Corporate espionage poses a significant threat to companies globally. Surveys show over 35% of Japanese companies and over 60% of South Korean economic losses are due to foreign espionage, mostly from China. Germany estimates $28-71 billion in annual losses. Insider threats are the greatest risk, with motivations including financial gain, sabotage, or thrill-seeking. Companies must implement security awareness training, data management policies, monitoring systems, and response plans to minimize risks.

1. How Really Safe Are Your Secrets?
Presented by
ARGUS INTERNATIONAL RISK SERVICES
Global Security | Intelligence | Risk Management

2. What is Corporate Espionage?
Argus Definition; The
deliberate targeting and theft
of commercially and
proprietarily driven
technologies, ideas, and
services which if known or
transferred to any other
agent, would severely
damage, inhibit, or destroy
the original commercial
enterprise.

3. Is this a US only problem?
Japan’s Ministry of Economy, Trade, and
Industry conducted a survey of 625
manufacturing firms in late 2007 and found that
more than 35 percent of those responding
reported some form of technology loss. More
than 60 percent of those leaks involved China. The British Security Service’s
Center for the Protection of
South Korea says that the costs from foreign National Infrastructure warned
economic espionage in 2008 were $82 hundreds of UK business leaders
billion, up from $26 billion in 2004. The in 2010 of Chinese economic
South Koreans report that 60 percent of espionage practices, including
victims are small- and medium-sized giving gifts of cameras and
businesses and that half of all economic memory sticks equipped with
espionage comes from China. cyber implants at trade fairs and
Germany’s Federal Office for the Protection of exhibitions. This followed similar
the Constitution (BfV) estimates that German notification sent to 300 UK
companies lose $28 billion-$71 billion and business leaders in 2007 warning
30,000-70,000 jobs per year from foreign them of a coordinated cyber
economic espionage. Approximately 70 percent espionage campaign against the
of all cases involve insiders. British economy.

4. Question: Am I a Target?
Answer: Yes, you are!

5. Espionage in America
In 2001, Procter & Gamble admitted to a spying operation,
alleged to have been carried out over 6 months, on its hair-
care competitor Unilever. Their cunning plan, which P&G
referred to as an “unfortunate incident,” included going
through Unilever’s trash in search of documents, although if
Unilever habitually threw away full documents entitled
“Super Secret Product Information That Will Crush P&G”
their days as an industry leader are numbered.

6. Espionage in America
Michael Mitchell worked on the marketing and
sales of Kevlar for DuPont until he was fired in
2006. Unwilling to sign on to unemployment with
his tail between his legs, instead he offered to
provide his services to Kolon Industries Inc, a
Korean form which just happens to be one of two
companies that manufactures fibers that can
tough it out with Kevlar in the toughness stakes.
After emailing his new bosses confidential
information on Kevlar, he went back to old
colleagues at DuPont to find out more.
Unsurprisingly, DuPont executives found out
about this less than cunning scheme and notified
the FBI. Mitchell was sentenced to 18 months in
prison and ordered to pay DuPont over $180,000.

7. Espionage in America
In 2009 Starwood rocked the hospitality
world when they accused household
name Hilton of industrial espionage based
on Hilton’s employment of 10 executives
and managers from Starwood. Starwood’s
accusations were centered around luxury
brand ideas, with the former head of
Starwood’s luxury brands group alleged to
have downloaded “truckloads” of
documents before leaving for the bigger
firm.
In 2010, the two groups reached a
settlement that required the Hilton group
to make payments to Starwood, as well as
refrain from developing a competing
luxury hotel brand until 2013. The call for
federal monitors to supervise Hilton’s
conduct shows that it isn’t just Paris who’s
on the wrong side of the law occasionally.

8. Who are the Main Culprits of
Espionage?
Russia and China view themselves as strategic competitors of the United States
and are the most aggressive collectors of US economic information and
technology.
Other countries with closer ties to the United States, including Israel, have
conducted CNE and other forms of intelligence collection to obtain US economic
and technology data, often taking advantage of the access they enjoy as allies or
partners to collect sensitive military data and information on other programs.

