MaxDisclosure doesn’t usually like to talk about OPSEC, so hold onto your hats.
When we think about protecting sensitive information, we like to lump it all under the Operations Security umbrella. There’s a whole Joint Publication on the subject. As a military, we’re comfortable with this nomenclature. Perhaps, we’re over-comfortable.
Theory: our focus on security ought to reflect our commanders’ focus on mission.
Remember the Tactical, the Operational, and the Strategic? Depending on their scope and position, commanders lead and make decisions at the strategic, operational and tactical levels. Let’s similarly define the way we protect (and share) information when it helps us protect America.
TACSEC. Tactics security; this information is almost always what people are actually talking about when they say they’re talking about OPSEC. Force disposition, weapons capabilities, timelines, locations, etc. These are the specific, immediate tactical details which could give our adversaries edge and put our men and women in contentious areas at risk.
OPSEC. If the operational level of warfighting involves the planning and conduct of campaigns, then true OPSEC is the protection (and sharing) of information to ensure these campaigns’ success. You can apply some military gamesmanship here: we don’t want adversaries to know our forces’ next major pivot, an upcoming surge, or the fresh new hell we’re about to unleash upon them. At the same time, we want regional and international forces to sync with our intentions, and need local populations to trust in our mission.
STRATSEC. This is complex and legit. Strategic security is about injecting the context which builds long-term credibility and momentum. STRATSEC is about telling stories which buy us the right resources, authorities and support so we can adapt to evolving threats against our nation. STRATSEC directly supports our nation’s policy objectives. STRATSEC can also be about buying breathing room for senior leaders to make the right decisions at the right times, without inflaming international or policy sensitivities.
A four-star headquarters PAO discussing tactical security is like the same HQ’s operations officer fretting over an infantry company’s time-on-target.
Meanwhile, the same infantry company ought to understand strategic—and STRATSEC—considerations; but their mission ought to be clear enough so they aren’t developing STRATSEC measures at their own level.
(Photo by Staff Sgt. Zach Tateman, DVIDS)