INTELLECTUAL PROPERTY: The Enemy Can Also Come From Within. If You Let Them Operate, You Had Better Be A Good Cat Herder!
The talk of the moment is the ever rising ‘cyber threat’. Received wisdom is that the majority of the threat to our intellectual property (IP) comes from without. That is, of course, correct. Consequently, much of our focus relating to the protection of our ‘Crown Jewels’ is on blocking and defeating those who seek to break into our systems to steal our most important secrets. But a report in ExecSecurity magazine yesterday is a timely reminder that we must not drop our guard in other directions too.
Cargill, a major global player in the commodities markets, has taken out an injunction against one of its former executives who, the company alleges, copied hundreds of highly confidential and proprietary files before resigning and taking up employment with one of Cargill’s major competitors. The gentleman concerned had been with Cargill for 20 years.
This sort of threat is not, of course, new. The value of IP can be enormous, stratospherically enormous. Lose it and it could be the end of the company. The ability of employees to remove huge amounts of data easily is a major threat to any organisation which has something worth stealing – which is all of us. The causes and motives for such activity are myriad. Accident and external espionage are frequently the cause of loss of IP. Disaffection can create a pernicious situation where an employee remains at the company whilst regularly passing important intelligence to competitors or criminals. But the most likely motivator for theft of IP is, surprise surprise, money. Competitors are always trying to poach top staff; those with juicy client lists and proven relationships. What is in their heads is dangerous enough. The ability to walk out of the door with, potentially, millions of customer details, price lists, product details, commercial plans and much more is why many companies will escort out of the building any senior or well placed employee who is let go. Even then, you can’t guarantee that he hasn’t seen it coming and prepared for the day. It is even more difficult to guard against someone who plans their exit carefully and with the intent of taking as much with him as his memory sticks will carry. Equally, it is very easy for employees to zip up, encrypt and send out information to wherever the choose. In order to cover the tracks. it doesn’t usually require too much subterfuge to do it from a colleague’s computer either.
Most companies will have in place unusual activity sniffing software which will note when an employee downloads lots of data onto removable media. But machines and software cannot mitigate everything and a wiley thief can easily circumvent many of the defences which might be deployed to protect important information. So you need to be on the lookout for other signs that someone is up to mischief. That means that people need to talk with each other.
The damage which can be caused from IP theft can be devastating. The simple combination of a client list, what they buy and what they pay is a potentially massive loss which could turn into a catastrophy if those clients are subsequently lost to competitors. But imagine if you have spent gezillions on developing a new this or that on which the future of the company is pinned and all of the data walks out of the door in someone’s pocket?
It is crucial that all aspects of your enterprise’s defences are actively involved at all times in working together to defend your IP. Everyone. All of the time. Whatever processes you have in place muct be actively policed. HR, information assurance (IT & cyber), physical security, legal and the data owners must all play a proactive role in defending secrets. If you are not actively working together you will, no question, lose data. Once it has gone, it is an altogether more difficult task to prevent further dispersion and consequential damage to the company’s health and welfare. It’s all very well pursuing someone after they have gone, but if the information went with them, you had better be good at herding cats. The only people who are going to get fat in this scenario are the lawyers. I know that many may feel that this is all common sense and, of course you are doing it. I’m prepared to bet a pound to a pinch that many of you are not, even if you think you are.
Bronzeye Group specialises in Business Risk Management. Please contact us to discuss how we can help you to ensure that your enterprise’s security at all levels stays at the head of the threat curve. Until you do,
mind your eye…………….









