DOD to re-emphasize security

FORT LAUDERDALE, Fla. — The secretary of Defense will soon issue a directive placing a renewed emphasis on operational security (OPSEC) throughout the department.

Tom Mauriello, director of the interagency OPSEC support staff, said a document has been awaiting DOD Secretary Donald Rumsfeld's signature since before Operation Iraqi Freedom began that would infuse more funding and guidance in the realm of operational security.

Mauriello's comments came during a June 4 speech at the Army Small Computer Program's IT conference. He refused to answer any follow-up questions, and would only tell FCW that there will soon be a "resurgence of emphasis" on OPSEC coming down from the Pentagon.

During a high-energy, wide-ranging 90-minute presentation, Mauriello discussed all aspects of OPSEC from the physical through the cyber realm and explained the five-part process:

* Collection of critical information, which is not difficult since 80 percent of all data is open source.

* Threat analysis.

* Vulnerability analysis.

* Risk assessment.

* Counter measures.

Everyone from the acquisition community to human resources personnel to building maintenance are involved in OPSEC, but more work is needed, he said.

"A good OPSEC program educates people in all parts of an organization to think this way," Mauriello said.

As an example, a government intelligence agency decided to outsource its building maintenance and gave all of its structural plans to 12 potential contractors. Those blueprints included detailed schematics of the buildings, the locations of electronic and electric equipment and sources, and other critical information.

Mauriello refused to name the agency, but said officials from there only called him after they realized the magnitude of the mistake they had made. "Many times [people] give information away and don't even know it."


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.