Page:United States Army Field Manual 3-13 Information Operations.djvu/24

From Wikisource
Jump to: navigation, search
This page needs to be proofread.

Dosign uf Army Infomation Oporations to support friendly forte missions or not resist friendly fume activities. Perception management achieves the inilusnw otiect by conveying ur de- nying selected information to targets. DEFENSIVE INFORMATION OPERATIONS 1-63. The Army defines defensive informuukm operations as tlie intemation and coordination of policies and procedures, operations, personnel, and tech- nology to protect and defend friendly information and intbrination systems. Detensive information operations ensnm timely, accurate, and relevant in- iormstion access while denying adversaries the opportunity to exploit Eriendly intlirmation and iniimnation systems for their own purposes (FM 341), The Army definition deletes zi sentence in the joint deiinition that Lists IO elements associated with defensive IO. Army doctrine allows cum- manders to use all IO elements defensively. 1-64. Defensive IO seeks to limit the vulnerability of C2 systems to adver- sary action and to prevent enemy interference with itiendly information and INFOSYS. Defensive 10 effects include: protection, detection, restoration, and response. 1-65. Protection. Protection is all actions taken to guard against espionage or capture of sensitive equipment and information In ID, protection occurs at the digital perimeter to control aocsss to or mitigate the ei`- feots of adversary uecess to friendly decisionmakers and INFOSYS. Protection applies to both the quantity and quality of information. it denies the ndvei-· sary intiwrtnation about triendly capabilities and intentions by controlling in~ dicators. 1-66. Detection. Detection is to discover or discern the existence, presence, or fact of an intrusion into information systems. Detection is the identification of adversary attempts to gain access to friendly informa- tion nnd INFOSYS. Detection begins with INFOSYS users and ndministrzr tors. Timely detection and reporting are the keys to initiating resmration and response. Electronic dctectinn occurs at the internal digital perimeter. 1-67. Restoration. Resmrattbn is to bring information systems back to their original state. Restoration is roestablishment of essential capabili- ties of INFOSYS damaged by enemy oiiensivc IO. Restoration may rely on backup or redundant links, INFOSYS components, or alternative means of in- tlirmution transfer. 1-68. Response. Response in information operations is to react quickly to an ndversary‘s information operations nttsck or intrusion. Timely identification of adversaries, their intent and capabilities, is the cor- nerstone of effective response to adversary offensive IO. 1-69. Defensive IO uses technical and nontechniual activities to limit the vul- rnambitity of friendly C2 systems no hostile IO. It also seeks to prevent adver- saries hom tempering with friendly force information or interfenng with friendly C2 systems;. Defensive IO supports eiibrts to maintain effective C2 by countering or turning to friendly advantage adversary IO ettorts. Timely, accurate intelligence—some of which is based on information collected during oiiensive l()—is essential to defensive IO. Forces tvmdueting defensive IO |·11