Wyche Innovation Centre,
Bridging the Gap between Physical & Cyber Security
Assure Technical speaking about the organisational threat of proximal devises that evade both Physical Security and standard Cyber & IT Security defences at the March 2014 Enterprise Security & Risk Management Conference in London.
Contact Us Today for a confidential discussion regarding your requirements
Okay. Now that we’ve looked at the kind of, the very, very basics of threat and vulnerability, we’ll just look at Technical Surveillance Counter Measures as itself as a service. So I think this is the kind of D.O.D definition of TSCM, but what it doesn’t take into consideration is communication security and IT security.
Now, I’m not going to step up my depth and start talking about IT security. That’s not my realm, however, I think when we take a look at the next slide, we see how they fit together. And this is the biggest vulnerability that I perceive in the Corporate world which is visioned from what I’ve seen in the kind of Government world.
You have your physical security and your physical security budget. You have your IT security and your IT security budget. You put them together and there’s always a gap. There are devices, which are manufactured specifically for that gap, devices which will not be found by standard physical security, devices which cannot be found by standard IT and cyber defence.
I’ll give an example and it’s a brief example. We have a thing back in the workshop which is called a passive sniffer and it’s a small box about this big. It has four ports. Two ports with double communication, two ports with one-way communication. That can sit quite happily on a wired network and sniff the packets from that network. If we attach a 3G device into there, 3G technical surveillance device, we can open a direct 3G tunnel to sniff packets from that network. The cost of that is £50. The ability needed to put that in – anybody could put it in, okay?
So the reality is that TSCM, while it might seem a little bit James Bond, it might seem a little bit will never happen to us, there is a gap and there is a gap in most people’s security strategies.