> ... Once the amount of risk is determined, consider cost, time, and effort of implementing OPSEC countermeasures to mitigate risk. Factors to consider include:
> (1) The benefit and the effect of the countermeasure on reducing risk to the mission.
> (2) The cost of the proposed countermeasure compared with the cost associated with the impact if the adversary exploited the vulnerability.
> (3) The possibility that the countermeasure could create an OPSEC indicator.
> ... Once the amount of risk is determined, consider cost, time, and effort of implementing OPSEC countermeasures to mitigate risk. Factors to consider include:
> (1) The benefit and the effect of the countermeasure on reducing risk to the mission.
> (2) The cost of the proposed countermeasure compared with the cost associated with the impact if the adversary exploited the vulnerability.
> (3) The possibility that the countermeasure could create an OPSEC indicator.
DoD OPSEC manual at pp 13-14
https://www.opsecprofessionals.org/official/081103_DOD_OPSEC...