Technical Protection

There is a recognised acceptance by national bodies that electronic surveillance attacks are on the increase. It is becoming a more realistic proposition within organised crime and is a threat not only to national infrastructure but also to commercial entities. To assess an organisation's ability to manage this risk, key questions are worth raising:

How many security incidents have been logged over a given period, and what type are they?
Is the threat from electronic surveillance or attack entered on your risk register?
Are you monitoring or testing your own information systems?
Do you have a security strategy, aligned to your business plan?

The Threat:

Competitors and criminals can make use of near or 'on site' technical surveillance equipment to gain valuable information and data. Such equipment includes:

GSM 'bugs' - using mobile phone technologies
Concealed radio transmitters or audio recorders
Telephone tapping equipment
Directional audio listening devices

Competitors and criminals can operate electronic intrusion/attack remotely to gain valuable information via the internet. Methods include:

Vulnerability: an executable program, e.g. trojan horse/bug, lodged in a computer program that may be exploited to gain privileges on a computer network
Exploit: a program or strategy to exploit vulnerability. An exploit may be either local or remote, social and/or technical

The mitigation options include an assessment of the threat, introduce business processes and responsibilities, but also some specific proactive security services:

Electronic and Physical Search – It involves the physical search and electronic use of counter-surveillance equipment to protect the client and their assets.

Virtual Penetration Test – It involves the virtual analysis and testing of the client's electronic profile and vulnerabilities. This service is a service delivered in collaboration with the business IT department to safely test the systems involved.

other services