Operational Security (OPSEC) is a risk management process that protects sensitive information by identifying what critical data adversaries might exploit, analyzing vulnerabilities, and implementing controls (like strong passwords, access limits, and employee training) to stop them, ensuring data stays safe across digital and physical operations. It’s about viewing your operations from an attacker’s perspective to find and fix security gaps before they’re used, covering everything from network access to employee social media habits.