DOD to re-emphasize security

FORT LAUDERDALE, Fla. — The secretary of Defense will soon issue a directive placing a renewed emphasis on operational security (OPSEC) throughout the department.

Tom Mauriello, director of the interagency OPSEC support staff, said a document has been awaiting DOD Secretary Donald Rumsfeld's signature since before Operation Iraqi Freedom began that would infuse more funding and guidance in the realm of operational security.

Mauriello's comments came during a June 4 speech at the Army Small Computer Program's IT conference. He refused to answer any follow-up questions, and would only tell FCW that there will soon be a "resurgence of emphasis" on OPSEC coming down from the Pentagon.

During a high-energy, wide-ranging 90-minute presentation, Mauriello discussed all aspects of OPSEC from the physical through the cyber realm and explained the five-part process:

* Collection of critical information, which is not difficult since 80 percent of all data is open source.

* Threat analysis.

* Vulnerability analysis.

* Risk assessment.

* Counter measures.

Everyone from the acquisition community to human resources personnel to building maintenance are involved in OPSEC, but more work is needed, he said.

"A good OPSEC program educates people in all parts of an organization to think this way," Mauriello said.

As an example, a government intelligence agency decided to outsource its building maintenance and gave all of its structural plans to 12 potential contractors. Those blueprints included detailed schematics of the buildings, the locations of electronic and electric equipment and sources, and other critical information.

Mauriello refused to name the agency, but said officials from there only called him after they realized the magnitude of the mistake they had made. "Many times [people] give information away and don't even know it."


  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.