Efforts to establish safety IW-130 .


50 views
Uploaded on:
Category: Product / Service
Description
AF Information Operations. . . . . guard. assault. misuse. pick up. . . . Data SUPERIORITY. . I S R. . . Data OPERATIONS. . Data WARFARE. . Data IN WARFARE. . COUNTERINFORMATION. . . . . . . . . . . Climate. PRECISIONNAV. OTHER INFO COLLECTION/DISSEMINATION ACTIVITIES(Transmission, Storage,Public Affairs).
Transcripts
Slide 1

School of Aerospace Doctrine, Research, and Education Security Measures IW-130

Slide 2

AF Information Operations INFORMATION SUPERIORITY INFORMATION OPERATIONS INFORMATION IN WARFARE INFORMATION WARFARE shield assault pick up adventure COUNTERINFORMATION OFFENSIVE COUNTERINFORMATION PRECISION NAV WEATHER I S R DEFENSIVE COUNTERINFORMATION PSYOP Information Assurance Counter-Intelligence Electronic Warfare OTHER INFO COLLECTION/DISSEMINATION ACTIVITIES (Transmission, Storage, Public Affairs) PSYOP Counter-PSYOP Physical Attack OPSEC Deception Electronic Protection Counter-Deception Information Attack

Slide 3

OPSEC " … a procedure of recognizing basic data and along these lines breaking down benevolent activities specialist to military operations and different exercises to: Identify activities that can be watched frameworks Determine markers that could be translated or sorted out to infer basic data Select and execute measures that dispose of or diminish to a satisfactory level the vulnerabilities Joint Pub 3-54

Slide 4

1 2 3 4 5 Unique Characteristic OPSEC is a PROCESS OPSEC is NOT an arrangement of Rules

Slide 5

Most data is characterized Usually unclassified Addresses the general danger Addresses particular enemies Risk applies to all circumstances Risk choices are occasion particular Directed by security controls Directed by operational CC Countermeasures built up Countermeasures frequently exceptional Concealment just Eliminates, covers, camouflages, or misdirects The Differences Traditional Security OPSEC

Slide 6

1 2 3 4 5 Five Step OPSEC Process Identify Critical Information Determine Threat Analyze Vulnerabilities Assess Risk Apply proper OPSEC Measures

Slide 7

Identify Critical Info 1 2 3 4 5 Identify the inquiries the enemy will ask Where do I get the data? Who has the data? At the point when do I require the data? How would they exchange the data? How is the data secured? Is it worth the danger of getting gotten?

Slide 8

Critical Info Examples Impact of mechanical base on military mission Logistic capacities and requirements Alert stance Staging areas Limitations on gear Noncombatant Evacuation Operation Routes Military support to Law Enforcement Agency

Slide 9

Determine Threat 1 2 3 4 5 Who is the enemy? What are the foe\'s objectives? What is the enemy\'s resistance system? What basic data is as of now known? What are the foe\'s gathering abilities?

Slide 10

Analyze Vulnerabilities 1 2 3 4 5 Indicators & Actions Collection Vulnerability + =

Slide 11

Indicators Signature: Uncommon or one of a kind elements Associations: Specific bolster gear Profiles: Unit missions (Homepage) Contrasts: Not standard Exposure: Observation Time

Slide 12

Indicators and Actions Pizza Delivery DV Suites Intramural Sports E-Mail Reply/Router Government Credit Card STU-III Usage Family Support Homepages

Slide 13

Collection Overt and Clandestine Open Source Intelligence (OSINT) Human Intelligence (HUMINT) Imagery Intelligence (IMINT) Signals Intelligence (SIGINT) Communications Intelligence Electronics Intelligence Foreign Instrumentation Signals (FISINT) Technical Intelligence (TECHINT)

Slide 14

Signature: Uncommon or exceptional components Associations: Specific bolster hardware Profiles: Unit missions Contrasts: Not standard Exposure: Observation Time Indicators & Actions + Collection Open Source Intelligence (OSINT) Human Intelligence (HUMINT) Imagery Intelligence (IMINT) Signals Intelligence (SIGINT) Technical Intelligence (TECHINT) VULNERABILITY

Slide 15

Assess Risk 1 2 3 4 5 Cost versus Potential Harmful Effects

Slide 16

The Cost Can Be High

Slide 17

Psychological Operations Counter-PSYOP Military Deception Electronic Warfare Counter-Intelligence Counter Deception Information Attack Physical Attack Apply OPSEC Measures 1 2 3 4 5 Prevent the foe from identifying a marker Provide an option investigation of a pointer Attack or deny the enemy\'s gathering framework Use alternate Pillars of IW

