Professional Development TSCM Group Inc.
 

Home

Company Profile

Key Personnel

Professional Services

Contact Us - Canada

TSB Fact Sheets

TSB Photo Gallery

Determining the Risk

Recognize the Signs

Common Questions

TSCM Warning

Statistical Information

Equipment Resources

TSCM Equipment Sales

Sub-Contractor Program

Best Practices Workshop

Certification Training

TSB Virtual Museum

TSB Standard

TSB Operational Area

Scope of Work

Employee of the Month

PDTG

TSB

TSS

CTSPA

CTSC

  

 

 
 

Determining the Risk of a Technical Compromise

The protection of private and confidential information has become a major concern in recent years, as the technological and advanced transmission of often vitally sensitive information has become common place around the globe.

Realistically determining the risk factor is the single most important issue in deciding whether professional TSCM assistance is required for any given situation.How secure are your telephone lines?

Generally individuals who have Influence, Money, Power, or access to Sensitive or Classified information are at the greatest risk of potential compromise and therefore, due diligence is often the first issue to be addressed, even when no activity that might suggest a compromise has been detected or is suspected.

Determining the risk factor is a complex process due to the many methods and techniques that are available to the eavesdropper and his / her motives, technical knowledge, and stake in the situation.

When someone is absolutely committed to the task of intercepting your confidential information, he or she may apply a wide variety of information gathering methods and techniques over a period of time.

It is for this reason that a properly implement TSCM program is always better than simply conducting a one (1) time sweep when the stakes are high or the potential threat is real.

In an effort to evaluate the risk factor, there are two (2) important questions that must be considered by the client.

  • Who would benefit from obtaining the sensitive information that you control?
  • What is the actual real dollar value of the information you control?

Consider this last question carefully! Many clients greatly under value their proprietary information. Your ability to consider these two (2) questions will help dictate whether or not the services of professional TSCM personnel will be required.

After reviewing the perceived threat / risk level that you face, contact the Technical Security Branch (TSB) from a secure location, and do nothing that might indicate to the eavesdropper that you are contracting TSCM related services.

Try to maintain a normal workplace environment, but discontinue any activities relating to classified or sensitive information, until the inspection has been undertaken.

 

TSB Threat Level Determination

The TSB has implemented a unique two (2) step process for determining and classifying the various threat levels that our clients might face, based on all available technical security research, and our thirty (30+) years of experience in conducting TSCM related assignments around the globe.

The TSB has developed five (5) additional specific threat levels that ultimately determine the actual minimum equipment resources, personnel qualification and experience, and the methods and techniques utilized for each specific sweep assignment.

 

Step One (1)

It is important to first determine, to the best of your ability, whether or not the threat of compromise is Internal or External in nature.

The best person to provide input to this question is the client or his / her representative, and will often be based on the reason for considering contracting TSCM services in the first place.

 

Internal Threats

Typically, internal threats include, employees from all levels of the target organization, including management personnel, cleaning staff, temporary administrative employees, disgruntled personnel (known or unknown), issues relating to past, current, and future Labour unrest, and all other persons that work directly for, or have regular unescorted access to the target facility.

Internal threats can be electronic or non-electronic in nature.

 

External Threats

Typically, external threats include, outside contract personnel, including site security guards, service and maintenance staff (office equipment service personnel, telephone company installers, public utilities, etc.), repair crews, government agencies (regulatory and other inspectors) business competitors, industrial spies, and foreign governments in general , including those countries considered to be allies.

External threats can be electronic or non-electronic in nature.

 

Step Two (2)

Once it has been determined within a reasonable certainty as to whether the threat is internal or external in nature, the next step is for the TSB to determine the best way to implement the TSCM sweep plan in consultation with the client.

Timing is extremely important to consider. It is also important to correctly identify the actual threat level either before, or early in the TSCM assignment, so that the correct equipment resources, and personnel can be utilized at the correct time.

 

Threat Level I

Typically includes the protection of classified and restricted information relating to such issues such as national security, government, military, embassy, and law enforcement related functions.

 

Threat Level II

Typically includes protected and proprietary information, relating to corporate (and other business environments), research and development, corporate security, travel planning, protective operations, and a variety of industrial and commercial related business functions.

 

Threat Level III

Typically includes confidential and sensitive information, relating to high profile sales and marketing, lawyers, media monitoring, disgruntled employees, and issues surrounding Labour unions and their activities.

 

Threat Level IV

Typically includes confidential and private information, relating to cases involving criminal harassment and stalking, invasion of privacy issues, and investigative monitoring conducted by some private investigators and other interested parties.

 

Threat Level V

Typically includes private and personal information, generally involving or relating to domestic disputes and situations, targeted radio scanning and monitoring of cordless telephones, and other electronically assisted surveillance activities.

Once you have determined that a technical threat or compromise may in fact exist, and you have decided to seek assistance, you should remember that an effective and detailed TSCM investigation requires many years of specialized training, certification and experience, along with a complete, up to date list, of sophisticated TSCM equipment resources.

It is imperative that you make your choice carefully in this regard.

Beware of the companies or individuals with cheap ineffective equipment, with no training or experience, who are more than willing to charge either a fraction of the cost of what a professional sweep inspection should be, or on the other extreme, excessive rates, and will provide you with nothing more than a false sense of technical security.

Your money will have been wasted and your situation will likely be further compromised. The Technical Security Branch (TSB) utilizes only the highest level of professional grade TSCM equipment resources.

Who you choose to perform your TSCM sweep inspections will become just as important as the TSCM sweep itself, and you only get one (1) chance to do the job right the first time.

Like any other professional service you should always research and educate yourself before spending your money on less expensive sub par services.

Legitimate TSCM personnel maintain federal level security clearances and have years of training and experience.

 

 

Go Back     Go Forward

Copyright © 2010 - All Rights Reserved

Last Revised: Thursday August 12, 2010 12:24:38

| Webmaster | Copyright | Legal Notice | Privacy |