The MSF Military Pocket Guide: OPSEC and PERSEC

In this new series, we give you the facts you need to understand the United States Military.

Some of the most popular terms you may have heard around the military community are OPSEC and PERSEC, but what do they exactly mean and how does it affect the military family?

OPSEC is a short way to say Operations Security and it protects unclassified but sensitive information from potential threats. Information that can fall under OPSEC would be deployment dates, training details, and troop movements. In some units, OPSEC can be stricter than others, meaning family members cannot share any information even with friends. In more extreme cases families are not notified of a deployment location and time frame for the sake of secrecy.  

PERSEC is the short form of the term Personal Security and it protects personal information, such as a service member’s rank, your address, and any information about your family. Just like your social security number, this is information you wouldn’t want to share. 

While PERSEC is similar, it is NOT OPSEC. OPSEC can be thought of as day-to-day operations ranging from weapon serial numbers to where service members are going for the day. PERSEC is sometimes not as enforced as OPSEC and it relates to the individual. 

The History of OPSEC

In the United States during World War II, OPSEC was a major part in public affairs. Numerous posters and pamphlets were printed reminding the general public to keep quiet, as the enemy could be listening at any moment. The phrase “loose lips sink ships” became the most memorable.

While protecting information is as old as war itself, the term OPSEC wasn’t coined until the Vietnam War. In 1966, United States Admiral Ulysses Sharp established a security team to investigate the failure of certain combat operations, which was dubbed Operation Purple Dragon. When the operation was concluded, the Purple Dragon team presented their recommendations in a process called “operation security” in order to distinguish it from existing measures and ensure continued support from others in the agency.

There is a 5 step process in OPSEC that assists an organization in identifying specific pieces of information requiring protection:

  1. Identification of critical information: Information about friendly intentions, capabilities and activities that allow an adversary to plan effectively to disrupt their operations.
  2. Analysis of threats: a threat comes from an adversary – any individual or group that may attempt to disrupt or compromise a friendly activity.
  3. Analysis of vulnerabilities: examining each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then comparing those indicators with the adversary’s intelligence collection capabilities identified in the previous action
  4. Assessment of risk: planners analyze the vulnerabilities identified in the previous action and identify possible OPSEC measures for each vulnerability. Then, specific OPSEC measures are selected for execution based upon a risk assessment done by the commander and staff. 
  5. Application or appropriate OPSEC measures: the command implements the OPSEC measures selected in the assessment of risk action or, in the case of planned future operations and activities, includes the measures in specific OPSEC plans. Countermeasures must be continually monitored to ensure that they continue to protect current information against relevant threats.

Why should I care about OPSEC and PERSEC?

As a member of the military community, families and spouses are some of the first in the line of defense when protecting the mission and personal information. Nowadays, PERSEC and OPSEC violations happen mostly on social media, either on your own post feed or on a military support group. 

Here’s some examples of statements that break OPSEC and PERSEC:

  • “My soldier is deploying in 2 weeks.”
    This sentence reveals the time frame in which the service member will be gone, which violates OPSEC.
  • “I will be living all alone for a while.”
    This sentence is not safe, because it is showing that you will be alone which is personal information regarding your security. This violates PERSEC.
  • “Send us thoughts and prayers, my spouse is deploying to the Middle East tomorrow.”
    This statement reveals a time line and a location, which is too much information about a service member’s movements and puts the unit at risk. You can ask for support without revealing information, sharing that they are overseas is enough to get on the radar of support.

How can I prevent OPSEC and PERSEC violations?

When in doubt, it is better to be safe than sorry. Here are some tips that you can take into  account when you are faced with a possible situation:

  • Be careful who you talk to: What seems like an innocent conversation with your babysitter or a grocery store clerk can be much more than that. You may see it as paranoia, but there are people out there looking to take advantage of information related to military movements or your personal information.
  • Safeguard your social media accounts: functions like “checking in” or tagging your location can reveal where you are to potential threats. When posting, turn off your location. Another location related issue is your metadata. Metadata is information linked to your photos or status updates. It is easy to search your location based on what is in photos you post. If your profile is very heavy on military content, make sure you have capabilities to edit content to exclude any identifying markers.
  • Service related stickers on your car: This one may seem trivial, but some stickers on vehicles can reveal a lot of information about you. “Half of my heart is in Iraq” is a prime example that lets potential threats know that your service member is not stateside. 

You can find more information on staying safe at these websites:

[adrotate banner="4"]


Start reading now!

Get instant access to the latest magazine.