January is National Operations Security (OPSEC) Awareness Month, during which the federal government takes time to focus on policy and procedures governing the protection of sensitive, unclassified information.
The National OPSEC Program has designated January OPSEC Awareness Month, and accordingly, the Chief Security Officer of the Coast Guard (DCMS 34) encourages all members to recognize what constitutes “Coast Guard Critical Information” and involves understanding that what we must keep secure isn’t limited to classified information only. All missions in the Coast Guard depend on critical information for success—information that if exposed to adversaries can lead to mission failure. For example, budget reports provide information about the Coast Guard’s financial priorities and shortfalls, and maintenance schedules show gaps in the service’s capabilities.
To know exactly what might be important to protect, OPSEC Instruction COMDTINST 5510.24A, maintains a Critical Information List (CIL) at the enterprise level, which offers a framework for units to create local versions. Members should know what information their unit considers critical so they know what to protect.
In addition to understanding the strategic value of the information they possess, members should also be aware of how their position within the Coast Guard community relates to OPSEC. By thinking about where they fit in, members can become alert to ways in which adversaries may look for information they might disclose unwittingly, prompting adversaries to create a bigger picture they can exploit. Using less secure, secondary sources can enable adversaries to get around the heavy protection the Coast Guard gives to obviously sensitive information. Things as mundane and repetitive as Monday meetings, emails, spoken conversations, or discussions with friends online outside working hours may all become targets for adversaries. Members need to know both what to protect and why they are protecting it.
Each year, the Coast Guard OPSEC Program compiles a report to maintain a pulse of program implementation and initiatives across the enterprise. Unit OPSEC coordinators or other designated OPSEC personnel are responsible for filing their annual OPSEC report with the DCMS-34 OPSEC Program Office between Jan. 9 and Feb. 9 . The report is for all units, including those who do not have an OPSEC program. The link for the reports is on the DCMS-34 OPSEC SharePoint site. The program office will use the information furnished to determine overall trends, develop mitigation strategies for potential vulnerabilities, and help establish overall OPSEC profiles at the district, area, and enterprise levels, which in turn will help with making risk-based decisions and prioritizing resources. DCMS-34 will also use the information to respond to National OPSEC Program and Department of Homeland Security (DHS) reporting requirements.
In the News: