Watching your back: countering industrial espionage the intelligent way

October 2002 News

To many companies security badges, sign-in sheets, video cameras and other physical surveillance methods create a wall of protection against information theft. However, with most penetrations and information loss coming from within an organisation, these measures alone cannot adequately protect a company.

"Most penetrations and compromises are perpetrated by the target's own employees, by electronic or cyber intrusion, surveillance or photography," said Howard Griffiths, managing director of Griffiths & Associates. "In addition, significant amounts of company strategy are often given away in company websites, publicity material and at trade fairs, all unwittingly," he said.

"The official FBI statistics in the US are that at any one given period in time, that bureau has nearly 1000 open investigations into extremely serious cases of economic espionage of trade secret thefts," Griffiths said. "The only way to counteract activity on this scale is for companies to implement both reactive and preventative counter intelligence programs."

These programs should include employee training, site surveys, inspections and investigations. The company should also develop and maintain files on alleged, reported, and actual attempts at penetration. "Every company must have a counter intelligence manual outlining procedures for the protection of sensitive information, including how to handle incidents that occur," said Griffiths. These manuals should then be made available to personnel within responsible offices so that any incident can be dealt with promptly and consistently.

Overall strategy

The first step in developing such an overall strategy must be the conducting of a vulnerability assessment. The following checklist of important issues is an example of the type of information to be collected in this assessment:

* Employee names, titles, and position, for employees in sensitive positions.

* Responsibilities and types of access to sensitive data.

* Identification of those with whom each employee is authorised to share sensitive information.

* Audit trails and records kept relative to individuals who have been given access to proprietary data.

* Activities where employers could be approached by intelligence gatherers, such as seminars and workshops. Employees should be asked to describe any contacts initiated by other persons seeking any type of corporate data.

* Any gratuities offered or received from providing any type of corporate data. Employees should be asked to identify all types of corporate data being elicited and what responses were given and any ensuing conversation with the person asking for the information.

"The information gathered from this checklist and the general assessment will indicate strengths and weaknesses in the company's protective posture," said Griffiths. It will help security personnel determine which of the company's operations might be likely targets of business intelligence efforts and, just as importantly, allow the company to determine which counter intelligence strategies to put into place."

For more information contact Howard Griffiths, Griffiths & Associates, 011 786 8556, howard@griffithsonline.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Prevention-first approach to cybersecurity
News Cyber Security
Check Point CEO, Gil Shwed, highlights the increasing importance of artificial intelligence in defending evolving networks and protecting against cyber threats at annual CPX 360 customer and partner event.

Read more...
Three new portable power stations to ease load shedding
News Security Services & Risk Management Products
EcoFlow has launched three portable power stations that provide sufficient power for consumers wherever they are; the DELTA 2 and RIVER 2 Series are feature-filled power solutions to the volatile electricity supply.

Read more...
UJ and Schneider Electric launch 4IR Experience Room
News
Schneider Electric and the University of Johannesburg (UJ) Faculty of Engineering and Built Environment (FEBE) have officially unveiled the 4IR Experience Room, a first for UJ and situated at the university’s Auckland Park Campus.

Read more...
SafeCity Guarding rolls out across 14 suburbs in Johannesburg
News Security Services & Risk Management
In a major drive to provide communities across Johannesburg with additional safety, Vumacam, in partnership with Fidelity ADT and other security providers across the region, rolled out the innovative SafeCity Guarding initiative in 14 suburbs.

Read more...
Providing an interactive branding platform
Securex South Africa News Conferences & Events
Now in its 30th year of providing security technology and services providers with a platform for increasing their brand exposure, Securex South Africa will be held at the Gallagher Convention Centre in Midrand, from the 6th to 8th June 2023.

Read more...
ALX sponsored learning programmes for 2023
Training & Education News
With a mission to harness Africa's abundant human capital by developing two million ethical and entrepreneurial young leaders from the continent by 2030, ALX has launched four fully sponsored (at no cost) tech programmes for 2023.

Read more...
LockBit ransomware gang most apt to leak stolen victim data
News
Trellix has released The Threat Report: February 2023 from its Advanced Research Centre, combining telemetry collected from the world’s largest network of endpoint protection installs and its complete XDR product line with data gathered from open- and closed-source intelligence reports.

Read more...
Schneider Electric is looking for your bold idea
News
Schneider Electric has launched this year’s Schneider Go Green, an annual competition that invites university students from across the globe to share their ideas for innovations that can help make the world cleaner, more inclusive, and more sustainable.

Read more...
Keeping students, staff and communities safe
Vumacam News CCTV, Surveillance & Remote Monitoring Security Services & Risk Management
South African schools are facing increasing security challenges, making effective surveillance systems more important than ever. To address this issue, Vumacam is offering advanced security solutions with security partners, aimed at keeping students, staff, and the community safe.

Read more...
Arcules and IMMIX announce integration
News CCTV, Surveillance & Remote Monitoring Products
Arcules has announced that its integration with Immix Central Station and Guard Force is available. The integration provides Central Station and Guard Force users a way to manage, verify, and respond to security events, while using Arcules-managed video feeds.

Read more...