Transcript OPSEC and Its Significance within the Field of Criminal

OPSEC and Its Significance within
the Field of Criminal Justice
Welcome
▪ The purpose of this presentation is to explain the vital role
Operations Security plays within the field of Criminal Justice.
Such topics covered will include OPSEC in the courts,
corrections, and law enforcement.
▪ When pursuing any profession in Criminal Justice, learning
OPSEC’s importance is essential. Reason being, a majority of
criminal justice work is dependent upon the exchange of
information, most of which is not classified. Such information
can ultimately be used against us if it ends up in the hands of our
adversaries.
▪ Therefore, it is pertinent that all criminal justice organizations
protect both classified and unclassified information by providing
its professionals with OPSEC training and education.
What is OPSEC?
▪ Operations Security (OPSEC) is an analytical process used to
deny adversaries information, generally unclassified.
▪ Preventative measures are taken to protect unclassified
information, concerning our intentions and capabilities, result
from a keen examination of indicators in association with our
daily planning processes and operations.
▪ However, it must be noted, OPSEC simply is used in
conjunction with an organization’s security disciplines, it doesn’t
replace them.
Five Step Analytical Process of OPSEC
▸Identification of Critical Information--Information that is
“vitally needed for an adversary” should be of focus, as opposed
to attempting to protect all information.
▸Threat Analysis--Research and analyze intelligence,
counterintelligence, and open source information. As
doing so,
would identify who the adversaries are.
▸Vulnerabilities Analysis-- Identify Identify OPSEC indicators
that may reveal critical information then compare such indicators
with the adversary’s intelligence collection capabilities identified
in the analysis process
Continued….Five Step Analytical Process of
OPSEC
▸ Risk Assessment--After an analysis of the vulnerabilities,
measures for each vulnerability must be identified.
▸ Application of Countermeasures--OPSEC measures are
implemented and utilized in future organizational activities and
operations.
Practicing OPSEC in Law Enforcement and
in All Fields of Criminal Justice
▪ Law enforcement policies , including all criminal justice
organizational rules, must centralize focus on institutional
management with respect to special administrative measures that
may be necessary to prevent the disclosure of classified
information that could endanger national security and to prevent
acts of violence and terrorism, either of which may be caused by
contact with individuals who could possibly be adversaries.
▪ In other words, OPSEC must be incorporated with current
institutional security practices.
Examples of Operations Security Breaches in
the Courts
▪ Insufficient plan for the protection and recovery of records
allows adversaries to access such records more easily.
▪ Failure to properly dispose of documents bearing critical
information
▪ Adversaries gain access court staff passwords to secure web
site for use by executive staff which provides access to
emergency information and other means of communication
among court system leaders.
Measures to Prevent OPSEC Breaches in the
Courts
▪ Develop strong and effective partnerships among state
courts,law enforcement, and county commissioners to ensure
successful security operations.
▪ Ensure, as new courthouses are being constructed, that up-todate physical safety measures (installation of security surveillance
equipment and secured entrance and exit doors, etc.) are included
in the design stage.
▪ Identify the strengths and weaknesses of the physical structure
of the courtroom to best protect unclassified information.
▪ Periodically hold security briefings for security personnel, in
addittion to staff members.
Examples of Operations Security Breaches in
Corrections
▪ Correctional officers and/or staff maintaining daily
“unprofessional” contact with inmates
▪ Inmates receiving visits from individuals who have intentions
of comprimising institutional safety and security
▪ Failure of correctional officers to secure the perimeters and
areas which house critical documents
▪ Inmates being able to maintain outside communication with
adversaries via mail/letter correspondence
Measures to Prevent OPSEC Breaches
in the Corrections
▪ Correctional facility administrators must closely monitor staff
and correctional officers to ensure they abide by institutional
policy which prohibits “unprofessional” contact with inmates. If
found that staff are engaging in such contact, disciplinary action
must be sought immediately.
▪ Individuals who frequently visity inmates should be properly
screened.
▪ Correctional officers and staff should undergo periodic training
which emphasizes the importance of maintaining institutional
security.
▪ Inmates’ mail receival should be properly monitored. It should
be noted from whom inmates are receiving correspondence from.
Examples of Operations Security Breaches in
Law Enforcement
▪ Failure to secure communications (email correspondence,
written documents, radio communications, etc.)with other
agencies
▪ Officers discussing their work activities with unauthorized
individuals-- Discussions relating to work activities should be left
at the workplace.
▪ Failure to adhere to departmental policies about media contact
How To Use OPSEC in Law Enforcement and
Prevent Security Breaches
▪ Keep workplace activities separate from life at home. An
officer’s home is an inappropriate setting to discuss work- related
activities.
▪ Routinely incorporate OPSEC into departmental policies and
practices
▪ Internal Affairs should closely investigate any suspicious
departmental actions which indicate adversaries are gaining
access to critical information.
Continued...How To Use OPSEC in Law
Enforcement and Prevent Security
Breaches
When law enforcement divisions practice operations security, it is essentia
or the following information to be safeguarded:
The size of the police department and its ability to respond to single or
multiple events.
Residence and shifts of responders, including response times and routes to a
rime scene.
Assignments of police department members, including who will be activate
s key personnel and under what circumstances.
Descriptions of unmarked vehicles to assist in surveillance detection.
Details of mutual aid agreements.
OPSEC Provides Positive Longterm
Effects for Law Enforcement
▪ The OPSEC process can be rather effective if all law enforcement
personnel recognize the overall significance of information security
and become more aware of the character and nature of the threat.
▪ Additionally, a “counterintelligence mindset” is critical for
OPSEC’s success. Therefore, staff must be continuously educated
on current and potential information security threats.
▪ If personnel are aware of the implications which result from the
failure of addressing such information threats, there will be an
increase in the likelihood that OPSEC will be deemed acceptable and
effective.