It's an interesting argument and also (unfortunately) one that leaves me so frustrated that I want to punch something (or more often someone).Originally Posted by 120mm
OPSEC is a measure to protect EEFI from enemy ISR (in simple generic terms). The correct application of OPSEC means taking measures to protect those EEFI from enemy ISR knowing the various forms of collection they will/are likely to/or possibly could undertake (stay with me here I know I'm probably preaching to the converted).
Yet how much time do we put into actually developing our EEFIs? Everyone has seen a published and approved EEFI along the lines of "weapons systems employed by XXX" ... how in the hell are you meant to protect an EEFI that has been dreamed up by some 2 shop guy on a sugar and caffeine hit that is so generic that simply walking outside the armoury breaches it.
EEFIs must be specific ... generic just don't cut it as it leaves too much open to interpretation (although I will admit it makes the staff work a hell of a lot easier). The 2 guys need to provide the threat, the IO/PA guys need to provide the info IPB as to just what is out there officially and what isn't and the 3 guys and the commander need to make a call about what they want to protect (and the associated impacts of applying that EEFI). More importantly the EEFIs need to be reviewed and not just staffed at the beginning of a operations and 6 years later soldiers are still trying to use the same info.
Of course this doesn't just apply to weapons, personal ID is another great one. If we want to protect the identities of our soldiers for OPSEC reasons why do we all wear name tags, unit identifiers and rank on our uniforms when deployed? And then we complain when PA guys use that detail? (Admittedly I've seen so many examples of the PA guys going above and beyond in working out the names of a soldier's first born there is some issues on their behalf as well.) Good OPSEC is more than just what appears in the papers and on the web … it’s a completely cultural thing.
We've been through the mill on this and in reality unless an OPINST has an extremely comprehensive EEFI list (that is based on reality i.e. what can be easily found on official/authorative sites in the public domain already) that is signed by the operational commander it can't hold water. Importantly though to be comprehensive the EEFI list must be highly classified as it essentially details all of those specifics you are trying to protect. In our case the PA guys actually have something to work to in support of the operation and actively seek to be part of the EEFI development process. I would go so far as to say make the PA guys responsible for the staff work to develop the EEFIs (with the J3 as the immediate approving authority). Nothing makes you apply a policy like having some ownership over it.
However my greatest frustration stems from the belief of some of our Coalition partners that our EEFIs are perishable (usually after an operation concludes and everyone wants to pat themselves on the back). If it is an EEFI it remains an EEFI until such point that a commander deems that information no longer requires protection! Thankfully I don't operate in an environment where "the first amendment" seems to be the trump card over good information environment policy.
Bookmarks