Subject: Business Intelligence Countermeasures
Description: Preventing and reducing the impact of industrial espionage
Category: Security Awareness Training
Click here to see the Topic List |
The top link contains info about
security
The Federal Bureau of Investigation estimates that U.S.
Corporations lose $100 Billion annually due to industrial espionage.
While many people believe that the espionage is committed by well financed organizations that can only be stopped by national agencies, that is very incorrect.
Industrial espionage usually exploits simple and very preventable vulnerabilities to produce tremendous results.
By focusing on comprehensive security, and not just technical security, information security professionals can significantly hamper adversary attempts to steal their
organization's information assets.
The presentation that describes this paper presents a case study of of an actual industrial espionage attack against a large U.S. security
corporation.
The theft of sensitive information from U.S.
corporations is the goal for many foreign nations and companies.
Adversaries do not care about what form the information takes.
Whether information is in electronic format or is thrown away in the trash, it is irrelevant as long as the information is compromised.
Unfortunately for most corporate security programs, there is a preoccupation with technical security that leaves information very vulnerable to basic espionage methods.
Information security professionals focus their efforts on what they know know best. security
When they allocate their limited budgets, the division of funds reflects their perceived needs, which are basically technical security mechanisms.
Firewalls and other Internet security mechanisms are the hottest selling products.
While firewalls go a long way in preventing the traditional computer hackers from intruding into a corporate computer network, they do nothing to stop the most significant source of computer crime: Insiders.
Two recent studies show that insiders were responsible for more than 70% of information related thefts [1, 3].
The threat prevented by firewalls is minimal, because a focused attack will bypass bypass security the strongest protection mechanisms.
Information comes in many forms, and must be protected in all of its' forms.
Information security is not computer security.
While computer security is an integral part of a good security program, it is only a part.
Comprehensive security includes physical, personnel, operational and technical security.
Industrial spies know how to bypass any strong part of a security program to attack an organization at its' weakest point.
Industrial espionage and corporate intelligence are massively prevalent in today's business world.
It is not unusual unusual for a corporation to hire a spy or spies to investigate their competition and their hold on security the market share.
This business intelligence is both helpful and harmful because while sometimes it is merely getting the new sales plans of your company, it could be getting the patent filings of your brand new invention.
One form of this espionage might get the corporation a little jump on your plans, the other could destroy you entirely.
This is terrifying news because few have the security implemented to thwart these attacks on your privacy and protect your information.
If you still need info about
PEOPLE SECURITY AWARENESS TRAINING
You should check out People Hackingindex.htm | industrial-awareness-h | industrial-awareness-training-i | industrial-business-c | industrial-business-e | industrial-competitive-f | industrial-consultant-k | industrial-consultant-r | industrial-corporate-b | industrial-development-j js | industrial-espionage-q | industrial-hackers-n | industrial-hacking-m | industrial-industrial-a | industrial-industrial-p | industrial-intelligence-g | industrial-people-o | industrial-privacy-t js | industrial-protect-s | industrial-security-l | industrial-spy-d |