R 161945Z MAR 25 MARADMIN 194/25 MSGID/GENADMIN/CMC PPO WASHINGTON DC// SUBJ/OPERATIONS SECURITY PRACTICES FOR WARFIGHTING// REF/A/MCO 3070.2A/THE MARINE CORPS OPERATIONS SECURITY PROGRAM POC/S. M. DOIN/CIV/PP&O/EMAIL: [email protected]// GENTEXT/REMARKS/ 

1. Purpose. In accordance with ref (A), to increase the overall  operations security (OPSEC) awareness and effectiveness across  the force by combating complacency, increasing situational  awareness of vulnerabilities, and underscoring best practices for all Marines to keep in mind as they go about their warfighting business. 
2. As we carry out our daily missions and modernize for the future operating environment under Force Design concepts,  it is vital to remember that our success depends not only on our strength and skill but also on our ability to protect the integrity of our operations.  Operations security is an  essential part of maintaining our tactical advantage,  ensuring mission success, safeguarding the safety of every  Marine, and enables our contributions to the Joint Force.   We must perform OPSEC with the same diligence as other operational tasks. 
3. OPSEC is everyone’s responsibility.  Whether you're deployed in the field, stationed at home, or in transit, your actions can have a direct impact on the security of our unilateral, Joint,  and combined operations.  Discretion in what we share,  where we share it, and with whom we share it is key to preventing adversaries from gaining valuable information.
4. Key Principles to Remember: a)      Know Your Critical Information:  Understand what information and indicators need protection from the Critical Information and Indicators List (CIIL); be vigilant in how you handle and safeguard  this information. Your OPSEC Program Manager is responsible for publishing your commander’s CIIL. b)      Limit Communication:  Be mindful of conversations in public spaces, online platforms, and social media. A simple comment can  provide an enemy with a significant advantage. Adversaries  can correlate seeming disparate data together with advanced  computing that can produce indicators of our activities. c)      Monitor Your Surroundings: Always be aware of your environment and potential threats.  This includes monitoring  communication channels and ensuring that sensitive materials are not exposed. Foreign intelligence entities are employed, paid, and promoted based on their ability to collect USMC information  – they are incentivized to steal information from you. d)      Report Suspicious Activity: Your reporting of OPSEC  violations and possible indicator exposures helps improve the  operations security process and ultimately improves the USMC’s  ability to conduct operations.                    
5. Best Practices: a)      Personal Cell Phones. Personal cell phones are a major vulnerability that adversaries targeting you and your unit can  exploit while utilizing a foreign communications network, i.e.  while operating overseas.  If your command authorizes you to take your personal cell phone, protect your personal information through encryption and virtual private networks to reduce vulnerabilities. b)      Global Positioning Systems (GPS). Commercial GPS devices can be spoofed since they lack military encryption, i.e. adversaries  falsify the GPS signal – putting you and your fellow Marines at risk during a host of activities that require you to report your position accurately. Many civilian systems, like personal fitness devices,  collect, aggregate, and make your location data available for sale and exploitation. Recommend using only Marine Corps approved GPS devices. Remain proficient at using map and compass. c)      Geotagging. If you take a digital picture using a personal  electronic device, there is metadata associated with that picture. The metadata includes, but is not limited to, the location where the picture was taken, the time, and other identity-related information,  and is stored digitally on the file along with other amplifying  information. Do not post personal pictures to social media that may  reveal sensitive information about Marine Corps operations.  A seemingly trivial picture taken while deployed, at an exercise, or aboard a military installation may reveal critical information to an adversary particularly when corroborated or compiled with  other adversary collection means. d)      Pictures and Videos. Ensure you are aware of what is in the background of pictures and videos before releasing it on social  media or to the public and ensure it is cleared through Communication Strategy and Operations (COMMSTRAT), OPSEC and/or  the Foreign Disclosure Officer. Be especially careful when taking pictures at military exercises. Maps, computer screens,  signs, etc. may reveal Tactics, Techniques, and Procedures  (TTPs) or other critical information that may be useful to an adversary, especially when paired with other collection means. Pictures are generally not authorized on military  installations or during operations and training. Your commander should provide guidance and identify appropriate security review procedures when photography is necessary. e)      Communication Strategy. Ensure all information, pictures,  videos, etc. undergo an OPSEC review based off your individual unit’s CIIL before releasing to the public. COMMSTRAT personnel can assist with visual information policy and procedures.  f)      Social Media. Social media is ever present on your devices; many applications persistently collect identifiable information  about you, your location, and your associations that can be  exploited by adversaries. If you do use social media, utilize U.S. based social media applications, ensure your settings are private,  and do not post anything that an adversary may use to ascertain critical information about Marine Corps operations. Avoid  applications made by companies that are based in adversary countries/locations or those that have a demonstrated history of poor cyber security. g)      Family Awareness. Talk to your family members about OPSEC. They might not even consider the dangers of sharing operational or sensitive information with friends, family, or on social media  posts. You may need to have face-to-face conversations about timing and general location of where you are deploying. However,  inform your loved ones of what they can and cannot say to others. Speak to your children about how important it is that they keep information about you private.  
6. In every action, whether at home station or in the field, prioritize the protection of our operations from passive and active collection by foreign intelligence entities.  The safety of our  fellow Marines and the success of our mission depend on the  security we maintain in all that we do.  Stay vigilant, stay  secure, and continue to uphold the highest standards of  operations security.
7. Points of contact: 7.a. Col John Maher, PP&O, PLX, Special Activities Branch Head: 703-692-4866, email: [email protected] 7.b. Sara Doin, PP&O, PLX, USMC OPSEC Program Manager: 703-692-0703, email:  [email protected].
8. Release authorized by Lieutenant General James W. Bierman,  DC PP&O//