Call us on 03450 21 21 51

QSA: new face in cyber crime investigation
The SRM Blog

QSA: new face in cyber crime investigation


Written by SRM

7th March 2017

Share this article

Mustafa El-Jarrah QSA

There is a new face at the forefront of investigating cybercrime in the UK. Newcastle-based Security Risk Management has achieved another success for its SRM Academy Programme. With over five years’ industry experience and six months of preparation, 26-year old Mustafa El-Jarrah has become one of the youngest Payment Card Industry (PCI) Qualified Security Assessors (QSA) in the world.

As a PCI QSA, 26- year old Mustafa has also been accepted by the PCI as a Payment Card Forensic Investigator (PFI). Only six companies in the UK operate in this field and Security Risk Management (SRM), which Mustafa joined in 2015, is one of these.

The SRM Academy was established to address the national shortage of top level qualified cyber security consultants. Delivering elements of cyber security training to colleges in the North East, Newcastle-based SRM Ltd also employs individuals with potential and then provides them with training in house. SRM Ltd now boasts the largest number of QSAs of any cyber security company in Europe.

Brian Fenwick, Director, says: “We are one of only 18 companies in the world accredited by the Payment Card Industry to investigate breaches of credit card data, and one of only six in the UK.  As an aspect of maintaining this standard we prioritise recruitment and training. We run an internal training programme as well as ensuring that those studying to become QSAs attend numerous client sites with an experienced QSA to assist with the practical elements of the course.”

In his new role, where instances of data theft occur Mustafa will be called upon to deal with the investigation of major incidents. Forensic investigation work often deals with various types of online theft. Either of significant sums from online transactions or in terms of personal data theft. Both forms of theft put individuals at risk of a host of other fraud issues.

Once the source is identified, remedial action can be taken swiftly to return a business to an operational level. SRM Ltd consultants will advise on effective damage limitation and work in partnership with the company involved to re-establish normal trading as quickly as possible and support the achievement of PCI DSS Compliance as required.

Back to top