Operational Security
(OPSEC)
Without an OPSEC program in place, you run significant risks of losing your proprietary information to an “Insider Threat” or an external entity. To mitigate potential losses, you should have two types of OPSEC Plans in place: A general plan that covers the basics, and project specific OPSEC Plans.
INTS2 helps you accomplish this goal by providing the following OPSEC services:
-
Develop an OPSEC Program that will last.
-
Write and Develop an OPSEC Policy that integrates current policies.
-
Train an OPSEC Manager (Train-the-Trainer).
-
Develop a training program.
-
Train all personnel in OPSEC.
-
Develop an OPSEC Plan Strategy (General and Specific).
-
ID Critical Information
-
What do you have that your opposition/competition wants?
-
-
Analyze Threat
-
Who is your opposition/competition and how badly do they want your information?
-
-
Analyze Vulnerabilities
-
Where are your vulnerabilities?
-
Where are the potential leaks?
-
-
Assess Risk
-
Can the opposition/competition get this information?
-
Do they have the skills?
-
Do they have the financing?
-
Do they have the capability?
-
How badly do they want it?
-
Would they take the necessary steps to get your information?
-
-
-
Apply Counter-Measures
-
Training all personnel on OPSEC (General and Specific).
-
Internal policies and procedures to increase protection.
-
-
Periodic Assessment
-
Red-Team Checks (an authorized "attack" on your enterprise to test vulnerabilities).
-
Structured and Scheduled Training Plan.
-
Periodic pop-quizzes to ensure employees understand and are complying with policies.
-
-