TSCM in the Private Security Industry

Introducing TSCM

The art of technically and physically searching for illicit bugs, and/or devices, is generally referred to as a Technical Surveillance Counter Measures (TSCM) inspection. This was agreed by a committee of TSCM specialists who provided Skills for Security their public and private sector knowledge in order to establish the first UK National Occupational Standards (NOS) for TSCM. The NOS are submitted and then approved by UK government regulators, and to this day, still establish a good foundation to build UK governance for TSCM in the security industry.

Unfortunately, the TSCM industry still can’t agree on the correct name for TSCM, nevermind industry licensing! The UK National Authority for Counter Eavesdropping (UK NACE) is managed by FCO Services but still refers to ‘Technical Security Countermeasures’. The stalwarts of the industry still affectionately refer to a ‘Technical Sweep’. In theory, it references two aspects of a TSCM inspection. 1. The ‘sweep’ of a frequency range and 2. The ‘sweeping’ motion when using a particular type of equipment. TSCM is also referred to as a ‘Technical Search’ inspection, or ‘Electronic Counter Measures’ (ECM).

Definitions

For the purposes of this article, the following definitions are used by the author:

Eavesdropping. Interception of information transfer, including conversations by bugging, tapping, or other technical and non-technical means without the knowledge of the individuals.
Tapping. Illicitly connecting to conversations and communications media for the purposes of gathering information.
Bugging. The planting of suitable transducers in order to gather information.
Bug. An eavesdropping device.
Device. A piece of hardware made or adapted for a particular purpose, especially for a piece of mechanical or electronic equipment.
Information Security (InfoSec). Managing policy and process to protect and prevent information loss to digital and non-digital information (data) and to secure against unauthorised use of this data.

Eavesdropping

The Bible refers to acts of espionage, but only hints that individuals covertly listened to conversations, evidently without the sophisticated technical equipment that supports a modern-day eavesdropper. Research has not confirmed exactly where or when the word ‘eavesdrop’ was introduced into the English language, but it is believed to have originated in the 17th century.

It won’t surprise the reader that the word eavesdrop derives from two words, eaves and drop. It is believed that eavesdrop originated from when a single storey dwelling had a thatched roof; long before guttering and drainage pipes were designed. The constant dripping of rainwater from the thatched roof produced a noticeable line in the ground called the eavesdrop line. It was then said that if an individual stood inside this line, under the eaves, and stood next to a window opening (shutters), they would, in theory, be able to listen into [eavesdrop] the conversation held within the building, and without the knowledge of the occupants. The phrase ‘the walls have ears’ is recognised to support this theory.

Espionage

The act of espionage is one of the oldest professions in the world. It is alleged that espionage comes in second only behind the ubiquitous, profession of prostitution! Espionage (and possibly prostitution) continues to dominate the thoughts of leaders, executive boards, and VIPs within all businesses and sectors. Often the risks associated with business espionage and eavesdropping can be mitigated by taking simple preventative action. Business espionage quite rightly remains high on all government and commercial organisational agendas, and the need for effective counter-measures seems endless.

Threat

The main InfoSec threat is unequivocally from cyber-related actors; this may include cyber-related eavesdropping which is conceivably an IT Security concern. A conventional TSCM inspection does not cover cyberspace but could detect illicit cyber devices attached to hardware or cabling infrastructure.

Not dissimilar to Personal Protection, a professional TSCM inspection team will consider the threat. The threat of business or corporate espionage is considered to be of particular relevance to sensitive industry conversations where competition is high; in particular, between similar companies providing the same services. This, however, does not suggest that espionage is conducted by these companies, but any sensitive information loss to a rival or the impact caused by any security incident could have serious implications.

Many countries, businesses, and individuals actively seek privileged and proprietary information to advance their own political, economic, technological, and personal aspirations. The need for an action plan to cater to all Information Security (InfoSec) incidents is critical for those who have an interest in protecting some of the most valuable assets, reputation, proprietary information, and personal data.

There is a real and credible eavesdropping threat. London’s premier spy shop sold approximately 1500 covert units (covert video, audio recording, and GSM audio) from their London shop in their last financial year. This figure only includes actual units sold over the counter and does not include online sales, not to mention the number of general enquiries. In theory, if this shop remains open for 6 days a week, this equates to 5 covert sales a day. My assumption, therefore, is these people are purchasing this type of equipment to conduct a form of espionage or eavesdropping into other people’s conversations. Admittedly, a percentage will end up in the domestic world, but I have no doubts that some of this equipment will make its’ way into the corporate world.

