Watching your back: countering industrial espionage the intelligent way

October 2002 News & Events

To many companies security badges, sign-in sheets, video cameras and other physical surveillance methods create a wall of protection against information theft. However, with most penetrations and information loss coming from within an organisation, these measures alone cannot adequately protect a company.

"Most penetrations and compromises are perpetrated by the target's own employees, by electronic or cyber intrusion, surveillance or photography," said Howard Griffiths, managing director of Griffiths & Associates. "In addition, significant amounts of company strategy are often given away in company websites, publicity material and at trade fairs, all unwittingly," he said.

"The official FBI statistics in the US are that at any one given period in time, that bureau has nearly 1000 open investigations into extremely serious cases of economic espionage of trade secret thefts," Griffiths said. "The only way to counteract activity on this scale is for companies to implement both reactive and preventative counter intelligence programs."

These programs should include employee training, site surveys, inspections and investigations. The company should also develop and maintain files on alleged, reported, and actual attempts at penetration. "Every company must have a counter intelligence manual outlining procedures for the protection of sensitive information, including how to handle incidents that occur," said Griffiths. These manuals should then be made available to personnel within responsible offices so that any incident can be dealt with promptly and consistently.

Overall strategy

The first step in developing such an overall strategy must be the conducting of a vulnerability assessment. The following checklist of important issues is an example of the type of information to be collected in this assessment:

* Employee names, titles, and position, for employees in sensitive positions.

* Responsibilities and types of access to sensitive data.

* Identification of those with whom each employee is authorised to share sensitive information.

* Audit trails and records kept relative to individuals who have been given access to proprietary data.

* Activities where employers could be approached by intelligence gatherers, such as seminars and workshops. Employees should be asked to describe any contacts initiated by other persons seeking any type of corporate data.

* Any gratuities offered or received from providing any type of corporate data. Employees should be asked to identify all types of corporate data being elicited and what responses were given and any ensuing conversation with the person asking for the information.

"The information gathered from this checklist and the general assessment will indicate strengths and weaknesses in the company's protective posture," said Griffiths. It will help security personnel determine which of the company's operations might be likely targets of business intelligence efforts and, just as importantly, allow the company to determine which counter intelligence strategies to put into place."

For more information contact Howard Griffiths, Griffiths & Associates, 011 786 8556, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Amendments to the Private Security Industry Regulations
Technews Publishing Agriculture (Industry) Surveillance Access Control & Identity Management Fire & Safety Perimeter Security, Alarms & Intruder Detection Information Security Asset Management News & Events Integrated Solutions Infrastructure Security Services & Risk Management Education (Industry) Entertainment and Hospitality (Industry) Financial (Industry) Government and Parastatal (Industry) Healthcare (Industry) Industrial (Industry) Mining (Industry) Residential Estate (Industry) Retail (Industry) Transport (Industry) Conferences & Events Associations Videos Training & Education Smart Home Automation Commercial (Industry) Logistics (Industry) AI & Data Analytics Facilities & Building Management IoT & Automation Power Management
SANSEA, SASA, National Security Forum, CEO, TAPSOSA, and LASA oppose recently published Amendments to the Private Security Industry Regulations regarding firearms.

Read more...
Local innovation driving excellence in FM
Securex South Africa News & Events
As organisations seek cost-effective, sustainable, and high-quality solutions, home-grown facilities management innovation is proving to be a critical driver of operational efficiency and long-term success.

Read more...
PIV-ready High Sec Controller 7000
News & Events
Gallagher Security announced the release of the latest addition to its controller product range; the High Sec Controller 7000, which incorporates all the core functions of the C7000 Standard variant released less than 18 months ago.

Read more...
The impact of GenAI on cybersecurity
Sophos News & Events Information Security
Sophos survey finds that 89% of IT leaders worry GenAI flaws could negatively impact their organisation’s cybersecurity strategies, with 87% of respondents stating they were concerned about a resulting lack of cybersecurity accountability.

Read more...
Lack of optimism for African economy
News & Events
African Leadership University publishes the 2025 Africa Workforce Readiness Survey, which shows that only 21% of South African employers are optimistic about the future of the country’s economy, the lowest of any country polled.

Read more...
From the editor's desk: What’s a trillion between friends?
Technews Publishing News & Events
Back in the bad old days of 2015, some (who didn’t want to take the blame for coming up with that number) estimated the amount of money lost to corruption by the South African government to be around ...

Read more...
Closing physical security loopholes
Securex South Africa News & Events
Relying on outdated physical security measures can expose businesses and facilities to threats in today’s fast-evolving security landscape. Fortunately, advances in security technology are helping organisations stay ahead of threats by closing critical security gaps.

Read more...
Paxton opens second experience centre
Paxton News & Events Access Control & Identity Management
Security technology manufacturer, Paxton, has opened a new experience centre in Cape Town on 12 February in partnership with its exclusive distributors, Reditron and Regal Security.

Read more...
Gallagher’s Integrate 360 event in Durban
Gallagher News & Events Perimeter Security, Alarms & Intruder Detection
Gallagher Security held its Integrate 360 event in Durban, South Africa. The event attracted 65 channel partners, end users, and consultants from across KwaZulu-Natal and broader South Africa to showcase the latest in Gallagher’s technology suite.

Read more...