This sensitive information includes trade secrets and intellectual property, more commonly known as a company’s “crown jewels.” At ARRUDA Group, our team of former FBI Special Agents, and Naval Intelligence Officers specialize in Counterintelligence. We use our collective expertise to investigate matters of Corporate Espionage, and Insider Threat.
What is Corporate Espionage?
Corporate Espionage, sometimes referred to as Industrial Espionage or Corporate Spying, is a very real and large-scale problem targeting U.S. businesses today, responsible for the loss of hundreds of billions of dollars annually. While this is not a new crime, it is one that has greatly benefitted from the Internet, for reconnaissance and the actual theft. The main legal difference between Economic and Corporate Espionage is the origin and allegiance of the offender. Economic Espionage is committed primarily by foreign governments or agents of that government. Corporate Espionage or Theft of Trade Secrets is committed by a competitor or agent of that competitor.
According to the Economic Espionage Act (Title 18 U.S.C. §1831), economic espionage is (1) whoever knowingly performs targeting or acquisition of trade secrets to (2) knowingly benefit any foreign government, foreign instrumentality, or foreign agent. In contrast, the Theft of Trade Secrets (Title 18 U.S.C. Section 1832) is (1) whoever knowingly misappropriates trade secrets to (2) benefit anyone other than the owner.
Common Behavior in Corporate Espionage
- Employment at a competitor to gain access to Trade Secrets
- Unauthorized access to competitor’s computer network
- Unauthorized access to third party systems housing competitor information
- Wiretapping a competitor
What is Insider Threat?
According to the Carnegie Mellon University, Software Engineering Institute:
“Insider Threat is defined as the potential for an individual who has or had authorized access to an organization’s assets to use their access, either maliciously or unintentionally, to act in a way that could negatively affect the organization.” Insider Threat can be classified into two categories, negligent and malicious activity. While negligence is preventable through proper training, maliciousness is entirely another story. It is something that is built up over time, often with months or years of erratic behavior leading up to the criminal activity. Insider Threat has everything to do with placement and access. As such, it is important to not solely rely on technical solutions, but also incorporate anomalous behavior.
Insider Threat Training
As a former Counterintelligence Agent, FSO, and founding member of SOCOM’s Insider Threat Working Group (ITWG), I understand from both a policy and national security perspective what needs to be included in a comprehensive Insider Threat Training Program.
Insider Threat training is a requirement for cleared defense contractors and government agencies to pass the DCSA Assessment and Authorization (A&A) process, formerly the Certification and Accreditation (C&A) process.
An effective and comprehensive training program should first and foremost illustrate the threat, provide easy to understand real world examples, organizational factors that increase the threat, behavioral indicators of wrongdoing, reporting requirements, who and where to report to, and potential mitigation procedures. Our programs are individually designed to meet your organization’s specific needs.
Please contact us to discuss your organizations specific requirements.