- My Kaspersky
- My Devices
- My Products / Subscriptions
- My Orders
- Solutions for:
- Home
- Security Solutions
- Kaspersky Premium
- Kaspersky Plus
- Kaspersky Standard
- View All Solutions
- View All Solutions
Privacy & Kids
- Kaspersky Safe Kids
- Kaspersky VPN Secure Connection
- Kaspersky Password Manager
- Renew
- Support
- Resource Center
- Encyclopedia
- Glossary
The Glossary contains several hundred definitions of terms that you might come across in our articles and blogs, or on other information security sites. Unlike the in-depth articles in the Knowledge Base, every definition in the Glossary is succinct, while remaining highly informative.(This section is currently under construction)
- Knowledge Base
In the Knowledge Base, you will find various articles about common threats, a general classification of malware and unwanted messages, and a brief historical overview of the evolution of these and many other threats.The Knowledge Base now has three main sections:– The Detectable Objects section gives detailed information about malicious and potentially dangerous programs that we protect users against every single day all around the world, as well as advice on what to do in case of infection.– In the Spam and Phishing section, you will learn about phishing and spam mailings, how their creators earn money from them, and how this type of threat has evolved since the 1990s to the present day.– The articles in the Vulnerabilities and Hackers section is devoted to the topic of software vulnerabilities and how cybercriminals exploit them, as well as legislation and hackers in the broad sense of the word.
- Glossary
- My Kaspersky
- My Devices
- My Products / Subscriptions
- My Orders
- Security Solutions
- Business
- Small Business (1-50 employees)
- Medium Business (51-999 employees)
- Enterprise (1000+ employees)
- Partners
- Partners
- Find a Partner
- Affiliate
- Technology
- Whitelist Program
- About Us
- About Us
- Company
- Team
- How We Work
- Press Releases
- Press Center
- Careers
- Motorsport
- Support
- Contact Us
- Kaspersky IT Encyclopedia
- Glossary
- o
- OPSEC (Operations Security)
OPSEC (short for Operations Security) is the process of identifying and protecting critical information.
OPSEC principles were originally designed by the US military to prevent leakage of heterogeneous data chunks, which could give away a bigger piece of secret information when combined. Today, these principles are used both by infosec professionals to reduce the risk of confidential information being leaked and by cybercriminals to avoid detection.
Five steps of OPSEC
Operations security is typically divided into five steps that must be iterated on a regular basis:
- Identification of critical information. Identify which information an adversary may be interested in and which information may do the most damage to the organization if leaked.
- Analysis of threat landscape. The team then predicts who may be interested in stealing the critical information identified in step one: cybercriminals, competitors, or even employees.
- Analysis of vulnerabilities. In this next step, the list of previously identified threats is used for identifying vulnerabilities that may cause information leaks as a result of the threats being delivered on.
- Assessment of risk. After identifying vulnerabilities, infosec professionals assess the probability of each of these causing leakage of critical information and how great the damage would be. The vulnerabilities are then ranked in order of severity based on that assessment. This helps with understanding which must be eliminated first.
- Design and application of countermeasures. At this final step, the organization’s security officers design a plan for eliminating threats and mitigating data leakage risks. This may include installation of new infosec products, development of security policies, updating of employee manuals, and so forth. The measures thus planned are then implemented.
Related Posts
The principle of least privilege: what is it and why is it needed?
Never trust, always verify: The Zero Trust security model
New features in iOS 8 in light of BYOD and corporate security
Privacy predictions for 2024
Dark web threats and dark market predictions for 2024
What to do if your company was mentioned on Darknet?
Products to Protect You
Our innovative products help to give you the Power to Protect what matters most to you. Discover more about our award-winning security.
FREE Tools
Our FREE security tools and more can help you check all is as it should be… on your PC, Mac or mobile device.
About Us
Discover more about who we are… how we work… and why we’re so committed to making the online & mobile world safer for everyone.
Get Your Free Trial
Try Before You Buy. In just a few clicks, you can get a FREE trial of one of our products – so you can put our technologies through their paces.
Contact Our Team
Helping you stay safe is what we’re about – if you need to contact us, get answers to some FAQs or access our technical support team.
Connect With Us
Blog List
Securelist
Kaspersky Daily
Eugene Personal Blog
Threatpost
- Eastern Europe
- Россия (Russia)
- For all other countries
- Global
