New Mexico Urban Homesteader

Hello, I am A 50 Something, Prepper ;-}; former 60's Flower Child, don't believe in taxpayer subsidized special interest groups (political parties), DO believe in the Constitution and Bill of Rights (1st 10). Long time Independent & Informed Voter. Lover of the outdoors and firm believer that History Teaches - if only we will listen!

(No longer Urban or in NM. Now Rural in the mountains of Maine.)

This blog was started at the request of some dear friends that wish to become Preppers.

“No man who is not willing to help himself has any right to apply to his friends, or to the gods.”

Demosthenes (384–322 BC, Greek statesman and orator of ancient Athens)

Sunday, February 19, 2012

Operations Security (OPSEC) - Why it Matters

If you reveal your secrets to the wind, you should not blame the wind for revealing them to the trees.
Kahlil Gibran

We have talked about Situational Awareness (Situational Awareness and You, now let’s talk about Operational Security or as the military and law enforcement call it - OPSEC.

Relying on the government to protect your privacy is like asking a peeping tom to install your window blinds.
John Perry Barlow

What is OPSEC?

Operations security (OPSEC) is an analytic process used to deny an adversary information - generally unclassified - concerning friendly intentions and capabilities by identifying, controlling and protecting indicators associated with planning processes or operations. OPSEC does not replace other security disciplines - it supplements them.

OPSEC is simply denying an adversary information that could harm you or benefit them. Another form of OPSEC, although not as widely accepted, is the intentional distribution of miss-information to an adversary, designed to protect your true secrets.

OPSEC is a process, but it is also a mindset. By educating oneself on OPSEC risks and methodologies, protecting sensitive information becomes second nature.

OPSEC is unique as a discipline, because it is understood that the OPSEC manager must make certain decisions when implementing OPSEC measures. Most of these measures will involve a certain expenditure of resources, so an estimate must be made as to whether the assumed gain in secrecy is worth the cost in those resources. If the decision is made not to implement a measure, then the organization assumes a certain risk. This is why OPSEC managers or Commanders must be educated and aware of the OPSEC process.

In the military, OPSEC is keeping potential adversaries from discovering critical Department Of Defense information. As the name suggests, it protects US operations - planned, in progress and those completed. Success depends on secrecy and surprise, so the military can accomplish the mission more quickly and with less risk. Enemies of freedom want this information and they are not just after the military person to get it. These enemies also target military family member(s) and friends too.

Although OPSEC has been used in predominately in Military or Government and Law enforcement Entities; this century has seen more individuals and corporations that are utilizing OPSEC procedures to aid in protecting trade secrets, personal security and intentions. Whatever the organization and purpose, OPSEC can and will, increase the overall security posture of the individual, group, agency, military or corporate entity.

What are the Origins of OPSEC?

The underlying principles of denying an adversary information are centuries old. In fact, George Washington was quoted as saying: "Even minutiae should have a place in our collection, for things of a seemingly trifling nature, when enjoined with others of a more serious cast, may lead to valuable conclusion." Millennia before, Sun Tzu wrote,If I am able to determine the enemy’s dispositions while at the same time I conceal my own, then I can concentrate and he must divide.”

OPSEC as a methodology was developed during the Vietnam War, when Admiral Ulysses Sharp, Commander-in-chief, Pacific, established the “Purple Dragon” team in order to determine how the enemy was able to obtain advanced information on military operations.

The team realized that current counterintelligence and security measures alone were not sufficient. They conceived of and utilized the methodology of “Thinking like the wolf”, or looking at your own organization from and adversarial viewpoint. They discovered that US forces were unvarying in their tactics and procedures, and were able to make certain predictions based on that knowledge.

When developing and recommending corrective actions to their command, they then coined the term “Operations Security” or OPSEC.

"Security is mostly a superstition.
It does not exist in nature, nor do the children of men as a whole experience it.
Avoiding danger is no safer in the long run than outright exposure.
Life is either a daring adventure, or nothing."
Helen Keller

(American Author and Educator who was blind and deaf. 1880-1968)


Since we entered the Information Technology Revolution our world is increasingly dependent on information. In this world, pieces of information (internet postings, work schedules, phone directories and more) may be assembled in order to form the “big picture” of an organization or operation.

Today, OPSEC is an established methodology used by Military, Federal entities and Civilian Agencies and Businesses. More and more, private sectors are realizing the importance of Operations Security in day to day operations. This helps to protect proprietary and sensitive information from accidental disclosure, corporate espionage, internal espionage and more.

