Forwarded from: William Knowles <wkat_private> http://news.com.au/common/story_page/0,4057,4095601%255E15319,00.html Karen Dearne The Australian 09apr02 THE corporate spy trade is booming. One-quarter of Australia's largest companies admit they are involved in "competitive intelligence gathering", according to a PricewaterhouseCoopers survey. The information-gathering techniques are almost always legal and carried out by trained professionals - often former government intelligence operatives highly trained in obtaining military and economic secrets. But the operatives were spying on competing companies rather than foreign governments, and many companies were easy targets, PwC dispute analysis and investigations director Richard Batten said. "Corporations have people trained to obtain raw data from a wide range of sources and apply traditional intelligence analysis techniques to produce usable information," he said. "It's worrying to find 62 per cent of companies have no protection in place to stop the loss or theft of intellectual property -- even though 30 per cent admit already experiencing at least one incident." Competitors were involved in 37 per cent of incidents reported by respondents to PwC's Intellectual Property Loss Survey 2001 -- up 15 per cent from the last survey, in 1998. Mr Batten said most companies did not properly value their information and intellectual property, and were often unaware that data had been lost. "If intelligence gathering is being done by a professional, the victim will probably know nothing about it," he said. "If a customer list is copied and taken out of a company, the original list is still there and they may never know it has been taken." Forty per cent of incidents were caused by people in a trusted relationship with the company -- employees, consultants and contractors -- up from 12 per cent in 1998. "These people have internal access and it's easy for them to get information without having to break in or bribe someone," Mr Batten said. "People get tempted - they may see the value of some information and try to sell it to a competitor." Theft or loss of laptops was less of a worry than the behaviour of people using them in public places such as airports. "Businessmen often work on sensitive projects on their laptops while they are in a frequent flyer lounge, on a plane or even in a taxi," he said. "They don't pay any attention to who's sitting next to them and don't realise how much information can be seen or overheard by others." Laptops should always be secured by encryption and passwords so data was not readily accessible to anyone who picked up a lost or stolen laptop, he said. ------------------------------------------------------------------- How to protect IP Prepare an inventory that identifies the company's information and intellectual property crown jewels. Devise a method of valuing these information resources to establish what material is worth protecting. Undertake a risk management review of the total business operation to discover security deficiencies. Once the information protection hotspots have been identified, controls can be put in place. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Apr 10 2002 - 04:41:36 PDT