9. What is the Annual $$$ Cost of Espionage?
The methods and data available to accurately
depict the annual losses are minimalist at best.
As of 2008, combined losses between
Academic, Government, Military and
Commercial Enterprises are estimated to be
anywhere from $2 billion to $400 billion per
year. The tremendous range shows that our
system has not yet evolved to be quantify the
amount of losses.
The true cost could be way over the $400
BILLION estimate and surely no where near the
$2 Billion range.
Fact: 65% of all USA IT Managers
Common-sense prevailing, the reality is we have admit they do not know what
no idea of how much information has been
stolen, manipulated, reproduced, and/or the information leaves their company,
impact of its dissemination.
or who would have accessed it from
outside the company.

10. Where does the Greatest Threat Come From?
As we have seen from the previous slides,
the greatest threat comes from INSIDER
THREATS – basically “People”

11. What are the Motivators for Espionage?
Why do “They” do it?
• Financial Gain
• Revenge Against Colleagues or Management
• Lack of Promotion or Company Recognition
• Career/Employer Change
• Personal Satisfaction (Ego) or Personal Problems (Family)
• Sabotage (Destructive Behavior)
• Thrill Seeking (I am smarter and can get away with it…)
• Sometimes – Just to do it!

12. How Do You Assess the Risk Your Organization Faces?

13. The Cycle of Threat Mitigation?

14. What Can I Do to Minimize The Threat?
Information Strategy
• Develop a “transparency strategy” that determines how closed or open the company
needs to be based on the services provided.
Insider Threat Programs and Awareness
• Institute security training and awareness campaigns; convey threats to company
information accessed through portable devices and when traveling abroad.
• Establish an insider threat program that consists of information technology-enabled threat
detection, foreign travel and contact notifications, personnel security and evaluation,
insider threat awareness and training, and reporting and analysis.
• Conduct background checks that vet users before providing them company information.
• Implement non-disclosure agreements with employees and business partners.
• Establish employee exit procedures; most employees who steal intellectual property
commit the theft within one month of resignation.

15. Cont: Slide 2 of 3
Effective Data Management
• Get a handle on company data—not just in databases but also in e-mail messages, on
individual computers, and as data objects in web portals; categorize and classify the data,
and choose the most appropriate set of controls and markings for each class of data;
identify which data should be kept and for how long. Understand that it is impossible to
protect everything.
• Establish compartmentalized access programs to protect unique trade secrets and
proprietary information; centralize intellectual property data—which will make for better
security and facilitate information sharing.
• Restrict distribution of sensitive data; establish a shared data infrastructure to reduce the
quantity of data held by the organization and discourage unnecessary printing and
reproduction. Network Security, Auditing, and Monitoring
• Conduct real-time monitoring/auditing of the networks; maintain thorough records of
who is accessing servers, and modifying, copying, deleting, or downloading files.
• Install software tools—content management, data loss prevention, network forensics—on
individual computer workstations to protect files.

16. Cont: Slide 3 of 3
• Encrypt data on servers and password-protect company information.
• Incorporate multi-factor authentication measures—biometrics, PINs, and
passwords combined with knowledge-based questions—to help verify users of
information and computer systems.
• Create a formal corporate policy for mobility—develop measures for centrally
controlling and monitoring which devices can be attached to corporate
networks and systems and what data can be downloaded, uploaded, and
stored on them.
• Formalize a social media policy for the company and implement strategies for
minimizing data loss from on-line social networking.
Contingency Planning
• Establish a continuity of operations plan—back up data and systems; create
disaster recovery plans; and plan for data breach contingencies.
• Conduct regular penetration testing of company infrastructure as well as of
third-party shared service provider systems.
• Establish document creation, retention, and destruction policies.
.

17. Threats are Everywhere
Don’t let your company become a Victim
Authored By:
Jonathan Snyder, CHS, SME, ATO
COUNTERINTELLIGENCE SERVICES