In today’s world, security has become one of the most protected commodities globally. Government agencies and businesses have worked diligently to provide security of citizens, consumers, employees, and their own personal interests. The term used for businesses protecting the security interests of their stakeholders has come to be referred to as corporate or industrial espionage. This type of espionage is usually conducted by governments or businesses for economic purposes, and many times goes well beyond just the scope of a nation’s security interest. Given the recent popularity of journals such as WikiLeaks, or the NSA Intel that was released by the former CIA employee Edward Snowden, there has been an interest in the tactics used for these purpose of espionage. There are many questions that arise. Some of these are: How can individuals, organizations and governments seize these opportunities while managing the risks posed by industrial and economic espionage? Is there a balance between openness and security? If so, how can that balance be achieved?
“The increasing high stakes game of corporate espionage is being played by individuals, corporations, and countries worldwide. These players will use any ethical, and in most cases, any unethical, means to acquire data that will give them a competitive or financial advantage over their competition. The level of seriousness and dedication of these players for the game of corporate espionage is evident by the estimated $2 billion that they spent to spy on each other in 2004” (Robinson, 2007, p. 2). The reason behind the high amount of resources industries spend so much on corporate espionage gives a clear understanding of why this is needed. According to Robinson (2007), “In 1999, it was estimated that companies lost more than $45 billion to theft of trade secrets and other valuable corporate data… As a result of counterfeit products, U.S. businesses lose $200-$250 billion in revenue and 750,000 jobs annually in 2005” (Robinson, 2007, p. 2). Despite the apparent need or corporate espionage, organizations and governments have to walk the fine line of ensuring security, but also not going too far.
Today, perhaps the area most looked at in corporate security is the internet, and through their computer-based applications that governments and organizations use to store classified and confidential information. One of the hallmark ways to prevent security threats was firewall which was introduced over 20 years ago. “Evolving IT infrastructures and increasingly sophisticated security threats have brought repeated warnings about the ﬁrewall's impending obsolescence…. the emerging technology trends have forced business networks to handle an ever-increasing number of events and a greater variety of trafﬁc than before” (Insecure, 2012, p. 61). These organizations could find ways to protect all their stakeholders, and still take advantage of the good traffic that they are seeing. Things like firewall revamps, border control, and moving the risks can help them in doing this.
Organizations have to find that fine balance between openness and security; however, there are ways an organization can meet this goal. “Companies must identify what information is sensitive and classify it as such” (Robinson, 2007, p. 8). Things in the organization that are highly sensitive should be marked as such, to avoid confusion. An organization should also “conduct a risk assessment to identify vulnerabilities, and the probability that someone will exploit those vulnerabilities and obtain sensitive information…” in addition there should be a “review and update of security policies and appropriate safeguards” (Robinson, 2007, p. 8). Once this is done employees and all stakeholders directly involved should be trained on the safeguarded information. This way everyone is responsible for protecting or not protecting the interests of the organizations. Corporate espionage for some can seem intrusive, but if done correctly it can protect a lot that is at stake, without compromising privacy.
Robinson, S.W. (2007). Corporate espionage. SANS Institute.
Insecure Magazine. Greer-King, T. (2012). “Next generation policies: Managing the human factor in security.” Issue 33 (Feb), 61-63. Retrieved from http://www.net-security.org/insecure-archive.php.