Your adversaries in a military or business sense, practice OPSEC to varying degrees and it would be unwise to discount the capabilities of your adversary. These adversaries will constantly probe your organization, so the importance of a solid understanding of OPSEC cannot be understated.

Why should Preppers and non-military people think about OPSEC?

First off, the very definition of OPSC should give you a hint. As stated, many businesses and civilian agencies have found it beneficial. As a Prepper, you need to keep the details of your preparedness to a minimum. The more information outsiders to your household or group, know about your preparedness processes, procedures, supplies and plans – the more of a risk these outsiders are to you and yours in a crisis scenario.

You don’t want to share all, with all. If you do that, you will be opening up you and yours to ‘attack’ by have-nots during a crisis or emergency. Even the most law abiding citizen will become deadly when they are attempting to keep themselves and their loved ones safe and fed.

Add to this that much of today’s technology includes too much information about the person using it.

Online communities, including those that are "Military" by design, do NOT have a way to assure that every member has the same goal of safety and security for military personnel. Knowledge is power; the enemy does not need to know anything other than our Military is ready to act and defend. To help keep all of us safe, including our military, do not share information except with your family and very close friends. Even then, please attempt to do so in a controlled or ‘private’ environment.

In an online environment, you do not know the person on the receiving end of your communication.

"We are never more in danger than when we think ourselves most secure, nor in reality more secure than when we seem to be most in danger."
William Cowper

From routes taken to and from work, to favorite places to visit and eat, Internet users may want to reevaluate what information they share on social media sites. The potential compromising of operational security, as well as personal security, may cause some smartphone owners to rethink how much information they share in the future.

These security measures should not be interpreted as intent to limit free speech or exercise editorial control. Freedom of speech does not include the right to endanger someone else's life or liberty!

In the business world, OPSEC awareness helps to instill confidence in clients, who can be assured that their trust is well placed.

As a Prepper you do not want people who are not in your circle to know all this information or you will become a target to these people in a SHTF world. Just as the elements of security and surprise are vital to the accomplishment of US goals and collective DOD personnel protection, they are just as vital to your survival in a SHTF situation.

Where and how you discuss this information is just as important as with whom you discuss it. An adversary's agents tasked with collecting information frequently visit some of the same stores, clubs, recreational areas or places of worship as you do.

"To keep oneself safe does not mean to bury oneself."
Marcus Annaeus Seneca

Determined individuals can easily collect data from cordless and cellular phones and even baby monitors using inexpensive receivers available from local electronics stores.

As a Prepper when you are out and about, you need to be sure you are not discussing particulars in an open public arena. Detailed talks should be in a secure location to reduce the knowledge that ‘outsiders’ can collect – consciously or unconsciously.

We Preppers need to remember that our nice, friendly, passive neighbor can, and most likely will, become a deadly adversary in a SHTF scenario. If you have had ‘loose lips’ when discussing your preparedness pre-SHTF, then these unprepared neighbors and friends will remember what you said and come after what you have to stay alive.

"To be on the alert is to live; to be lulled into security is to die."
Oscar Wilde

Be Aware and Be Smart; use your head, and always think OPSEC when using email, phone, internet (social networks, chat rooms, blogs and message boards) or talking in public!

And be sure that you realize that information can be put together. If you leak a bit here and a bit there, it doesn't take much to put it together for the whole picture and there are those out there with nothing but that goal in mind.

"If privacy is outlawed, only outlaws will have privacy."
Philip Zimmermann

The absolute best advice is that it is better to be safe than sorry. If you question whether you should be talking about something, especially online, then don't.

OPSEC is an awareness of your surroundings (Situational Awareness) and the foresight to keep information private in order to stay safe.

For Preppers, getting a phone call from someone you don’t know, has a blocked or otherwise unknown number asking personal questions, is un-nerveing to say the least. If this unknown person starts asking questions on preparedness, then it is downright threatening! Make sure your Prepper family and friends understand that it is unwise and could be deadly to discuss preparedness information in public and to never, ever give out your phone numbers or email addresses.

As a Prepper, keeping your family and group members safe is one of the most important tasks you have on your To-Do List. It is a big job to not only be prepared, but to be prepared for the unexpected scenarios that can occur after the SHTF.

  • When in public, on the phone (landline or cell), on the internet or in email – talk in generalities and not specifics. Never discuss specifics.
  • Disguise your preparedness storage supplies.
  • No one outside your family or group should know about any cache or bug-out locations; supplies or strategies and the like.

