Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Enterprise Services

Addressing Corporate Espionage in the 21st Century

By Robert Dodge
Corporate espionage
Corporate espionage
Corporate espionage
Corporate espionage
December 1, 2014

The 21st Century is often referred to as the information age; the developing global marketplace has contributed to the entrance of new cultures and economies into the competitive global economy. Due to globally available infrastructure and the development of global telecommunication/computing capabilities, it has enabled individuals, companies and countries to compete globally on a level playing field with traditional Western powers even from some of the most remote parts of the world. Unfortunately this has also created conditions in which the threat of corporate espionage has been rapidly proliferating due to the ease threat actors can ply their trade both through physical and virtual actions against U.S. corporations.

It is becoming routine to hear about corporate/state-sponsored espionage cases in the media. Annual losses to corporate espionage are estimated to be at $300 billion annually, which would be comparable to all of the United States exports to Asia annually. Think about that for a moment – $300 billion annually…The terrorist attacks on 9/11 were estimated at a total of $62 billion in physical asset and insurance loss which pales in comparison to the annual espionage loss in the U.S.

According to the Brookings Institute: as much as 65+ percent of most companies value, sources of revenue, sustainability and growth lie in information assets, intellectual property (IP) and proprietary competitive advantages. It is important to acknowledge that in the 21st century the essential risk to corporations is the protection of these information based assets from the threat of corporate espionage.

Corporate or economic espionage simply stated is the unlawful theft/acquisition of intellectual property, such as key trade secret and patent information as well as industrial manufacturing techniques and processes, ideas and formulas. Or it could also include sequestration of proprietary or operational information, such as that on customer data, sales, pricing, research and development, policies, prospective bids, planning or marketing strategies, or the changing compositions and locations of production. Basically it could involve anything that gives your business an advantage in the marketplace and what makes your business successful.

 

Proprietary Information/Intellectual Property identification

What always amazes me is how unaware some corporations are of what sources of information are actually critical to their corporate success and economic viability and the importance of properly protecting that key information/IP. Generally speaking corporations are much better focusing on external threats and physical security then they are on internal threats and identifying/protecting information assets. The following key areas within corporations are important and are all under assault by corporate espionage threats and should be safeguarded:

  • Trade Secrets/Patents– These should be legally protected. Whether they’re formulas, practices, process designs or inventions, these are the crown jewels and should have more than appropriate safeguards.
  • Executives/Board Members– Sensitive discussions/knowledge/meetings on strategy, strategic vision, expansion plans, mergers/acquisitions and partnerships.
  • Human Resources/Staffing– Hiring processes, salary and compensation of key employees and performance evaluations.
  • Research/Development– Sensitive information on new designs, inventions, pending patents, research and key individuals with valuable knowledge.
  • Manufacturing– Companies’ supply chain partners and components, special manufacturing methodologies, finished goods, raw materials and key processes.
  • Sales and Marketing– Sales strategies, pricing plans, marketing plans/budgets, bid information, customer lists and information on reseller networks.
  • Company Operations– Costs, margins, budget data, IT infrastructure and business continuity plans.

 

Corporate Espionage Threat Identification and Indicators

We have identified above key information/intellectual property areas within corporations that are of interest and routinely get targeted by corporate espionage threats. It is equally important for corporations to understand the likely threats to their business are and how they might try to conduct espionage against them. The following represent those threats:

