Fundamentals

Operational Security

OpSec is the process of protecting data assets throughout their lifecycle. It ensures sensitive information remains confidential, intact, and available during day-to-day operations.

1 The Birthday Party Analogy

Imagine planning a big party. You have precious items (video games, heirlooms) you don't want damaged. OpSec is the plan to keep them safe while enjoying the party.

1

Identify Assets

Party: Deciding which items (heirlooms) need special care.
OpSec: Identifying critical information assets that require protection.

2

Identify Threats

Party: Thinking "Could a guest accidentally break this?"
OpSec: Analyzing potential threats and where things could go wrong.

3

Identify Vulnerabilities

Party: Locking valuable items in a safe place.
OpSec: Assessing weaknesses and implementing measures like passwords.

4

Access Control

Party: Only letting your best friend enter your room.
OpSec: Determining who has permission to access sensitive data.

5

Continuous Monitoring

Party: Watching guests to ensure they stay in common areas.
OpSec: Adapting to new threats and changes in real-time.

2 Key Components of OpSec

Access Control

Determining who can access systems and under what circumstances. Includes MFA, authorization systems, and regular audits to revoke unneeded permissions.

Asset Management

Maintaining an inventory of all hardware, software, and data. Knowing where assets are is crucial for prioritizing vulnerability fixes.

Change Management

Implementing changes in a controlled manner with testing and approval. This prevents accidental vulnerabilities during updates.

Security Awareness

Training employees on their role. Educating staff about phishing, strong passwords, and handling sensitive data effectively.

3 Responsibility & Testing

Who is Responsible?

Led by the CISO (Chief Information Security Officer) and the InfoSec team. They work with IT, HR, and Legal.

Note: OpSec requires commitment from everyone, from front-line employees to executives.

How is it Tested?

Testing helps identify weaknesses before attackers do. This is done by internal teams or external Penetration Testers.

  • Bypassing Access Controls
  • Exploiting Misconfigurations
  • Social Engineering Tactics
Previous
Progress Saved Next Lesson