If you open many preparedness magazines or log into many popular internet forums, you will hear the term “OPSEC” used. Many people use the term to mean “don’t talk about yourself or actions,” but it is a lot more nuanced and specific than just keeping quiet. We often hear about OPSEC, but what is it exactly?

OPSEC, or operations security, started as a military program. The official definition of OPSEC is “an analytical process used to deny an adversary critical information about our planning process and operations.”

OPSEC is a methodological and purposeful process that consists of five steps: Analyze the threat, identify critical information, analyze your vulnerabilities, assess risk and apply countermeasures. The process is pretty straightforward in a government setting but not so clear in our private lives when we are trying to protect ourselves as well as our homes and families.

1. Analyze The Threat
Who are our enemies? Street criminals, identity thieves, burglars, robbers, terrorists? A person living in an urban setting would have a different set of threats than a rancher living in the country. Conduct research in your area and determine what the threats are to you. These may be drastically different than that of your neighbor or local friend.

2. Identify Critical Information
Put yourself in the mind of the adversary. If I were going to hurt this person, what info would I need to execute the action? A criminal or threat is going to want to find your weak spots and know where you are most vulnerable, and they might be able to do so through the information you freely put out into the world. If your networks are hacked or your sensitive material is simply thrown into the trash, they can retrieve your name, address, bank statements, social media account, Twitter account and other personal information. These questions are called essential elements of information (EEFI). The answers to these questions are called your critical information list (CIL). Try to have no more than 12 items in your CIL. This will help you minimize your exposure to dangerous threats.

3. Analyze Your Vulnerabilities
All of your CILs may not be vulnerable for exploitation. For example, I don’t write my passwords down, but my Social Security Number is on my driver’s license even though I have an option to opt out if requested. Let’s also say that I don’t shred my mail and I use my real name on the internet. I may be vulnerable because I don’t encrypt my email, allow cookies, use “password” as a password and allow everyone to see my social media posts. I may also make matters worse by identifying which school my children attend by having a multitude of “proud parent” stickers on my automobile.

4. Assess Risk
Not everything is at risk. We must address only those things that could affect us if compromised. This is called risk management. A simple formula to help us with this is Threat x Vulnerability x Impact = Risk. Let’s say I live in a high-security gated community, then the threat (T) of street criminals is non-existent and is thus a “0”. Factor this in with the fact that I carry large amounts of cash and would be impacted by its loss. Use a scale of one to five for each element, with one being the lowest and five being the highest. The carrying of cash (V) would be a 5 and the impact (I) would also be a 5. When plugged into the above formula (0x5x5=0), there would be no risk. Use this formula for each of your threats and vulnerabilities to determine your unique risk. This helps you to rate your risk from highest to lowest and allows you to prioritize the expenditure of resources.

5. Apply Effective Countermeasures
Whatever vulnerability is left after being bumped against threat and impact should be managed with a countermeasure. Be open-minded when going through the process and try to truly take on the role of the adversary. The proper utilization of OPSEC for unique situations and day-to-day life will help create desirable outcomes, pave the way to success and help minimize your exposure to deadly situations. Become familiar with the process and get used to using it for every activity.

This article was originally published in the SURVIVOR’S EDGE™ Winter 2016 edition. Subscription is available in print and digital editions here.

From Our Partners