Critique the attached discusion assignment-mike
Critique the attached discusion assignment-mike
OPSEC is used with many military outlets and rather large corporations to decrease the chance of people finding out certain things within an organization. “”Operations security (OPSEC) is an analytic process used to deny an adversary information – generally unclassified – concerning friendly intentions and capabilities by identifying, controlling, and protecting indicators associated with planning processes or operations” (What is, n.d.). It is a way to secure your information within the company so that adversary’s can not gain access to it. Most information gained can simply be found via social media, on the internet, and pieced back together to form a more specific picture. Dumpster diving is a way people can gain information, which is why it is important to shred any and all important documents before placing them in the trash.
As far as Sifer’s-Grayson goes, A failure at proper OPSEC could result in a rival company, a hacker, or anyone with proper knowledge, to learn more about how business is handled. From figuring out times and locations to potential meetings, launch times of the test vehicule, blueprints of our designs, and the RF frequency used, anything is possible if OPSEC is broken. It is easy to ensure that the company has good OPSEC, as long as proper training is conducted to figure out ways to keep the sensitive information from anyone’s eyes. “Having good OPSEC means thinking about who you’re trying to protect your information from, who you communicate with, and what capabilities your adversaries might have.” (Lexie, 2016)
OPSEC as a whole is a 5 step process, which the military is known to use in order to function properly. It might be best to use the same method and Sifers-Grayson to better the company as a whole.
–Identify Critical Information: Basically, what information is needed to be protected. What information can make a mission fail if other people found out? Some items can be considered critical, depending on the result. Travel documents could be seen as minimal one day, but could be something serious another.
–Analyze the Threat: Who might the adversary be? What person or company could benefit the most for our failure? What intentions could the person have to see us fail? “Once you have determined the adversary’s intent and capability, you can assess his potential threat.” (Opsec, 13)
–Analyze Vulnerabilities: Most companies tend to have vulnerabilities without even realizing it. Adversaries tend to use these vulnerabilities to paint themselves a bigger picture, and to gain access to the information without anyone else being aware such a vulnerability exist. Training is important for this purpose, to familiarize everyone about OPSEC since human error always tends to be a main issue.
–Asses Risk: Risk assessment is important here, as not everything can be protected, and sometimes a decision would have to be made if a vulnerability should be ignored or not, either due to financial issues or human error. The impact of the risk will then decide how much damage can be done in the long run.
–Apply Countermeasures: A countermeasure can be defined as anything used to lessen the chance of a potential attack. The whole process of work smarter not harder easily comes into play here, and cost-benefit analysis will be used to determine if it is possible or not. At the end of the day, it comes down to weighing the cost versus the benefit.
At the end of the day, OPSEC is a very serious matter and should not be taken lightly. People are out there to gain some kind of momentum in seeing us fail. We will be ready to do what is needed to ensure any exercise or test is launched with success, and continue to thwart any attempts of an OPSEC breach.
"You need a similar assignment done from scratch? Our qualified writers will help you with a guaranteed AI-free & plagiarism-free A+ quality paper, Confidentiality, Timely delivery & Livechat/phone Support.
Discount Code: CIPD30
Click ORDER NOW..