If a Prepper family member gets a call from a person asking if they will take a short survey; the first question is rather mundane like “do you feel we are in threatening times?”; each successive question will be more specific and generally ask more personal and detailed questions on preparedness. Much like a robber will call asking about your shopping habits (bacon,eggs, brands, etc.) and get the unsuspecting person on the phone to reveal when they usually go shopping.

Ok so basically Operations Security or OPSEC, for us Preppers is really just plain common sense.

For Preppers and preparedness groups OPSEC is imperative. You cannot count on a non-prepper friend, acquaintance or co-worker to retain the passive, laid back mentality when they are confronted with survival.

I remember a bad flood in PA back in the late 1960’s:

The farm where I boarded my horses was next to several other farms and one of the farm families was totally against hunting and firearms. When the flood struck and help was days away, this passive farmer became very violent, stopped a thief, took the thief’s firearm and shot the next thief!

Bottom line: Never underestimate what a human will do in a life and death situation.

Think about this if you always go to the store every Tuesday or to a play every third Friday, this is a pattern that your neighbors will notice, even if it is unconscious. If you have discussed more than general preparedness with this neighbor or had your primary food stores where this neighbor could see them when visiting – You are now a target for them when they lack what they either perceive you have or know you have.

"Amateurs hack systems, professionals hack people."
Bruce Schneier

We humans just love to show others how successful we are. We wear designer clothing and jewelry, drive high end vehicles, live in large homes and go to high end events. This is advertising our successes. Although there is basically nothing wrong with this in theory – in the real world this is setting ourselves up as targets. We don’t have to be a Prepper to become a target to thieves and home invaders or robbery.

Our family and friends will know we are successful without us having to show strangers that we are and that should be good enough!

"In any given moment we have two options:
to step forward into growth or to step back into safety.”
Abraham Maslow

Any stranger or acquaintance that knows or inquires about personal details on your habits, goals, purchases, likes and dislikes, is a potential threat. This is why OPSEC so important to every citizen!

There was this one Preparedness group that I worked with that wanted to know who my personal sources were. When I told them I wouldn’t jeopardize their safety by giving away who they were, this group decided I was worthless. Yet this was a perfect example of someone (most likely unintentionally) attempting to break the number one rule of OPSEC – Loose Lips Sink Ships!

Then there was this other group that was giving out too much detailed information during their recruitment meetings. When I pulled the leader aside and explained to keep it general, he asked how, when potential members were asking specific questions. I said use phrases like: “We have achieved our immediate short term goals and are constantly going after our long term goals with consistent success.” Or “That is more information than a novice Prepper or potential member needs at this time. If you join us, you will learn with us.

Oh the Reality Check is: Yes, if a thief wants what you have; there is at least one out there will succeed in getting it. Yes, if an ‘enemy’ really wants to know what you have, where you live, what you do; there is at least one out there that will succeed in doing so. The flip side to this is that there are many, many more that will not succeed, even if they do try. So don’t give out signals, signs and information on yourself freely for all of those that may try.

The less you put out there for all to see and hear; the less risk to you!

Couple OPSEC with other security tools, like Situational Awareness and you can now be confident that you and yours are as safe as anyone can be in this day and age.

  • Don’t advertise or discuss your preparedness specifics outside of your family and group members (not in an uncontrolled public area). Be sure all household and group members do the same. Never discuss or release “detailed” information.
  • Keep information on a “need to know” basis.
  • Practice Situational Awareness. Who is around you? Who is calling? What is happening around you: in your town; in your county; in your state; in the US and internationally?
  • Use wireless and internet communications for general preparedness information transfer only.
  • Shred ALL ‘private’ paper information before putting in the trash.
  • Vary your routines, preparedness and daily life. Don’t be predictable.
  • Disguise your preparedness supplies; Never reveal its location.
  • Use a high level of trust to sustain your security levels.
  • Respect the privacy of others and most will respect your privacy.
  • Be Alert; Be Ready; Be Prepared.

Read on for additional information, detail and resources to:

  • What are OPSEC indicators?
  • What Information Is Sensitive?
  • What are the capabilities of your adversary?
  • Geotagging
  • GPS/location tagging
  • What is the Military’s Stance on OPSEC?
  • What Information Is Sensitive?
  • Riverwalker’s Rule of 3 for creating your own OPSEC guidelines
  • OPSEC Glossary of Terms
  • OPSEC Fun Quiz

Keep On Preppin'


No comments:

Post a Comment

To reduce SPAM your comment will be posted after review.