Defense Secretary Mark Esper has issued a memo reinforcing restrictions against unauthorized disclosures of information—operations security, or “OPSEC” in military lingo—in the process ordering that civilian, military and contractor personnel take an online security training course within the next 60 days.
“Whether poor OPSEC takes the form of careless cyber hygiene, “loose talk” among colleagues, or the willful release of non-public information, the result is the same: unnecessary and increased risk of harm to our fellow Americans and our mission,” the memo says.
“Any transmission or communication of non-public information to the public or an unauthorized recipient is considered an unauthorized disclosure. Unauthorized disclosures, regardless of purpose or intent, can result in adverse personnel action, including unsatisfactory performance evaluations, records of formal counseling, the loss of security clearances or termination of employment, or even criminal prosecutions,” it says.
In addition to taking the training, the memo says that personnel must:
“Be deliberate and careful with all classified, controlled unclassified, and predecisional policy information and proposals. Just because someone has a clearance, or previously worked for DoD, does not mean they have a need to know.”
“Ensure that an appropriate DoD Public Affairs office authorizes the release of official DoD information to the news media, or that information is released according to appropriate procedures (e.g. , Freedom of Information Act).”
“Comply with all prepublication review policies, with which you are required to comply even after you retire, resign, or are dismissed from your Government service or contract.”
“Comply with security clearance-related obligations to report certain contacts to your security offices.”
“Review current DoD-wide and organization-specific OPSEC and traditional security practices, and ensure compliance with those procedures.”
It adds that the department “remains committed to transparency to promote accountability and public trust. However, it is important to emphasize that unclassified information is not publicly releasable until it is approved for release by an appropriate authorizing official.”