In the era of technology where words like “cyber-attacks” are utter as part of everyday lingo corporations are spending millions of dollars protecting themselves from viruses and hackers, but they are neglecting one of their biggest enemies. This enemy has already infiltrated their ranks; the enemy is one of their own. Last week a former employee of CME group pleaded guilty to theft of trade secret after he stole source code and other proprietary information (News, 2012). I think that is amazing that people think that they are going to get away with it, especially when most companies make employee sign confidentiality a agreement and they are told they are monitoring every system.
Trade secrets stolen by employees is higher than most people think; 85% of the trade secret cases, the alleged thief were someone the trade secret owner knew—either an employee or a business partner (Almeling, Snyder, Sapoznikow , McCollum, & Weader, 2010).
Stealing trade secrets is more lucrative than stealing cash. Trade secret theft costs corporations billions of dollars each year and no one is immune. This lost also includes piracy, counterfeit products, and corruption (Passman, 2012). In his article Passman says that the rise in cyber theft has this issue more difficult to address, what is worse many countries such as India, Singapore, Malaysia and Hong Kong do not provide statutory protection for trade secrets or confidential information.
On my September 10, blog I wrote about outsourcing and the potential risk of customer information being stolen, this week we see that corporation can lose as well. Maybe outsourcing is a lose, lose situation because consumers and corporations end up as the looser.
Not all is lost Corporation can prevent these types of incidents by taking some basic steps:
- Educate and regularly train employees on security or other protocols.
- Ensure that proprietary information is adequately, if not robustly, protected.
- Use appropriate screening processes to select new employees.
- Provide non-threatening, convenient ways for employees to report suspicions.
- Routinely monitor computer networks for suspicious activity.
- Ensure security (to include computer network security) personnel have the tools they need (The Insider Threat An introduction to detecting and deterring an insider spy.)
I think no matter what steps corporations take is not possible to stop information from leaving a company because not only happens intentionally but inadvertently. For example, Joe he works for company A marketing department, then one day goes to company B to work in their marketing department. At company B he is asked to create a marketing plan, at the end this plan is very similar to the plan from company A. This is what is called unintentionally theft. I think that is up each one of us to protect our employers, by keeping information protected, trust no one, if we see a co-worker committing an action that could be construed as theft we should report it.
This is one battle that can never be won, the enemy always will be the one that we least expect. Like a famous saying goes “Keep your friends close and your enemies even closer”.
References
Almeling, D., Snyder, D., Sapoznikow , M., McCollum, W., & Weader, J. (2010, March 30). United States: A Statistical Analysis of Trade Secret Litigation in Federal Courts. Retrieved September 22, 2012, from Mondaq
News, S. (2012, September 21). Software Engineer Pleads Guilty To Stealing Source Code. Retrieved September 22, 2012, from Security Week
Passman, P. (2012, May 5). Trade Secret Theft: Businesses Need To Beware And Prepare. Retrieved September 22, 2012, from Forbes The Insider Threat An introduction to detecting and deterring an insider spy. (n.d.). Retrieved September 22, 2012, from FBI
No comments:
Post a Comment