Watching your back: countering industrial espionage the intelligent way

October 2002 News

To many companies security badges, sign-in sheets, video cameras and other physical surveillance methods create a wall of protection against information theft. However, with most penetrations and information loss coming from within an organisation, these measures alone cannot adequately protect a company.

"Most penetrations and compromises are perpetrated by the target's own employees, by electronic or cyber intrusion, surveillance or photography," said Howard Griffiths, managing director of Griffiths & Associates. "In addition, significant amounts of company strategy are often given away in company websites, publicity material and at trade fairs, all unwittingly," he said.

"The official FBI statistics in the US are that at any one given period in time, that bureau has nearly 1000 open investigations into extremely serious cases of economic espionage of trade secret thefts," Griffiths said. "The only way to counteract activity on this scale is for companies to implement both reactive and preventative counter intelligence programs."

These programs should include employee training, site surveys, inspections and investigations. The company should also develop and maintain files on alleged, reported, and actual attempts at penetration. "Every company must have a counter intelligence manual outlining procedures for the protection of sensitive information, including how to handle incidents that occur," said Griffiths. These manuals should then be made available to personnel within responsible offices so that any incident can be dealt with promptly and consistently.

Overall strategy

The first step in developing such an overall strategy must be the conducting of a vulnerability assessment. The following checklist of important issues is an example of the type of information to be collected in this assessment:

* Employee names, titles, and position, for employees in sensitive positions.

* Responsibilities and types of access to sensitive data.

* Identification of those with whom each employee is authorised to share sensitive information.

* Audit trails and records kept relative to individuals who have been given access to proprietary data.

* Activities where employers could be approached by intelligence gatherers, such as seminars and workshops. Employees should be asked to describe any contacts initiated by other persons seeking any type of corporate data.

* Any gratuities offered or received from providing any type of corporate data. Employees should be asked to identify all types of corporate data being elicited and what responses were given and any ensuing conversation with the person asking for the information.

"The information gathered from this checklist and the general assessment will indicate strengths and weaknesses in the company's protective posture," said Griffiths. It will help security personnel determine which of the company's operations might be likely targets of business intelligence efforts and, just as importantly, allow the company to determine which counter intelligence strategies to put into place."

For more information contact Howard Griffiths, Griffiths & Associates, 011 786 8556, howard@griffithsonline.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Consumer robotics is a market in transition
September 2019 , Home Security, News
ABI Research says smart home integration will drive consumer robot shipments into the home to the tune of 39 million units per year by 2024.

Read more...
TAPA: The role of an effective treasury function in business risk management
June 2019, Technews Publishing , News
Neil Le Roux, the Founder of Diligent Advisors will speak at the TAPA SA (Transported Asset Protection Association) annual conference on 26 July 2019.

Read more...
From the editor's desk: More things change
September 2019, Technews Publishing , News
Welcome to the CCTV Handbook 2019. This year’s handbook breaks a long tradition of publishing the handbook in the first half of the year by releasing it along with the October issue of Hi-Tech Security ...

Read more...
From the editor's desk: Six-and-a-half impossible things
October 2019 , News
When it comes to people named Alice, there are two that are noteworthy in the greater scheme of things and specifically when it comes to security in South Africa. Interestingly enough, they both faced ...

Read more...
Invixium and Pyro-Tech partner in South Africa
October 2019 , News, Access Control & Identity Management
Invixium, a manufacturer of IP-based biometric solutions and Pyro-Tech Security Suppliers have announced a new distribution partnership.

Read more...
Hikvision achieves ISO 28000:2007 certification
October 2019, Hikvision South Africa , News
Hikvision has announced its ISO 28000:2007 certification, marking a further strengthening of the company's supply chain security assurance.

Read more...
SALTO Systems SA partners with Training Ninja
October 2019, Salto Systems Africa , News, Training & Education
SALTO Systems has partnered with Training Ninja to extend its training footprint to the coastal regions of South Africa.

Read more...
Duxbury partners with TVT
October 2019, Duxbury Networking , News, CCTV, Surveillance & Remote Monitoring
Duxbury Networking has announced its new partnership with TVT Digital Technology to provide South African resellers and customers with a wider range of options for surveillance equipment.

Read more...
Mallett appointed as Elvey sales director
October 2019, Elvey Security Technologies , News
Ernest Mallett has been appointed as sales director of the Elvey Security Technologies group of companies.

Read more...
Three words that could save your life
October 2019 , News
Technology company what3words has mapped the world into a grid of 3m x 3m squares, and given each one a unique what3words address.

Read more...