National Security Environmental Programs Nevada Test Site Library About the Nevada Site Office Homepage
 
What is OPSEC
Origin of OPSEC
OPSEC at Home
Five Step Process
Awareness
 • Pocket Guide
 • Arnold OPSEC
 • Videos
 • Screen Savers
 • Posters
 • Articles
Training & Events
Related Links
Contact Info
Horizontal line
FAQs/QUESTIONS
SUBJECT INDEX
SITEMAP
SEARCH
CONTACT US
ABOUT US
HELP
ACRONYMS
FOIA
PRIVACY ACT
WEBSITE POLICIES
HOMEPAGE
Text Banner Opsec Photo of desert scene
Home > National Security > OPSEC > Pocket Guide

U.S. DOE/NNSA - Nevada Site Office

OPSEC Terminology
Operations Security (OPSEC)

A Countermeasures program to stop foreign intelligence agents, criminals, terrorists, or other adversaries from obtaining classified, critical, or sensitive information about our programs and activities.

Critical Program Information (CPI)
CPI is information that requires protection from our adversaries and/or competitors. This is the "Target" of collection efforts.

Elements of Critical Information or Indicators (ECII)
Pronounced "E-SEE". Pathways, Observables, or Open Source information that, when collected or observed by an adversary, could reveal "TARGET" information. Note: The term ECII applies only to the U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office OPSEC Program.

OPSEC Assessment (OA)
A critical analysis from the perspective of an adversary. Activities are assessed to determine intelligence indicators or elements. Internal procedures and information sources are also reviewed to determine inadvertent releases of information. OPSEC assessments are "FACT FINDING" not "FAULT FINDING".

 

Intelligence Collection and Sources

Intelligence collection and analysis are very much like assembling a "picture puzzle". Each piece of the puzzle could be an item of information that is not classified or sensitive by itself but, when assembled with other pieces of the puzzle, could damage national security by revealing classified or sensitive information.

Adversaries use numerous sources and methods to develop pieces of the intelligence puzzle. Most nations utilize a wide range of intelligence-gathering resources, such as satellites, aircraft, ships, and human agents.

However, the most potentially damaging intelligence source is "US". We may, unknowingly, provide intelligence information to adversaries through carelessness or a lack of concern for OPSEC measures in the workplace and in daily contact with others. We may talk in public places about subjects best discussed only in the office with authorized personnel. We may also relate detailed accounts of our daily activities to family members without regard to what they might tell friends or acquaintances.

Intelligence collection may also involve monitoring our radio and telephone conversations (including cellular telephones) and analyzing telephone directories, financial or purchasing documents, blueprints or drawings, distribution lists, shipping and receiving documents, or information that we carelessly discard in the unclassified trash.

Within the advances in technology come vulnerabilities. As the twenty-first century approaches, warfare shows every sign of becoming increasingly economic, financial, and political rather than merely military; computer resources are highly vulnerable to espionage and sabotage.

The internet provides intruders many opportunities to break into our computer systems. Intruders have managed to destroy data, modify software, steal data, shut-down hosts/networks, steal software, and modify data.

 

Why OPSEC?

While it is possible that almost any sensitive or classified information sought by an adversary may be uncovered sooner or later, the goal of OPSEC is to make intelligence-gathering more difficult and time consuming. The longer it takes for an adversary to acquire our national secrets, the longer our nation can maintain its defensive and technological edge.

The OPSEC program consists of identifying the threats to our programs, activities, and information; informing employees about intelligence collection methods and techniques; determining what information requires protection (CPILs and ECIIs); identifying vulnerabilities (through OPSEC assessments); and recommending OPSEC measures information.(countermeasures) to protect.

 

The OPSEC MAZE

The "OPSEC MAZE" illustrates the relationship between the "THREAT" (adversaries), "PATHWAYS" (information sources of ECIIs), the "TARGET" information (CPILs), and the "BARRIERS" (countermeasures).

OPSEC Maze
click to enlarge

Countermeasures

Actions that we, as employees, can take to protect information from intelligence collection efforts, i.e., to "block the pathways" (see illustration above).

 

Basic OPSEC Countermeasures

  • Properly destroy sensitive information.
  • Guard against calls to obtain sensitive information. Know who you are talking to.
  • Do not transmit sensitive information via telephone, fax, or radio.
  • Do not discuss sensitive information in public.
  • Limit distribution of sensitive information.
  • Avoid posting or displaying sensitive information.
  • Do not leave lap-top computers unattended in public places.

 

Be aware of the threats.

Know how information is gathered.

Know what information requires protection.

Know what you can do to protect the information.

^ TOP ^

Print Icon PRINT PAGE  |  Email Icon EMAIL PAGE

Date Last Modified: October 29, 2008
U.S. Department of Energy
National Nuclear Security Administration
Nevada Site Office
P.O. Box 98518
Las Vegas, NV 89193-8518
Phone: 702-295-3521
USA.gov: The U.S. government's official web portal		 Disclaimer and Security Notice
Privacy Policy | Notice to Users
Comments to the webmaster
www.nv.doe.gov
 NNSA Logo