“Maybe money can’t buy happiness, but it can buy you an advantage.”
It is indeed probable that an organisation with good security practices has a good chance of detecting and preventing an outsider (non-employee) from unauthorised access to company systems and data.
However, the thief who is harder to detect and who could cause the most damage is the insider, the employee with legitimate access, the trusted user. That insider may steal solely for personal gain, someone who is stealing company information or products to benefit themselves, another organisation or country.
Here are a couple of examples
In the above two cases, both organisations failed to place appropriate protection for their critical assets against their insiders.
As we know the impact of theft of IP can be devastating. Imagine this…what would befall your organisation if a contractor whose contract ended took the source code of your key application with him or the salesperson who took your key strategic plans with them to start a new competing company? And worse of all, what if one of your employees gave your intellectual property to a foreign organisation or a government? Once an IP leaves your organisation, it is extremely difficult and often impossible to get it back.
For example, the cost of data theft and industrial espionage to the German companies is valued at $229.1 billion (€205.7 billion) over the past two years according to the Federation of German Industries.
How do we then define insider IP theft? According to the Insider Threat Division of CERT, Insider Theft of Intellectual Property is an insider use of IT to steal proprietary information from the organisation.
Intellectual Property: Intangible assets created and owned by an organisation that is critical to achieving its mission.
Types of IP stolen
What was the primary reason that insiders stole IP?
Very few insiders steal intellectual property to sell it. Instead, they steal it for business advantage – either to take it with them to a new job, to start their own competing business or to take it with them to a foreign government or organisation.
In 2019 Blackhat USA conference, Gurucul found that 24% of respondents admitted that they would take company information to help them apply for a more senior role at a competitor. Further, 27% of those who said they look for another job while at work would also take company data to apply for another job.
Insiders have an advantage over external hackers/intruders. Insiders have authorised access to facilities and information. They have knowledge of the organisation systems and their processes and know the location of critical or valuable assets. Insiders know when and where to attack and how to cover their tracks.
Interestingly, 75% of Insiders steal information for which they already have authorised access and usually steal it at work during business hours. What makes it extremely difficult for the victim organisation is the ability to detect it – as it is being copied or removed from the organisation. In other words, the window of opportunity can be quite small.
To prevent your intellectual property from walking out the door, consider the following set of recommendations.
If you want to develop insider threat resiliency practices specifically addressing IP theft prevention, reach out to us.
You can reach us at the following
© 2023 Naked Insider, Level 1 Colbee Court, Phillip ACT, Australia Tel: +61 6282 5554