  • Insiders with Access– These frequently represent the insider-threat term we hear so often in the industry. But increasingly employees are leaving corporations and taking intellectual property and other key information with them illegally. Another area not often not accounted for is contractors/temp/H1B visa workers, here today but gone tomorrow potentially with your sensitive information. The fact is, according to a study from the Executive Corporate Board, 75 percent of departing employees are disgruntled with their employer. So they can be potentially ripe targets for competitors and foreign intelligence agents to capitalize on.
  • Criminal Organizations– Global criminal organizations have learned this is a very profitable area for them with very little risk compared to their traditional modes of making money. They have one goal – making money by violating your intellectual property rights.
  • Marketplace Competitors– There are two types of competitors; the first one will exploit any edge legally in the global business marketplace you provide them. The second will conduct illegal activities to gain that edge. Planting of employees, stealing of key information, paying a current employee of your organization for your information/IP are all acceptable actions to this actor.
  • Foreign Intelligence Agencies/State Entities– These are the foreign intelligence agencies that are targeting U.S. corporations’ key information and IP. If it has economic value then they are in the game and there to provide that data to their business entities within their countries. Many countries including some allies of the U.S. routinely conduct corporate espionage within the United States. In the case of China for instance, the FBI estimates that there are 3,000 front companies operating in the U.S. all conducting intelligence collecting operations on behalf of China.
  • Inadvertent Disclosure– This is when our own corporate employees make mistakes due to not being aware of the threats and say or do the wrong thing at the wrong time which provides key information to the corporate espionage threat. I am always amazed what I am able to see and hear in regards to sensitive corporate information at the hotel, airport or on a plane.
  • So now that we have identified the “who” of the corporate espionage threat, it is now time to look at the “how” of conducting their operations or their Modus Operandi. It is my experience along with other industry colleagues that espionage collection activities rarely use just one method of collection in isolation to collect information from their target but rather using various methodologies to gather information into a concerted program of espionage. The following areas represent these channels:
  • Agent Recruitment– Developing a trusted person inside a company who can provide proprietary/sensitive information. Intelligence Collectors use the acronym “MICE” (Money, Ideology, Coercion, Ego) as the way they are able to develop and recruit an agent. Playing to one or multiple areas of these are how most intelligence collectors will develop sources within an organization.
  • Surveillance– Conducting physical and electronic surveillance on sources of information/IP. This threat is heightened when U.S. corporate employees are on international travel, there should be no expectation of privacy in foreign countries, especially when the telecommunication infrastructure is owned or operated by the nation-state.
  • Technical Operations– This includes computer intrusions (spear-phishing etc.), telecommunications targeting, and planting of listening devices/malware.
  • Foreign Students/Workers– Playing to their national loyalties and or pressuring them to conduct espionage by threating harm/difficulties for other family members back in their home country.
  • Trade Conference Elicitation– Intelligence collectors/competitors/information brokers routinely target these events to develop information and individuals while they are in a fairly open environment.
  • Corporate Merger/Acquisition– Several countries use these transactions to acquire sensitive technologies.
  • Hiring Competitors’ Staff– Foreign companies and competitors will try to do this and learn your corporate secrets/advantages and make them their own.
  • Social Engineering– This comes in many forms, such as unsolicited enquiries via personal contacts, telephone, email, fax and other forms of communication, in search of sensitive information. Also social media is often used as a tool by intelligence collectors to learn more about targets and develop approaches to gather sensitive information.

 

Counter Corporate Espionage Program

Mitigating the threat of corporate espionage can seem like a daunting task for corporations. From the viewpoint of the Chief Security Officer (CSO) having global operations, rapidly changing technology, a disparate workforce composition and limited financial resources to get the job done it can appear to be impossible. The hardest part of the battle is to get executive leadership to realize that this threat is actively working against them due to the clandestine nature of most threat actions. The key component of a successful counter espionage program is to have a holistic risk management program that addresses the following core areas:

  • Personnel Security– Implement a comprehensive program that addresses pre-employment screening and solid employee termination/exiting procedures. Monitor your workforce for potential insider threats and manage accordingly.
  • Legal Support– Protect your intellectual property legally and go after offenses vigorously.
  • Education and Awareness– Educate your employees about the threat of corporate espionage on an ongoing basis. With a special emphasis of techniques and tactics used by intelligence collectors. Provide specialized and tailored training to key personnel and executives.
  • Physical Security– Ensure your physical security program does the basics well. Confident access control is the goal.
  • Intelligence– Keep on top of latest trends in corporate espionage, and understand your company’s operations and strategic goals. Develop good business/market intelligence as well as security intelligence and understand how it relates to your corporations strategic direction.
  • Government Liaison and Industry Relations– Develop strong contacts with the FBI, the government agency tasked with criminally enforcing the Economic Espionage Act of 1996 (EEA). This is the federal law that addresses both state sponsored espionage as non-state sponsored espionage as well. The FBI has several partnering programs with private industry such as the Domestic Security Advisory Program (DSAC) and the Strategic Partnership Program. It is all very important to stay in tune with peers from the private sector charged with protecting corporate IP to discuss/share information on industry/threat trends.
  • Information Security– All levels of IT and network security need to be covered.
  • Converged Structure– In a perfect world both physical security and cybersecurity would report into the same management or be part of the same organization, this would drive threat information sharing and help to eliminate the silos that too often exist in U.S. corporations. This should be the goal the same social engineering attack on a lobby receptionist could be part of an IT network intrusion attempt in another part of the organization, but it is critical that both groups communicate to eliminate gaps that corporate espionage threat actors can exploit or remain undetected.
KEYWORDS: corporate espionage cyber attack data breach identity theft Social Security number Social Security number security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Robertdodge

 Robert L. Dodge, CPP, is a Senior Vice President with G4S Corporate Risk Services.  Dodge has been involved in security, investigations and security consulting for over 20 years.  He has worked on behalf of many U.S. corporations and their interests globally in actively investigating IP infringements/thefts and cases of corporate espionage as well as developing counter corporate espionage programs for U.S. Multinational firms.  

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Corporate Executive Protection in the 21st Century - Security Magazine

    Corporate Executive Protection in the 21st Century

    See More
  • Cyber business feat

    First Century Philosophy for the 21st Century Security

    See More
  • Hacker wears dark hoodie

    Making an offer you can’t refuse: Ransomware gangs are the mafia of the 21st century

    See More

Related Products

See More Products
  • Hospitality-Security.gif

    Hospitality Security: Managing Security in Today's Hotel, Lodging, Entertainment, and Tourism Environment

  • Physical-Layer-Security.gif

    Physical Layer Security in Wireless Communications

  • s in europe.jpg

    Surveillance in Europe

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing