Watching your back: countering industrial espionage the intelligent way

October 2002 News

To many companies security badges, sign-in sheets, video cameras and other physical surveillance methods create a wall of protection against information theft. However, with most penetrations and information loss coming from within an organisation, these measures alone cannot adequately protect a company.

"Most penetrations and compromises are perpetrated by the target's own employees, by electronic or cyber intrusion, surveillance or photography," said Howard Griffiths, managing director of Griffiths & Associates. "In addition, significant amounts of company strategy are often given away in company websites, publicity material and at trade fairs, all unwittingly," he said.

"The official FBI statistics in the US are that at any one given period in time, that bureau has nearly 1000 open investigations into extremely serious cases of economic espionage of trade secret thefts," Griffiths said. "The only way to counteract activity on this scale is for companies to implement both reactive and preventative counter intelligence programs."

These programs should include employee training, site surveys, inspections and investigations. The company should also develop and maintain files on alleged, reported, and actual attempts at penetration. "Every company must have a counter intelligence manual outlining procedures for the protection of sensitive information, including how to handle incidents that occur," said Griffiths. These manuals should then be made available to personnel within responsible offices so that any incident can be dealt with promptly and consistently.

Overall strategy

The first step in developing such an overall strategy must be the conducting of a vulnerability assessment. The following checklist of important issues is an example of the type of information to be collected in this assessment:

* Employee names, titles, and position, for employees in sensitive positions.

* Responsibilities and types of access to sensitive data.

* Identification of those with whom each employee is authorised to share sensitive information.

* Audit trails and records kept relative to individuals who have been given access to proprietary data.

* Activities where employers could be approached by intelligence gatherers, such as seminars and workshops. Employees should be asked to describe any contacts initiated by other persons seeking any type of corporate data.

* Any gratuities offered or received from providing any type of corporate data. Employees should be asked to identify all types of corporate data being elicited and what responses were given and any ensuing conversation with the person asking for the information.

"The information gathered from this checklist and the general assessment will indicate strengths and weaknesses in the company's protective posture," said Griffiths. It will help security personnel determine which of the company's operations might be likely targets of business intelligence efforts and, just as importantly, allow the company to determine which counter intelligence strategies to put into place."

For more information contact Howard Griffiths, Griffiths & Associates, 011 786 8556, howard@griffithsonline.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

From the editor's desk: Take identity seriously
Issue 8 2020, Technews Publishing , News
The list of companies subject to data breaches continues to grow, both in Africa and beyond. The dangerous part is that in Africa, including South Africa (at the moment), the companies do not have to ...

Read more...
Free-flow smart weapons detection system
Issue 8 2020, XPro Security Solutions , News, Security Services & Risk Management, Products
Detecting people carrying weapons and preventing them from entering your venue is now possible, without sacrificing the visitor experience.

Read more...
Net2 integrates with additional thermal scanners
Issue 8 2020, Paxton , News, Access Control & Identity Management
Paxton has updated Net2 to include six new thermal temperature scanning integrations to assist in managing the pandemic.

Read more...
App Challenge winners
Issue 8 2020 , News, CCTV, Surveillance & Remote Monitoring
Security & Safety Things announced the winners of App Challenge for innovation in AI-enabled smart camera applications.

Read more...
ONVIF introduces Profile M Release Candidate
Issue 7 2020 , News
ONVIF has introduced its Profile M Release Candidate for standardising the communication of metadata and event handling of analytics for smart applications.

Read more...
First Distribution to distribute Video Storage Solutions
Issue 8 2020 , News, CCTV, Surveillance & Remote Monitoring, IT infrastructure
First Distribution has signed an agreement to distribute the entire Video Storage Solutions (VSS) product line of video surveillance appliances.

Read more...
Ring Africa launches new cameras in SA
Issue 8 2020 , News, CCTV, Surveillance & Remote Monitoring, Smart Home Automation
Ring Africa has officially launched a range of indoor and outdoor home security cameras in South Africa.

Read more...
VisionPass wins SIA award
Issue 8 2020, IDEMIA , News, Access Control & Identity Management
IDEMIA announced that VisionPass, its newly launched advanced facial recognition device, won the SIA New Product Showcase Award.

Read more...
Liquid Telecom unveils Cybersecurity unit
Issue 8 2020 , News, Cyber Security
Liquid Telecom has unveiled its Cybersecurity unit, which offers end-to-end managed services for digital security solutions.

Read more...
T-Systems and Fortinet launch cyber academy
Issue 7 2020 , News
T-Systems South Africa will be introducing cybersecurity education programmes to create a specialised Cyber Security Academy incorporated into the organisation’s existing ICT Academy.

Read more...