With technological advances in recent years, in particular in the GSM industry (mobile phone/SIM card), the most capable commercial or state-sponsored eavesdropper has the capability to operate on a global scale.

Suffice it to say the technology in the eavesdropping industry means that smaller and more sophisticated technical devices are available and are easier to acquire than ever before, in particular, devices using SIM cards. The availability of these eavesdropping devices on the commercial market, and the internet, plus the additional ease of installation to a permanent power source is indicative of a significant eavesdropping threat to businesses and individuals.

The Argument

The threat from business espionage remains relevant but is on the decrease due to:
• Better awareness of the threat.
• In general, improved layers of security and procedures with the overlapping of technology and human in a corporate building.
• Improvements in employee and sub-contractor vetting.

The threat from individuals, private espionage and voyeurism (covert camera installations) is on the increase due to:
• GSM technology.
• The ease of searching for spy products on the www, the ease of purchase and installation.
• Technology advances – products are easier to use, smaller and available to purchase with no due diligence.

The Trigger

A TSCM inspection may be ‘triggered’ or requested for several reasons. Most requests received are following a confirmed or suspected leak of confidential information. Some requests are as part of good business practice and as a precautionary, proactive measure to ensure the integrity and conversational security in the areas of interest.

No matter what the trigger for the TSCM inspection is, the credible threat should be considered and a task planned accordingly.

Circumstances in which to consider an inspection can be:
• Prior to any confidential meeting/function. For example: an AGM.
• Prior to a temporary move into a location. For example: VIP into hotel room.
• Following a confirmed or suspected physical security breach.
• Following a confirmed or suspected leak of confidential information.
• Supporting an investigation to confirm/deny facts.
• Supporting other search/inspection regimes (i.e. physical, explosive/drug dogs).
• Following the introduction of new equipment/furniture/fittings.
• Following a period where third party sub-contractors have completed construction work, cabling work, or renovation.
• Periodically (as required).

UK Governance

Apart from the NOS and UK NACE, the lack of UK government direction, and private security industry governance or licensing, is commonly flaunted by poorly trained, inefficient, and maverick TSCM teams. Anyone can purchase equipment and purport to deliver TSCM in the commercial sector. This is not uncommon in any other sector or security capability that struggles with regulation and standards. The advocates of the Skills for Security NOS committee formed the concept of a TSCM institute (TSCMi), a trade body established to create an ethical culture, draft legislation, best practice, and guidance for TSCM practitioners. However, the TSCMi remains self-governing and to date, has no formal UK government support.

Health & Safety

A minimum two-person team, working in tandem, is generally accepted. I do not concur with the counter-argument from the solo practitioners. Working with, and close to 240v ac electricity, working at height, plus an inspection is normally conducted in unsociable hours when a building is on minimal manning, not to mention the overlapping, complementing techniques of a two-person team, concludes me to endorse my argument, based on health and safety and procedures, that a minimum of two persons is always recommended.

Legalities

A TSCM inspection capability should not deliberately interfere with or prevent the operation of third-party communication equipment; specifically, the transmission of, or the receiving of, licensed communications equipment and frequencies. In particular, from the main threat vector, GSM signals and the omnipresent SIM card.

The legal way to conduct a TSCM inspection is by employing SIM card detectors that, without transmitting any interfering signal, provide visible and/or audible warnings if an active or passive device is nearby. The ability to determine if a GSM device is in the area of interest should be ascertained by the powers of deduction, technology, and also the overlapping TSCM search techniques.

