Professional Development TSCM Group Inc.
Determining the Risk of a Technical Compromise
The protection of private and confidential information has become a major concern in recent years, as the technological and advanced transmission of often vitally sensitive information has become common place around the globe.
Realistically determining the risk factor is the single most important issue in deciding whether professional TSCM assistance is required for any given situation.
Generally individuals who have Influence, Money, Power, or access to Sensitive or Classified information are at the greatest risk of potential compromise and therefore, due diligence is often the first issue to be addressed, even when no activity that might suggest a compromise has been detected or is suspected.
Determining the risk factor is a complex process due to the many methods and techniques that are available to the eavesdropper and his / her motives, technical knowledge, and stake in the situation.
When someone is absolutely committed to the task of intercepting your confidential information, he or she may apply a wide variety of information gathering methods and techniques over a period of time.
It is for this reason that a properly implement TSCM program is always better than simply conducting a one (1) time sweep when the stakes are high or the potential threat is real.
In an effort to evaluate the risk factor, there are two (2) important questions that must be considered by the client.
Consider this last question carefully! Many clients greatly under value their proprietary information. Your ability to consider these two (2) questions will help dictate whether or not the services of professional TSCM personnel will be required.
After reviewing the perceived threat / risk level that you face, contact the Technical Security Branch (TSB) from a secure location, and do nothing that might indicate to the eavesdropper that you are contracting TSCM related services.
Try to maintain a normal workplace environment, but discontinue any activities relating to classified or sensitive information, until the inspection has been undertaken.
TSB Threat Level Determination
The TSB has implemented a unique two (2) step process for determining and classifying the various threat levels that our clients might face, based on all available technical security research, and our thirty (30+) years of experience in conducting TSCM related assignments around the globe.
The TSB has developed five (5) additional specific threat levels that ultimately determine the actual minimum equipment resources, personnel qualification and experience, and the methods and techniques utilized for each specific sweep assignment.
Step One (1)
It is important to first determine, to the best of your ability, whether or not the threat of compromise is internal or external in nature.
The best person to provide input to this question is the client or his / her representative, and will often be based on the reason for considering contracting TSCM services in the first place.
Typically, internal threats include, employees from all levels of the target organization, including management personnel, cleaning staff, temporary administrative employees, disgruntled personnel (known or unknown), issues relating to past, current, and future labor unrest, and all other persons that work directly for, or have regular unescorted access to the target facility.
Internal threats can be electronic or non-electronic in nature.
Typically, external threats include, outside contract personnel, including site security guards, service and maintenance staff (office equipment service personnel, telephone company installers, public utilities, etc.), repair crews, government agencies (regulatory and other inspectors) business competitors, industrial spies, and foreign governments in general , including those countries considered to be allies.
External threats can be electronic or non-electronic in nature.
Step Two (2)
Once it has been determined within a reasonable certainty as to whether the threat is internal or external in nature, the next step is for the TSB to determine the best way to implement the TSCM sweep plan in consultation with the client.
Timing is extremely important to consider. It is also important to correctly identify the actual threat level either before, or early in the TSCM assignment, so that the correct equipment resources, and personnel can be utilized at the correct time.
TSB (Technical) Standard TM - Threat Level I
Typically includes the protection of classified, protected and restricted information relating to such issues such as national security, government, military, embassy, and law enforcement related functions. There is also some cross over with corporate client's engaged in certain sectors.
TSB (Technical) Standard TM - Threat Level II
Typically includes protected and proprietary information, relating to corporate (and other business environments), research and development, corporate security, travel planning, protective operations, and a variety of industrial, manufacturing and commercial related business functions.
TSB (Technical) Standard TM - Threat Level III
Typically includes confidential and sensitive information, relating to high profile sales and marketing, lawyers, media monitoring, disgruntled employees and internal matters and issues surrounding labor unions and their activities.
TSB (Technical) Standard TM - Threat Level IV
Typically includes confidential and private information, relating to cases involving criminal harassment and stalking scenarios, invasion of privacy issues, and investigative monitoring conducted by some private investigators and other interested parties.
TSB (Technical) Standard TM - Threat Level V
Typically includes private and personal information, generally involving or relating to domestic disputes and situations, targeted radio scanning and monitoring of cordless telephones, and other electronically assisted surveillance activities.
Once you have determined that a technical threat or compromise may in fact exist, and you have decided to seek assistance, you should remember that an effective and detailed TSCM investigation requires many years of specialized training, certification and experience, along with a complete, up to date list, of sophisticated TSCM specific equipment resources.
It is imperative that you make your choice carefully in this regard.
Beware of the internet companies or individuals that are popping up all across cyber space with cheap ineffective equipment with no training or experience, who are more than willing to charge either a fraction of the cost of what a professional bug sweep inspection should be, or on the other extreme, excessive rates and will provide you with nothing more than a false sense of technical security leaving your organization, business or personal affairs at the risk of further compromise.
It is not uncommon for client's to have been taken in by such operators and the lure of a cheap discounted rate or smooth talking sales broker who simply sub-contracts to the lowest bidder available (professional operators simply will not work for them), only to finally contact Professional Development TSCM Group Inc., out of frustration of having dealt with these sub-par operators.
Your money will have been wasted and your situation will likely be further compromised.
The Technical Security Branch (TSB) utilizes only the highest level of professional grade TSCM equipment resources and you deal with the most knowledgeable experts in the industry.
Who you choose to perform your TSCM sweep inspections will become just as important as the TSCM bug sweep itself and you only get one (1) chance to do the job right the first time.
Like any other professional service you should always research and educate yourself before spending your money on less expensive sub par services.
Legitimate TSCM personnel maintain federal level security clearances and have years of training and real operational experience and are not involved in conflict of interest, nor install surveillance devices.
Kestrel TSCM ® Professional Software | Signal Intelligence Support System (SISS) TM
Canada & USA: 1-888-293-7384 | Toronto: (647) 293-7384 | Calgary: 410-812-0737 | Ottawa: 613-903-7577
Copyright © 2018 | All Rights Reserved
Last Revised: Tuesday October 16, 2018 20:25:26