the OPSEC Cycle is the CII list, coupled with identified countermeasures used to frustrate our adversaries’ collective objectives,” said Vadnais. “When working through the OPSEC Cycle, it is key to use the adversary’s perspective because to help identify the critical information and indicators, and those vulnerabilities associated with our information, which we may overlook because we are not using the right mindset. We need to know what information the adversary, competitor or enemy needs to negate our mission efforts — this allows us to effectively implement the OPSEC Cycle.”
To be effective, OPSEC must be a collective effort of various subject matter experts, divisions and offices.
“If we limit the OPSEC cycle involvement to only a few people, we miss out on so many perspectives which are necessary to making these OPSEC efforts effective,” said Vadnais. “Organizing an OPSEC working group at appropriate levels, such as a Contract Management Office can be very effective in covering down on our operations in the field.”
Questions? Reach out to the DCMA Operations Security team: firstname.lastname@example.org.
Media Relations: 804-821-8036
FOIA Requests: 804-609-4533
Download the DCMA Media Kit (PDF)