“Loose lips sink ships”
“loose lips sink ships” is an idiom that originated in the second world war. This idiom was used as an awareness campaign of American propaganda during World War II. The goal of this campaign is to make people aware of how words have the power to put them at risk and let the enemy know their plans and their weak points.
The same thing is applied to our own lives, but now it is easier for the enemy to know what they want to know, even without asking you. Because you are helping them by posting posts in your social media accounts that you think are not really important or that have useless information. But for them, they get what they want.
OPSEC is short for Operational Security and it is defined as the process of managing risk to protect sensitive information from being used by wrong hands.
5-Steps OPSEC process
The OPSEC process has 5 steps. These steps are listed and explained as below:
Step 1: What information do you want to protect?
Start with identifying the data that are important and may be a reason for damaging your organization. This data could be personal information or user information or anything else.
Step 2: Who is your enemy?
In step two, know who will benefit from this data and who is targeting your organization.
Step 3: What are your vulnerabilities?
In this step, apply vulnerabilities assessment to know what are the weaknesses in your organization and what procedures you should take to mitigate the attacks.
Step 4: What is the threat level?
Knowing the risk level of each threat enables you to prioritize them and then start with the more critical one.
Step 5: How can you protect your information?
In this last step apply the procedures that you plan to take in order to mitigate attacks.
In conclusion, sometimes information that seems to us as useless information it’s useful for others. OPSEC process has five steps: information to protect, who wants this information, what the vulnerabilities, the threat level, and what can you do to protect this information. For all those terms, elements or components, we will explain in more detail in the subsequent posts, that work together to explain Operation Security (OpSec) in detail.
E-SPIN Group in the enterprise ICT solution supply, consulting, project management, training and maintenance for multinational corporations and government agencies, across the region E-SPIN do business. Feel free to contact E-SPIN for Operational Security (OpSec) solutions.