Operations security (OPSEC) is a process that identifies critical information to determine whether friendly actions can be observed by enemy intelligence, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information.
The term “operations security” was coined by the United States military during the Vietnam War.
The private sector has also adopted OPSEC as a defensive measure against competitive intelligence collection efforts.
NIST SP 800-53 defines OPSEC as the “process by which potential adversaries can be denied information about capabilities and intentions by identifying, controlling, and protecting generally unclassified evidence of the planning and execution of sensitive activities.”[