Online OPSEC Assessment Services
- Published: Monday, 23 January 2012 17:01
Most organizations do not monitor their Internet and Social Networking attack surface. Online postings across multiple protocols and web functions might allow your adversaries an opportunity to interpret or piece together critical information. Adversaries use multiple and overlapping collection efforts targeted against all sources of your organizational and employee information. Treadstone 71 offers assessment and remediation services that reduces your attack surface.
The adversary devotes significant resources to monitor your operations and activities on a daily basis. They can produce reliable information on your capabilities, intentions, and vulnerabilities. Adversaries are also shifting the emphasis in targeting. Foreign targeting of American technology is increasing for economic as well as military reasons. Technology transfer will continue to remain a major concern now and in the future. What you do about can either make or break your current and future strategies.
Treadstone 71 provides O-OPSEC risk assessments that measure the adversarial threat targeting your organization and the potential for existing online information to act as a roadmap for penetration and data exfiltration. The assessment examines data points as indicators, patterns, or signatures. Treadstone 71 then balances the risk of operational failure against the cost of O-OPSEC measures. The assessment includes the:
Consideration of the impact of an OPSEC measure on operational efficiency.
Considering the probable risk to strategic mission success (effectiveness) if your organization does not implement O-OPSEC countermeasures.
Considering the probable risk to mission success if O-OPSEC countermeasures do not work.
Deciding which, if any, O-OPSEC measures to implement and when to do so.
Checking the interaction of O-OPSEC measures. Ensure that a measure to protect a specific piece of critical information does not unwittingly provide an indicator of another.
Apply appropriate countermeasures to deny information of specific intentions, capabilities, and activities.
Detect credible threats
Detect instances of deception in intent or action
Develop assessments for the target area of interest
Develop pattern matrices
Create reference documents
Implement measures that require immediate action. This applies to current operations as well as planning and preparation for future ones.
Document or task O-OPSEC measures
Brief O-OPSEC requirements to senior leadership, stakeholders, marketing sales, and other personnel.
Monitoring of O-OPSEC measures during execution and after.
Monitoring is a continuous process of evaluating intelligence and counterintelligence. It is necessary to monitor countermeasures for effectiveness because unevaluated countermeasures can lead to a false and dangerous sense of security.
Making adjustments to improve the effectiveness of existing measures. These adjustments are necessary to obtain the best protection for your online persona.