Keeping Up with New Threats
Of course the first thing that comes to mind is the old joke, “I’m from the government and I’m here to help.” But the transformation at the FBI into a proactive and prevention focused organization targeting the theft of America’s intellectual property (IP) is no joke.
The FBI’s Counterintelligence (CI) DOMAIN program under the leadership of Section Chief Tom Mahlik aims to close that gap and help America defeat illegal technology acquisitions and win the modern war of economics in which we are engaged.
“We have been at it since early 2002 when the FBI’s new National CI strategy was created,” said Mahlik. “There is no question that the foreign competitors, be they state or commercially sponsored, have been effective. As a result, America’s competitive advantage is being eroded.”
The 2005 Report to Congress on Foreign Economic Collection and Industrial Espionage produced annually by the Office of the National CI Executive states, “Entities from a record number of countries – 108 -- were involved in collection efforts against sensitive and protected U.S. technologies…undercutting the U.S. economy by making it possible for foreign firms to gain a competitive economic edge over U.S. companies.”
At the top of the list, China and Russia are noted as the most aggressive. (Annual Report to Congress on Foreign Economic Collection and Industrial Espionage can be found in its entirety at www.ncix.gov/)
To understand why the FBI is going through a transformation, you must first understand your risks and the threat to your organization’s IP, including trade secrets, proprietary data or the “crown jewels” that drive your company’s prosperity.
Historically, organizations viewed IP as an economic issue or concern and first protected IP at the marketing/manufacturing stage when it generated sales. To their surprise, they would find their IP already stolen and their competitive advantage in time to market and innovation lost, typically, to an overseas manufacturer. This is also the point in time when the FBI would be contacted. Too late. Hence the driver for the FBI’s transformation is to be a more proactive organization that gets out in front of the problem, detecting and preventing losses from occurring in the first place.
What’s The Problem?First, Globalization and the sheer speed of business, including business outsourcing, off-shoring decisions and the race for competitive advantage have opened the doors and made it much easier for foreign students, engineers and businessmen to obtain IP, steal it and sell it. This also includes organized criminal syndicates, hackers as well as foreign intelligence services, which may be sponsoring such activities because the windfall of information is too attractive.
Recently adjudicated FBI cases cite the increasing pervasiveness of this threat. “A perfect storm has been in effect for some time,” said Agent Mahlik. “More and more of the R&D fueling innovation in the U.S. has been collaborative between companies, academe and foreign countries. Consequently, more opportunities and incentives for unauthorized or illegal disclosures have been created as employee loyalties and profit making motivations become blurred. Intensely competitive global market conditions and the dual use (commercial /military) properties of today’s technologies add to the complexities of the landscape the FBI must navigate. We saw this most recently in the Chi Mak espionage case in Los Angeles where sensitive proprietary company data, having concurrent military and profitable commercial application, were stolen and sequestered away to China by a trusted inside employee.”
Second, our U.S. business leaders have a short horizon.
IP is an economic driver that is created, for the most part, at “invention” not when it is brought to market. But most U.S. businesses focus on reducing cost, increasing capabilities and running faster than the competition. Business cycles are shorter and the pace of change is faster. Many CEOs have a short tenure and focus on quarterly results with long-term vision being only three or four years.
“It is the confluence of this new business landscape coupled with the pervasiveness of potential data gatherers that make this a combustible situation,” said Lynn Mattice, chairman emeritus of the National Intellectual Property Law Institute and former vice president and CSO of Boston Scientific.
“U.S. business is being blindsided and CEOs, as well as all levels of corporate America in general need to be aware that these forces are aimed at economic superiority and global economic dominance. It is much easier and cheaper to steal intellectual property than to create it. It is one thing when you are battling with corporate competitors, it is a completely different level when economic espionage is being sponsored by a foreign government and that government is deploying its intelligence resources to collect information that will be useful for indigenous companies,” Mattice added.
Be On the LookoutYour biggest risks can be categorized into four areas:
- Asymmetric recruitment: Employees may not
initially come to work in the U.S. to spy, but upon
returning home have valuable knowledge. Their government taps them and acquires
and develops that IP.
- Unsolicited and direct requests for
information: Unmonitored responses to e-mail requests and inquiries from
“unsuspecting customers” asking “How do I, Where can we, Please send us, Tell
us, Can you help,” etc.
- Behaviors: Security or counterintelligence
programs are often put in place but then ignored or enforcement becomes lax.
Convenience overrules security policy and our impatience and COMPLACENCY are,
often times, our Achilles heel. Risk
management is not risk avoidance.
- Insider threats: Some insiders come motivated to do harm by spying, sabotage or theft. More carefully conducted, background investigations, surveillance programs, and employee awareness can reduce this threat.