Protective services

We offer physical and technical solutions to help identify the risks and threats to which you are potentially exposed. Employing methods such as cyber and/or physical penetration testing and Tactical Surveillance Counter-Measures (TSCM), we can assist in devising remediation solutions to protect your assets and reputation.

If you have been unfortunate enough to have already suffered a technical attack (cyber), we are able to conduct IT and mobile forensics to ascertain your level of exposure, help recover lost data and assist in gathering evidence to secure a prosecution of those responsible.

Cyber Vulnerability Management. As the sophistication and regularity of cyber-attacks increase, protecting against them has become extremely difficult, if not impossible.

The threat has evolved from the curious or malicious individual, to state-sponsored organisations and international criminal gangs. A professional and determined attack can exploit apparently insignificant vulnerabilities, avoid detection, and hide malicious activity. If your company or network is targeted, the consequence can be devastating.

Matrix provide an integrated physical and cyber capability to ensure that risks are identified, monitored and managed, therefore reducing the likelihood of an incident, and the impact if one occurs.

Utilising a phased approach, we commence with penetration testing and a vulnerability audit. Although not essential, we prefer to work in collaboration with the Chief Technology Officer, to better understand your system and develop a prioritised list of potential attack vectors. By commencing with a limited amount of inside knowledge, we can significantly reduce the requirement for time-consuming research and activity expended on unsuccessful penetration attempts. The obvious advantage of this approach, is that it significantly reduces the cost of the exercise to the client.

Next, we test the identified attack vectors. This is done as a ‘black-box’ assessment, where our team will be tasked to look at the system as an outside attacker. Once complete the team is then brought into the confidence of the client to complete a ‘white box’ assessment; made with intimate knowledge of the system. Utilising such a comprehensive approach, we can thoroughly explore the risks of the external and insider threat and examine worst case scenarios. Upon conclusion of this phase, we will present our findings and recommendations in a comprehensive report.

As a follow-on, we are also able to facilitate a cyber monitoring service and provide you with regular assessments, updates and alerts, to enable you to contain and resolve threats more efficiently and expeditiously.

IT Forensics. Information Technology is at the centre of everything a modern business does. Unfortunately, it can also be misused to facilitate fraud and corruption, however; the use of computers and mobiles leaves a digital trail. With the right expertise, this trail can be followed and valuable evidence secured.

Fraudsters, criminals, and corrupt individuals will often try to cover their tracks, but it is very difficult to erase this trail completely. Deleted data can often be recovered, corrupted files can be repaired, and when records have been altered there is usually evidence of tampering.

At Matrix, we offer two kinds of IT forensic service: Computer & Mobile.

Computer Forensics

By partnering with prestigious experts, we are able to provide full-service forensics. We can analyse computers and other digital devices, including: servers, tablets, and satellite navigation systems, to gather valuable evidence of any wrongdoing and document this so that it can be used as evidence to help a tribunal or trial.

We can recover deleted or corrupted files, look for evidence of tampering, and even analyse damaged equipment in order to help you work out what has been done, how it was carried out, and what steps you can take to mitigate the damage.

We regularly handle complex and sensitive cases, and we are used to dealing with them appropriately. Whether you suspect corruption, are investigating fraud, or have found evidence of inappropriate material on company equipment, you can be sure we will handle the investigation accordingly.

Mobile Forensics

Mobile devices can be a goldmine of useful evidence for all kinds of investigations – provided you know how to read them.

We are experts at extracting the information hidden in mobile devices, even when efforts have been made to conceal it. We can examine mobile phones, SIM cards and internet history to build the most comprehensive and detailed picture of a person’s activity possible.

This kind of evidence can be vital in many criminal investigations, from minor harassment allegations right up to complex murder and fraud cases.
If an investigation warrants forensic analysis of a private mobile device, that case is likely to be both sensitive and serious. We understand this, and approach all mobile forensics cases, without exception, with the discretion and gravity they deserve, while also adhering fully to ACPO and PACE guidelines.

Technical Surveillance Counter-Measures. Although spying may be one of the world’s oldest professions, espionage has been quick to embrace technology and there is something new in the scope and intrusiveness of surveillance.

The exponential expansion of digital electronic surveillance has ensured that the conduct of espionage is not the sole preserve of governments and their intelligence agencies and malign actors can include: investigative journalists, unscrupulous business rivals, disaffected staff and organised criminals. With a plethora of technical surveillance devices and methods of employment at their disposal, it is relatively simple to conduct an attack.

The most effective way of protecting your information is to conduct your business in a sanitised environment.

Our approach to TSCM surveys is based upon the considerable experience we have amassed over years of practical experience. Given the vast array of technical surveillance methods which exist, our strategy comprises a comprehensive set of tests founded upon the principle of “defence-in-depth”. Our search procedures are optimised to detect both active and passive surveillance devices, and we handle all assignments in the strictest confidence;

We undertake regular research into new developments and continuously update our procedures and equipment in order to maintain the highest probability of detection of illicit surveillance devices. All of our personnel are subject to stringent vetting checks and we warrant that our electronic search equipment is of the highest quality.

Penetration Testing. The security of its premises and information is of vital importance to any organisation.

Aside from the physical risk to staff, the loss of sensitive information could have serious commercial and reputational consequences.

Matrix utilises a proven methodology for physical penetration testing, consisting of five elements:

Information gathering

We will draw information from a wide range of sources, including, but not limited to: corporate registries, local and international media archives, litigation and court databases, online discussion forums, social and professional networking websites, deep-web resources (such as closed discussion groups, activist data repositories and ‘big data’ information channels) and proprietary databases that contain information which is not available to the public.

This will enable us to identify and assess vulnerabilities which could be cultivated though the use of social engineering.

Vulnerability analysis

We will conduct both passive and active reconnaissance in order to fully assess the vulnerabilities of the site.

Passive reconnaissance will build on the findings of OSINT and look to understand what vulnerabilities can be identified prior to a site visit. It is always possible to glean a significant amount of information about a target’s vulnerability by studying its surrounding environment.

Active reconnaissance would constitute offline information gathering, with a focus on social engineering. This may include using telephone calls, or emails, and directly querying select staff or vendors in order to obtain information.

To complete the vulnerability analysis, we would conduct covert observation to build up a pattern of behaviour for individuals with access to the building; employees, contractors, couriers etc.


Based upon the findings of the vulnerability analysis, we will formulate a plan to gain access to the target building.

Exploiting various techniques and routes, we will task a team of operatives, over a two-day period, to attempt at least one entry each day. We will provide all of the equipment necessary for this phase and we will also conduct a full risk assessment in advance.

In order for this phase to accurately assess the buildings physical security measures under a normal posture, it is vital that staff are not warned of our activity in advance.


Post exploitation is clearly dependent upon our operatives having first gained access to the building.

During this phase, our operators will seek to identify physical security weaknesses within the building. They will identify opportunities for covert recording devices to be deployed within the building, assess whether access could be gained to computers, survey what information can be gathered from employee’s desks and more generally, assess the staff’s willingness to challenge unknown visitors to their building.

Of note, the individuals we will employ for this activity are all highly trained, former law enforcement personnel, with appropriate experience.


Upon completion of the activity above, we will provide a comprehensive written and verbal report of our activity, key findings and recommendations on how to improve your security posture.