Slide 18

"Full Victory - Nothing Else" Gen. Dwight D. Eisenhower

Slide 20

1 2 3 4 5 Five Step OPSEC Process Identify Critical Information Determine Threat Analyze Vulnerabilities Assess Risk Apply proper OPSEC Measures

Slide 21

Information Operations Condition (INFOCON) … presents an organized, facilitated way to deal with shield against and respond to antagonistic assault on DoD PC and media transmission systems and frameworks … in light of the status of data frameworks, military operations, and insight appraisals of enemy abilities and expectation … built up by the Secretary of Defense; controlled through the Commander JTF-CND

Slide 22

CRITERIA RECOMMENDED ACTIONS INFOCON Level: Normal Activity No huge action. - Ensure all mission basic information and information frameworks (counting applications and databases) and their operational significance are identified. - Ensure all purposes of get to and their operational need are identified. - On a proceeding with premise, direct typical security hones. For example: - Conduct instruction and preparing for clients, administrator, & administration - Ensure compelling secret key mgmt program is set up - Conduct occasional inside security survey and outer helplessness assessments. - Conduct typical inspecting, audit, and record go down procedures. - Confirm the presence of recently recognized vulnerabilities and introduce patches.

Slide 23

CRITERIA RECOMMENDED ACTIONS INFOCON Level: ALPHA Increased Risk of Attack - Indications & Warning (I&W) demonstrate general threat. - Regional occasions happening which influence US interests and include potential foes with suspected or known CNA capacity. - Military operations, possibility, or practice arranged or progressing requiring expanded security of data systems. - Information framework tests, checks or different exercises identified. - Accomplish all activities required at INFOCON NORMAL - Execute proper security rehearses. For example: - Increase level of evaluating, survey, and record go down techniques. - Conduct inner security audit on basic systems. - Heighten attention to all information frameworks users. - Execute proper cautious strategies.

Slide 24

CRITERIA RECOMMENDED ACTIONS INFOCON Level: BRAVO Specific Risk of Attack - Indications & Warning (I&W) show focusing of particular framework, location, unit, or operation. - Major military operations, possibility, or practice arranged or progressing requiring expanded security of data systems. - Significant level of system tests, examines or different exercises detected. - Network infiltration or refusal of administration endeavored with no effect to DoD operations. - Accomplish all activities required at INFOCON ALPHA. - Execute fitting security rehearses. For example: - Increase level of evaluating, survey, and record move down procedures. - Conduct prompt inside security audit on basic frameworks. - Heighten consciousness of all information frameworks users. - Execute suitable protective tactics.

Slide 25

CRITERIA RECOMMENDED ACTIONS INFOCON Level: CHARLIE Limited Attack(s) - Intelligence assault assessment(s) demonstrate a restricted attack. - Information framework attack(s) distinguished with constrained effect to DoD operations: - Minimal achievement, effectively counteracted. - Little or no information or frameworks compromised. - Unit ready to fulfill mission. - Accomplish all activities required at INFOCON BRAVO. - Execute fitting reaction activities. For example: - Maximum level of examining, survey, and record go down procedures. - Limit movement to mission fundamental correspondence as it were. - Reroute mission-basic correspondence through unaffected systems . - Disconnect non-mission-basic networks . - Execute suitable protective tactics.

Slide 26

CRITERIA RECOMMENDED ACTIONS INFOCON Level: DELTA General Attack(s) - Intelligence assault assessment(s) show a restricted attack. - Successful data framework attack(s) recognized which effect to DoD operations: - Widespread episodes that undermine capacity to work effectively. - Significant danger of mission disappointment. - Accomplish all activities required at INFOCON CHARLIE. - Execute proper reaction activities. For example: - Designate interchange data frameworks - Implement methods for leading operations in "stand-alone" mode or physically. - Isolate traded off frameworks from rest of network. - Execute fitting cautious tactics.

Slide 27

INFOCON Impact Gain Loss Full Connectivity No transfer speed limitations Normal OPTEMPO Normal guarded stance; no extra measures taken Normal 10% enhanced security Increased probability gatecrashers will be vanquished or gotten If adequate, no requirement for higher INFOCON 0% diminishment in OPTEMPO 0% lessened availability Affected systems might be disengaged 0% delay in data get to Alpha 35% enhanced assurance Increased probability interlopers will be crushed or gotten If adequate, no requirement for higher INFOCON 25% decrease in OPTEMPO 20% lessening in network Affected systems might be disconnected 20% postponement in data get to Bravo 75% enhanced insurance Increased probability interlopers will be vanquished or gotten If adequate, no requirement for higher INFOCON half diminishment in OPTEMPO 40% lessening in network Affected systems might be detached 40% deferral in data get to Charlie 90% enhanced security Increased probability interlopers will be vanquished or gotten If adequate, no requirement for higher INFOCON 70% diminishment in OPTEMPO

Recommended
View more...