TSCM in the Private Security Industry

By Ben Gunn

Ben is a former member of the British Army spending 29 years out of a 33-year military career in UK Special Forces – 19 years in the Regulars and a further 10 years in the Reserve. He had a unique military career; initially expeditionary and latterly, 4 years seconded to Intelligence and a further 4 years in a Counter-Terrorism liaison role. Ben is a businessman, incorporating a UK Special Forces tenet into his business planning; ‘the unrelenting pursuit of excellence’ and as such, has established under his directorship, a truly global company based in London, offering a multi-service approach to the security of

E: ben.gunn@olchon.co.uk
T: +44 (0)203 1903030

Share276

276 Shares

Leave a Reply Cancel reply

Zelenskiy Denies Ukraine’s Involvement in Alleged Kremlin Drone Attack

Ukrainian President Volodymyr Zelenskiy has refuted Russia’s claims that Ukraine was involved in a drone attack on the Kremlin, which was allegedly aimed at killing Russian President Vladimir Putin. Zelenskiy stated that Ukraine fights and defends its territory, not attacking Putin or Moscow. The Kremlin reported that two drones were used in the attack but were disabled by Russian defenses.

Bodyguard Saves Japanese PM from Pipe Bomb Attack

A bodyguard has been hailed as a hero for his quick-thinking actions during a suspected pipe-bomb attack on Japanese Prime Minister Fumio Kishida. Video footage captured the bodyguard kicking away a metal object as it landed near Kishida
before positioning himself between the Prime Minister and the device, shielding him with a collapsible, handheld ballistics shield.

AlertEnterprise Reveals First-Ever Guardian AI Chatbot Powered by OpenAI ChatGPT

AlertEnterprise has unveiled its first-ever Guardian AI Chatbot powered by OpenAI ChatGPT. The chatbot will make its global debut at the ASIS Europe and ISC West trade events. Built on OpenAI’s GPT-3 platform, the Guardian AI Chatbot aims to provide security operators with instant access to critical physical access and security insights through quick questions and prompts.

Transferable Skillsets from Nightclub Security Professionals

In fact I would venture to say that one should almost seek out the experience before pursuing some of those paths. I say this because within the walls of that club you encounter such a vast amount of people, cultures, and potential threats, and to meet all these challenges, the nightclub security professional must be well equipped and prepared physically and mentally. In order to get the best out of these encounters it’s important to understand the skills required, and the skills that are being developed every time you step behind the velvet rope.

Protective Medical Services

As protectors, the Executive Protection (EP) community is comprised of “Alpha-type” personalities who are well skilled and tend to focus on the “direct action” skillsets of the EP mission, the so-called “hard skills”. But EP is more. It is full-time customer service also. EP agents serve their clients and their family members in a variety of ways, many of which were probably not envisioned while on the shooting range. Driving course or dojo.

Hostile Surveillance Threats

The average citizen has security concerns and can benefit from an understanding of the concepts of surveillance countermeasures that enhance personal protection. However, the application of surveillance countermeasures without a sound perspective regarding the threat-specific surveillance techniques they are intended to defeat can be counterproductive, and potentially dangerous. For this reason, the practitioner of surveillance countermeasures must think like a surveillance operator in order to anticipate how an operator would act based on specific circumstances.

Challenges of Protecting Children

As a bodyguard, I have been fortunate to have protected a variety of female principals amongst a cross-section of nationalities and cultures around the globe. My principals’ ages have also ranged from 4 to 65 years old. Amongst them all, I personally believe the most challenging principals are children. For me, the role of a bodyguard caring for a minor is all about balance, judgment, adaptation and a crystal-clear understanding of the parents’ wishes.

Keeping Your Edge – Develop A Niche

Celebrity protection is in some ways a unique market, however, in marketing, the more specific you can be, the more successful you will be in finding customers. This means that it’s helpful, sometimes necessary, to research, develop, and define a niche, carving out a select piece of a bigger industry to specialize in.

The Death of Journalist Marie Colvin

I’m not writing this piece to get into her personal or professional life, her ambitions or any other side of her character (that’s all been done). I’m writing this piece because I see media management in general, as a huge failing for far too many media deployments gone badly in conflict areas around the world. And I’m using Marie’s death as an example of just one of those failings.
I’m still angered every time I see a write up about the sad death of this journalist, and here’s my reasons why:
I knew Marie for years, first meeting her in Jerusalem during the Second Intifada between the Israelis and Palestinians back in the early noughties.

