Replies

Operations security (OPSEC) is a process that identifies critical information to determine if friendly actions can be observed by adversary intelligence systems, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information.

http://en.wikipedia.org/wiki/Operations_security

The underlying principles of denying an adversary information are centuries old. In fact, George Washington was quoted as saying: “Even minutiae should have a place in our collection, for things of a seemingly trifling nature, when enjoined with others of a more serious cast, may lead to valuable conclusion.” Millennia before, Sun Tzu wrote, “If I am able to determine the enemy’s dispositions while at the same time I conceal my own, then I can concentrate and he must divide.”

OPSEC as a methodology was developed during the Vietnam War, when Admiral Ulysses Sharp, Commander-in-chief, Pacific, established the “Purple Dragon” team in order to determine how the enemy was able to obtain advanced information on military operations.

The team realized that current counterintelligence and security measures alone were not sufficient. They conceived of and utilized the methodology of “Thinking like the wolf”, or looking at your own organization from an adversarial viewpoint. They discovered that US forces were unvarying in their tactics and procedures, and were able to make certain predictions based on that knowledge.

When developing and recommending corrective actions to their command, they then coined the term “Operations Security” [1]