Welcome to the Arruda Group, a full service risk management and consulting agency. What sets us apart from other risk mitigation companies is that we focus on behavior first and foremost. Whether it relates to training, investigations, or Intelligence, the behavioral aspect is always scrutinized first. Please review this article to familiarize yourself with our capabilities.
Corporate Counterintelligence can best be defined as a collective effort to protect business’ sensitive information from unauthorized access, sabotage or theft.
This sensitive information includes trade secrets and intellectual property, more commonly known as the company’s “crown jewels.” At the Arruda Group, our team of former FBI Special Agents, CIA Analysts and Naval Intelligence Officers specialize in Counterintelligence. We use our collective expertise to investigate matters of Corporate Espionage, Insider Threat, and Cyber Threats.
What is Corporate Espionage?
Economic Espionage is a very real and large scale problem targeting U.S. businesses today, responsible for the loss of hundreds of billions of dollars annually. While this is not a new crime, it is one that has greatly benefitted from the Internet, for reconnaissance and the actual theft. The main legal difference between Economic and Corporate Espionage is the origin and allegiance of the offender. Economic Espionage is committed primarily by foreign governments or agents of that government. Corporate Espionage or theft of trade secrets, is committed by a competitor or agent of that competitor.
According to the Economic Espionage Act (Title 18 U.S.C. §1831), economic espionage is (1) whoever knowingly performs targeting or acquisition of trade secrets to (2) knowingly benefit any foreign government, foreign instrumentality, or foreign agent. In contrast, the theft of trade secrets (Title 18 U.S.C. Section 1832) is (1) whoever knowingly misappropriates trade secrets to (2) benefit anyone other than the owner.
What is Insider Threat?
According to the Carnegie Mellon University, Software Engineering Institute, “Insider Threat is defined as the potential for an individual who has or had authorized access to an organization’s assets to use their access, either maliciously or unintentionally, to act in a way that could negatively affect the organization.” Insider Threat can be classified into two categories, negligent and malicious activity. While negligence is preventable through proper training, maliciousness is entirely another story. It is something that is built up over time, often times with months or years of erratic behavior leading up to the act. Insider Threat has everything to do with placement and access. As such, it is important not to solely rely on technical solutions, but also incorporate anomalous behavior.
ARRUDA Group was founded for the sole purpose of sharing the knowledge and experiences of its employees in an effort to secure and protect our clients security, both physical and cyber. Our goal is to analyze each case as its own unique event and provide the client with a range of proposed solutions.
Security Risk Management
We assist our clients with the protection of their employees, assets, information and reputation through physical, technical and operational security measures. As we have access to a number of Subject Matter Experts (SMEs), including the following areas; Cyber Security, Counterintelligence, Terrorism, Intelligence, Human Resources, Recruiting, Special Weapons and Tactics (SWAT), and Hostage Negotiations, no situation is out of reach.
Why Pen Test?? The goal of penetration testing is to identify your network’s vulnerabilities, and correct them, before the “bad” guys do. Pen Testers employ the TTPs (Tactics, Techniques and Procedures) of real-world attackers targeting your assets. There are several testing options, depending on your risk level. Our team is NSA IAM/IEM certified. Contact us for specific information.
Computer forensics is the scientific process of recovering and examining forensic evidence from digital devices, using legally acceptable methods. The purpose of digital forensics is to locate deleted, encrypted, or damaged files and data that may later serve as evidence.
Security Awareness Education
What one thing determines whether your employees fall into the asset or liability category? It is training!! If your employees are trained they are an asset, if they are not trained they are a liability. Following this same train of thought, employees are the weakest link to an organizations cybersecurity. As such, 91% of cyber crime begins with an email.
Tailored Security Briefings (Cyber/Physical)
With decades of experience in education and training at all levels, we can design an appropriate program for your employees that is both engaging and informative. It is important to note security has two sides, physical and cyber. Some of the basic concepts apply to both, but they become very different quickly. The most requested training programs involve email based threats, phishing, spear phishing, ransomware and social engineering.
Hidden Social Media Threat
Social Media fuels Cyber Crime!!! As a society, we live our lives on Social Media and the criminals take full advantage of this. Learn how, terrorists, criminals, and spies, “bad guys” take the seemingly innocuous information your employees post online and use it to compromise your company’s network. Specifically, you will see how these “bad guys” are able to take this information to create infected emails/documents that will be opened. In these instances, it does not matter how robust your IT budget is, because the offender has totally bypassed it.
C-Suite Cyber Education
The first order of business for the C-Suite and the Board is to explain the rolls of the CTO and the CISO. They are two completely different individuals. One is responsible for tech and the other security. Their jobs may overlap in some places, but that is where it ends. The next point is it is no longer if your network is compromised, it is when you discover the compromise. Our roll is not to create cyber security experts, but to provide proof the cyber threat is real and must be addressed.
Often times there are situations that need to be handled with discretion, an allegation is just that. But we all know that allegation can take on a life of its own, where perception becomes reality. The retired FBI agents at ARRUDA Group know, understand, and live by this concept. Discretion is our norm, we are very skilled at confidentially conducting investigations.
Internal investigations must be handled confidentially and objectively as the accused employee’s future is at stake. All of our investigators are retired FBI Special Agents, with at least 25 years experience in both criminal and national security investigations. It goes without saying the amount of discretion necessary to successfully investigate a national security threat. Our Internal Investigation service effectively provides the information necessary to move forward either to handle the situation internally or to turnover to law enforcement. Our experts help expose integrity concerns at any level, enabling you to take decisive action as soon as possible.
Executive Background Investigations
Senior Executives have become synonymous with the reputation, brand and image of the company they represent. As such, executive hiring presents its own challenges which makes it imperative to conduct proper screening. We utilize the same techniques employed by the FBI to screen applicants. Our process combines a thorough OSINT review with both public and private database information and interviews to provide a complete assessment of the candidate.
ARRUDA Group tailors our multi-source research based upon the needs of the client, leveraging the knowledge and experience of our intel professionals. Actionable intelligence allows companies to make informed decisions on matters of interest. Please contact for additional information.
Our vast experience in Intelligence, National Security, and Law Enforcement, provides us the ability to apply our skills to any problem set. Please contact us to discuss your situation.
Contact Information: Stacy M. Arruda