New SIA licence application service with Post Office

New SIA licence application service with Post Office The Security Industry Authority is …

Continue Reading about New SIA licence application service with Post Office

SIA News

Security bosses jailed for immigration and security offences 18 March 2014 On Friday [14 March], a …

Continue Reading about SIA News

Global Situation Report – September 2021

India: Modi Chairs U.N. Security Council Meeting on Maritime Security Aug 10, 2021 Indian …

Continue Reading about Global Situation Report – September 2021

High Conflict Personalities

In our roles as a security professional we will at times come across individuals with high …

Continue Reading about High Conflict Personalities

Tiger Kidnapping

Over the years there have been many articles in Circuit Magazine about the kidnapping threat, and rightly so. As we know, the danger of kidnapping is always a concern amongst high-level executives, especially when operating and traveling to some regions …

Continue Reading about Tiger Kidnapping

Keeping Your Edge: Support Those You Meet Along The Way

A large part of my career has been spent working with High Net Individuals in the entertainment industry. Over the decades I have seen many artists, label executives, managers and agents rise from relative obscurity, to monumental heights. For example, it …

Continue Reading about Keeping Your Edge: Support Those You Meet Along The Way

How Surveillance Can Help Prevent Acid Attacks

The recent surge in acid attacks in London and surrounding areas has filled the headlines in recent weeks and months, understandably causing a great deal of concern for the general public and those responsible for their safety.

What's in your GO Bag – Going Digital

What’s in your GO Bag – Going Digital Your Principal has a known stalker that has sent letters and threatening emails. You are at a small venue for a public appearance, and suspect that they might show up. You need to remain with your client in a holding room, but what could make life […]

Minding The Media

Minding the Media Behind many of the news teams you see reporting from high risk environments can be found a ‘Safety Advisor’, anonymous, unseen and unacknowledged, just as they prefer it. These individuals are more than bodyguards: highly trained …

Continue Reading about Minding The Media

Task, Threat and Environment

For a number of reasons, the most difficult thing to instil in a student during training is the proper mindset. Every student has bias from his or her experiences and the appropriate mindset for any professional must be ingrained through operational …

Continue Reading about Task, Threat and Environment

Hostile Environment Surveillance Process

Have you ever had the feeling that something was wrong before you’ve actually spotted a potential threat? Maybe the hairs stood up on the back of your neck, and you became sharply aware of your surroundings, or you had a “gut feeling” that you couldn’t …

Continue Reading about Hostile Environment Surveillance Process

INVEST SOME TIME IN YOURSELF

INVEST SOME TIME IN YOURSELF AND MAKE IT HAPPEN How many people reading this article can honestly say that they put the amount of effort into finding employment that is required to find work in the security industry or to progress their career. The …

Continue Reading about INVEST SOME TIME IN YOURSELF

Obtaining & Maintaining Non Residency and SED

Obtaining & Maintaining Non Residency and SED (Seafarers Earning Deductions) New to the industry, got a contract working overseas and don’t know where to start? NON RESIDENCY You may have decided that a land-based career overseas is the …

Continue Reading about Obtaining & Maintaining Non Residency and SED

Building Global Cyber Maritime Defence Standards

“The announcement yesterday that shipbroker Clarksons confirmed its computer systems were breached in a major cyber-security attack is a further indication how the global maritime industry is very much in the cross-hairs of the cybercriminal. The …

Continue Reading about Building Global Cyber Maritime Defence Standards

Review: Medipro PHMT

Course Review: Medipro Training Ltd. PHMT ( Pre-Hospital-Medical-technician ) Having previously completed FPOS (I) MIRA and Remote Team Medic Courses I was looking for a training course which had both industry recognition and would take my knowledge …

Continue Reading about Review: Medipro PHMT

Regaining balance after a threatening encounter

The 3 tasks your brain must achieve There’s no denying that security and close protection work is mentally and emotionally demanding. Life-threatening situations, exposure to graphic scenes, distressed individuals, violent perpetrators, and occupational …

Continue Reading about Regaining balance after a threatening encounter

Introducing TSCM

Definitions

Eavesdropping

Espionage

Threat

The Argument

The Trigger

UK Governance

Health & Safety

Legalities

Buy The Latest Issue

Subscribe to the Newsletter

Latest Podcast Episode

Latest Issue

Issue 68

Introducing TSCM

Definitions

Eavesdropping

Espionage

Threat

The Argument

The Trigger

UK Governance

Health & Safety

Legalities

Buy The Latest Issue

Subscribe to the Newsletter

Reader Interactions

Leave a Reply Cancel reply

Latest Podcast Episode

Latest Issue

Follow us