As the holiday season approaches, Hollywood will begin to bombard us with movies that depict good looking men, beautiful women, and fancy cars or other electronics in romantic stories of intrigue and espionage. As Americans, we love these stories where the main characters wear beautiful clothes and against all odds, often times with cutting edge electronics or personality, save the free world for another day. Let’s not forget that the villain in most of these stories is a crazy, independently rich power monger who leads a force of mindless soldiers who are willing to die for his vision.
Remember folks it’s just the movies. Life is usually much simpler and more mundane. As an industrial contractor and security consulting firm, we know too well the cost and ease with which companies give away their competitive intelligence every day and often times do not have any idea until it is too late. Many security managers think, “Espionage? Here? That is the stuff of national intelligence and national security.” Are you so sure? What about that unsolicited request for information? What about that unsolicited request for a proposal? How about that employee who had access to all of your customer information, research and development, or marketing plans who left to work for a competitor or has a grudge with his or her supervisor? Do any of your employees travel internationally? Is it important that they stay connected? Does HR ever work with your security or IT department to make sure that the policies and procedures that employees sign protect your intellectual property? Is there any annual or quarterly training that reinforces the protection of your corporate intelligence? Are you one of the thousands of companies who do not have employees sign a non-disclosure agreement? Are you one of the thousands of organizations who do not vet the outside contractors who clean your offices or have access to your data? Of course, you have a state-of-the-art card access system and cameras all over the place, but times are tough, so a comprehensive security program is just not in the budget.
Ask the FBI who works with companies every day. According to the FBI website, “every year billions of U.S. dollars are lost to foreign and domestic competitors who deliberately target economic intelligence in flourishing U.S. industries and technologies, and who cull intelligence out of shelved technologies by exploiting open source information and company trade secrets.” Where do they get the information? First, it is important to understand that intellectual property is valuable not only as a whole but also in its pieces and parts. Methods of exploitation are not the sexy “boy meets girl (or girls)” of the movies. They are relationships built at trade shows and training programs with subject matter experts. They are employees who travel with proprietary information on their smart phone or other electronic devices overseas. It is the receptionist who is flattered when the caller treats them as valuable and asks questions that should be outside the receptionist’s scope of work. It is the disgruntled employee or former employee who is able to rationalize the sharing of sensitive information for personal gain. It is the information gained by computer savvy people who surf the Internet and find bits and pieces of information that lead them to the next bit or piece. Have you ever considered the information that is provided to government regulators? It’s all there on the Internet for the taking. Intelligence that you provide to attract customers also gives your foreign and domestic competitors one more piece in the puzzle.
As a small business, we know better than most the importance of a comprehensive security program that includes input and feedback from all of the businesses decision makers. Competitive intelligence protection is vital to the survival of every business. The safeguards put in place to protect competitive intelligence will also have a positive effect on other parts of the business including instances of potential fraud and regulatory compliance. No matter how large or small your business, the principles are the same, and it has been our collective experience that large businesses often make the same mistakes that small ones do with regard to protecting their assets.
Take steps to protect your company.
Identify and recognize what critical information exists and protect it.
Recognize that insider and outsider threats to your company exist.
Recognize information regarding the production of goods and services is valuable and protect it.
Recognize that information regarding customers, both marketing and retaining, is valuable and protect it.
Implement vital countermeasures that begin with a proactive plan for protecting competitive intelligence to include:
- Clear and communicated policies and procedures.
- Pre-employment screening.
- Post-employment screening based on years of service and/or change of company role.
- Training and retraining about your intellectual property plan and security for everyone.
- Travel plans for employees to include domestic and international expectations, policies, and training.
- Screening of contractors and limiting access to company information.
- Visitor policies and a plan for limiting access.
Keep intellectual knowledge on a “need-to-know” basis.
Provide a method for persons to report suspicious activity or contact authorities anonymously.