SERVICES › OPSEC
Operational Security (OPSEC) program development
Per DoDD 5205.02E — identification of critical information, threat and vulnerability analysis, countermeasures, and OPSEC training. We build programs from scratch and audit existing ones.
“OPSEC is protecting that ‘thing’ or ‘idea’ that, if exposed, could cause your business plan to crumble” ~ Anonymous
Our OPSEC scope
- Critical Information Identification — defining what information, if disclosed, would harm mission
- Threat Analysis — identifying adversaries with intent and capability to collect that information
- Vulnerability Analysis — finding where critical information is exposed in current operations
- Risk Assessment — likelihood and impact of vulnerabilities being exploited
- Countermeasures — operational, procedural, and technical measures to reduce risk
- OPSEC Training — initial and annual awareness training for the workforce
- Program audits — independent review of existing OPSEC programs against DoDD 5205.02E
Typical engagement
A standard OPSEC program build engagement runs 4 to 8 weeks, depending on organizational complexity. Most engagements include initial assessment (week 1), critical information identification and threat analysis (weeks 2-3), countermeasures development and integration (weeks 4-5), training development and delivery (weeks 6-7), and program documentation (week 8).