The Coast Guard has rolled out a new Operations Security (OPSEC) instruction that shifts responsibility to the unit level, empowering every member to better protect our missions. Alongside this change, the annual OPSEC Self-Assessment link is now open.
This year, the updated policy (COMDTINST 3070.1) requires every unit to know and document exactly what mission information must be protected.
Commands have until Feb. 20, to complete the mandated Annual Self-Assessment. The information gathered will help establish trends, develop strategies to fix vulnerabilities, and guide decisions on how to best use our resources. This assessment was previously called the Report of OPSEC Activities. The name was changed to reflect that it now meets the annual requirement for self-assessment of a unit OPSEC program.
Operations Security is the practice of protecting small, unclassified pieces of information that an adversary could piece together to reveal sensitive details about our operations. Strong OPSEC is vital to ensuring mission success and keeping our members safe from harm.
The overhaul of the Coast Guard's OPSEC program is designed to create a policy that fits the service’s unique structure, says Karen Newhouse, OPSEC program manager.
“The old OPSEC policy was cut and pasted from the Navy,” she said. “We needed to build a policy that would work better for the Coast Guard.”
Newhouse spent two years working with security managers, visiting districts and talking to people in various units to identify weaknesses in protecting mission-critical information. Using that feedback, she helped scale the new requirements to be more relevant to a unit's size and mission. This means smaller, lower-risk units will have fewer administrative tasks to comply.
Going forward, all units are required to develop and maintain a Critical Information List (CIL), which details the specific, sensitive information that needs protection during every type of mission. To help with this, the Coast Guard has published its first-ever guide on this topic, the Development of an Operations Security (OPSEC) Critical Information List (CIL).
The new instruction brings several other key improvements:
- Tiered requirements: Assessing units on a 1-to-5 risk scale means smaller, lower-risk units have a reduced training and administrative burden.
- Better data: Expanded categories of Critical Information and new incident reporting requirements will help the Coast Guard track security trends and develop strategies to fix potential vulnerabilities.
- Specific training: With new metrics, the training program is being updated to better fit the Coast Guard’s needs and OPSEC will be integrated into Enlisted Performance Qualifications (EPQs).
These changes will help the Coast Guard to protect its information, missions, and members. All personnel are encouraged to familiarize themselves with the new instruction.
To learn more, please check out the following resources:
-USCG-