http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/ "That's Not OPSEC" Wed, 08 Feb 2012 00:59:12 +0000 http://wordpress.org/?v=2.2.1 http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-69684 Revelator Thu, 23 Sep 2010 14:22:41 +0000 http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-69684 I can neither confirm or deny Pizzaint. All I know is that I've heard the story sooooooooooooo many times that perhaps we can label it urban legend and move on. True or not though it is a great example of bad indicators. I can neither confirm or deny Pizzaint. All I know is that I’ve heard the story sooooooooooooo many times that perhaps we can label it urban legend and move on. True or not though it is a great example of bad indicators.

]]> http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-69682 Samantha Thu, 23 Sep 2010 14:09:47 +0000 http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-69682 I understood your point, but I thought the whole "pizza at the pentagon" thing was false? I did do a lot of reading-up, and although it is a great OPSEC example, isn't the fact that it's not true somewhat invalidate it? I understood your point, but I thought the whole “pizza at the pentagon” thing was false? I did do a lot of reading-up, and although it is a great OPSEC example, isn’t the fact that it’s not true somewhat invalidate it?

]]> http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-423 Revelator Fri, 22 Aug 2008 16:58:21 +0000 http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-423 There are many ways to handle that based on the significance of the compromise but I think the most important thing is that you know...that you are aware of the compromise and can now deal with the assumption that your adversary has this information. There are many ways to handle that based on the significance of the compromise but I think the most important thing is that you know…that you are aware of the compromise and can now deal with the assumption that your adversary has this information.

]]> http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-416 bigbeebopper Thu, 21 Aug 2008 04:57:44 +0000 http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-416 So then what do you do if there's already been a compromise?? So then what do you do if there’s already been a compromise??

]]> http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-396 Chris Cox Tue, 05 Aug 2008 21:37:50 +0000 http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-396 Great point, Revelator. You're absolutely right, and it's clear that an OPSEC program is most effective (some would say ONLY effective!) when all of the entities are aware of it and understand how it applies to them. Great point, Revelator. You’re absolutely right, and it’s clear that an OPSEC program is most effective (some would say ONLY effective!) when all of the entities are aware of it and understand how it applies to them.

]]> http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-395 Revelator Tue, 05 Aug 2008 19:35:00 +0000 http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-395 I don't ask for management support right off the bat. I get with the webmaster or senior IT person to discuss how OPSEC can support network security. Once I've concvinced them that this is actually possible then we can find ways to mutually support each other. If we get to this point then we hit up leadership as a united front and increase our success rate (for whatever it is we want) exponentially. I realize there are 1,001 different scenarios for this and I've just touched on one. If you'll go to the OPSEC Professionals Association web site you can ask any question you want to their bank of Subject Matter Experts. In this way you can be very specific and get back a very specific answer that should help you immediately. Revalator I don’t ask for management support right off the bat. I get with the webmaster or senior IT person to discuss how OPSEC can support network security. Once I’ve concvinced them that this is actually possible then we can find ways to mutually support each other. If we get to this point then we hit up leadership as a united front and increase our success rate (for whatever it is we want) exponentially. I realize there are 1,001 different scenarios for this and I’ve just touched on one. If you’ll go to the OPSEC Professionals Association web site you can ask any question you want to their bank of Subject Matter Experts. In this way you can be very specific and get back a very specific answer that should help you immediately.
Revalator

]]> http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-394 Mack.Horton Tue, 05 Aug 2008 19:26:45 +0000 http://whatisopsec.com/2008/08/01/you-aint-seen-nothing-yet/#comment-394 How do we get management to support the webmaster and OPSEC manager working together? How do we get management to support the webmaster and OPSEC manager working together?

]]>