CYBER INVESTIGATIONS &
DIGITAL SECURITY
Our team of expert cyber investigators and digital security professionals provide top-notch services to protect your online assets and investigate cybercrimes.
CYBER INVESTIGATIONS &
DIGITAL SECURITY
Our team of expert cyber investigators and digital security professionals provide top-notch services to protect your online assets and investigate cybercrimes.
MADPI GLOBAL engages only the leading experts in the fields of Technical Surveillance Counter Measures (TSCM), Data Privacy & Destruction, Digital Forensics, Communication Security & Intercept, and Network Traffic Analysis. Our specialists have over 30 years of dedicated experience, law-enforcement background, advanced scientific degrees, and proficiency in testifying in court as an expert witness.

CASE STUDIES
MADPI GLOBAL is recognized by the legal community, insurers and corporations both nationally and internationally as a leader in the investigation industry. The following examples will illustrate the effectiveness of our involvement.
CASE STUDIES
MADPI GLOBAL is recognized by the legal community, insurers and corporations both nationally and internationally as a leader in the investigation industry. The following examples will illustrate the effectiveness of our involvement.
FREQUENTLY ASKED QUESTIONS
Typically, TSCM practitioners do not have a store front operation, or rely on online marketing to connect with their client base. But having been in the TSCM industry since the mid-1990’s, MADPI GLOBAL experts know that the best means to connect with clients is through referrals from a trusted party such as through relationships with legal or corporate firms.
When engaging a TSCM practitioner this way, the client knows that the team has been qualified and has a proven track record in the delivery of reliable services.
All too often, we have met clients who had hired the services of “rain dancers” (wannabe sweep specialist) who wave antennas as they walk through a site with no training or experience, and a minimal investment in “magic boxes”. Those engaging in this type of business are charlatans and do nothing more than provide a false sense of security while bilking clients of their money.
Therefore, make sure that the experts you chose are qualified, experienced, and are highly educated in this domain.
The practitioners delivering TSCM services must constantly maintain awareness to emerging technology developments and the practices necessary to detect and defeat these new forms of compromise. Commercially available hardware designed to detect technical threat is often a few generations late to address these new threats, as is the scope of vendor led training programs.
It is important to note that equipment vendor training is delivered to mixed audiences and cannot include zero-day threat or classified information (including information on emerging threat). Accordingly, most vendor trained “experts” are trained to sweep for yesterday’s technology and are ill equipped to deliver effective services capable of addressing comprehensive risks.
There are very few qualified sweep teams available for contract work, and discerning between those who are actually qualified and equipped, and the paper tigers who believe a vendor’s training certificate is sufficient, are few and far between. It is for this reason that unless the client has the technical background to qualify the sweep team, that it is best to engage a team through those who have already certified the services of those they work with.
Consideration – Is the threat technical?
If you are considering contracting the services of a TSCM practitioner, you have serious concerns about the exposure of your confidential information. The factors which led you to believe your privacy is compromised is critical to determining where the compromise may exist, and the methods which will be used by the TSCM specialists to identify the breach. In many cases, the information which had been exposed may not have been conveyed via technical compromise, in which case the TSCM sweep will provide nothing more than peace of mind that technical threat is not a factor.
Triage – The most critical stage of a sweep
Before TSCM services are delivered it is important to discuss the factors which led the client to believe there is a presence of potential compromise. During this discussion the team lead is able to ascertain the scope of the threat and define and prioritize actions which will address these concerns effectively. Often during the triage stage, an experienced team will be able to optimize their approach to efficiently validate the concern and identify the threat.
This stage is also critical in establishing a level of complexity of the compromise implemented. If the matter is a domestic issue, it can be expected that any potential threat will have a threat level aligned to compromise which can be purchased online, whereas a situation of industrial espionage may involve more complex threat.
It is not just about the hardware
Many TSCM practitioners use the same integrated analysis hardware from the same vendor. Those who rely on this platform are delivering services on hardware which has been designed well over a decade ago and does not provide visibility to present day threat. Others use cobbled together Software Defined Radios (SDR) with laptop-based software. Although this approach appears to be promising on paper, the integration between the SDR and the laptop is too slow to deliver an effective analysis platform.
Understanding hardware design may be critical to hardware selection, but expertise and experience in the technologies used to collect and convey information over all signal paths, including optical and inaudible acoustics, is far more critical to the development of any competent team.
There is no magic box!! Many TSCM equipment vendors will lead their clients to believe that their technology can cover all forms of risk. This is factually incorrect, as most of these technologies will address some, or most of the forms of threat, while ignoring others. As an example, many devices will look for transmitting or recording technical threat, and only indicate the presence of digital transmission sources such including Bluetooth, DECT, or WIFI, without any analysis of these signals. This lack of visibility results in the TSCM practitioner assuming the signal to be classified as legitimate, without knowing where the signal is connected to, or whether it is being used to exfiltrate information.
TSCM is the art of analysing and auditing all modes of information conveyance and needs to be delivered by those who constantly maintain an understanding of these channels. No tool or technology can replace the technical competence required to deliver these services. In many cases, we have seen former law enforcement, or investigators with no technical or communications background spend more than $100,000 on equipment and training hoping to be able to deliver sweep services. Yet, despite this investment, and the false sense of experience, they fail to identify actual threat due to their reliance on the technology without full understanding of the threat complexity.
Our team is comprised of career technologists including professional government signals intelligence officers, mobile RF carrier engineers, security specialists, digital forensics specialists, data communications network specialists and packet level network analysts. Members of our team are involved in the analysis of zero-day threat technologies, where we document operational capabilities, and develop detection and defeat practices. We are dedicated to the identification and analysis of not only RF based threat, but also the detection of embedded technologies, whether active or inactive, or integrated into legitimate technology.
MADPI GLOBAL team goes well beyond the scope delivered by other teams as we are able to include visibility into digital network signals and validate whether local transmission sources are using adjacent networks to exfiltrate information off premises.
Our Clients
Canadian & International: Corporations & SMEs, Law Firms, Private Equity & Hedge Funds, Financial Institutions, Commercial & Investment Banks, Insurance & Accounting Firms, High-Net-Worth Individuals, Think Tanks, Strategic Advisors, Compliance & Research Organisations, Medical & Educational Institutions, Fortune 500 Companies, Governmental & Regulatory Bodies, and Non-Profits.
Confidentiality and Privacy
All data and communication is encrypted, stored securely, and handled according to PIPEDA and GDPR, and the latest available technology. Our investigators work only with the need-to-know information in order to perform their job duties and to conduct investigations.
Your PRIVACY & CONFIDENTIALITY is ingrained into the fabric of our firm’s existence and is non-negotiable!