A basic Corporate Counterespionage Strategy is outlined here…
Many companies are bleeding profits for lack of a corporate counterespionage strategy, and some of the worst threats are internal.
Sad, because the amount of time, effort and funding to have an effective corporate counterespionage strategy is really quite minimal, and it quickly becomes profitable once implemented.
Develop your strategy by following these steps:
Obtain management leadership to promote the corporate counterespionage effort.
Provide information security and workplace espionage education for employees.
Develop intellectual property safeguards.
- Written rules and enforcement.
- Legal compliance. (The “non” agreements from the legal department for employees, vendors and consultants to sign.)
- Marketplace monitoring for violations.
Schedule quarterly, or biannual, technical security audits of your sensitive business areas.
- Technical Surveillance Countermeasures (TSCM) is the name of the inspection process used to detect electronic spying while the spying is still in the intelligence collection “no harm done yet” phase. This should be outsourced.
- Wi-Fi audits to identify rogue devices and document compliance with applicable privacy laws.
- Information security surveys (usually conducted concurrently with TSCM).
- Physical security surveys (usually conducted concurrently with TSCM).
- Your TSCM consultant will keep you aware of new information security vulnerabilities on the horizon.
- If you need help with this, download The Security Director’s Guide to Discussing TSCM with Management.
Develop an in-house ability to…
- Evaluate employee reports of espionage suspicions.
- Research for “interesting coincidences” and look-a-like products.
- Accounting of the actual/potential dollar value of the consequences of espionage (real and suspected).
- Prepare an annual cost / benefit analysis of proactive the corporate counterespionage strategy to show the effort is profitable.
Why Technical Surveillance Countermeasures is the backbone of an effective corporate counterespionage strategy.
Regularly scheduled TSCM inspections do a number of things.
- Narrow the window-of-vulnerability.
- Spot new security loopholes.
- Spot decaying security measures and practices.
- Disrupt the spy’s intelligence collection phase.
- Keep counterespionage awareness levels elevated.
Benefits of TSCM based corporate counterespionage inspections include:
- Increased profitability.
- Written reports document proof of your intellectual property due diligence.
- An environment secure from electronic surveillance invasions.
- Advance warning of intelligence collection activities (spying).
- Document compliance with many privacy law requirements.
- Discovery of new information loopholes before they can be used.
- Help fulfill legal the requirement for “Business Secret” status in court.
- Enhanced personal privacy and security.
- Improved employee moral.
- Reduction of consequential losses, e.g. information leak sparks a stockholder’s lawsuit, or activist wiretaps damage good will and sales.
Now that you know the basics of a corporate counterespionage strategy, get some help. Contact a, independent, certified, information security consultant with TSCM capabilities. The International Association of Professional Security Consultants membership directory is also a good place to start.
Kevin D. Murray CPP, CISM, CFE, CDPSE is a business counterespionage consultant and TSCM specialist with over four decades of experience.
Murray Associates is an independent security consulting firm, providing eavesdropping detection and counterespionage services to business, government and at-risk individuals.
Headquartered in the New York metropolitan area, a Murray Associates team can assist you quickly, anywhere in the United States, and internationally.