Michael D. Moberly   December 18, 2009

The ‘insider threat’ to information-based intangible assets, proprietary competitive advantages, and intellectual property represent persistent, global, nuanced, and frequently costly challenges to company’s. 

In light of the economic fact that 65+% of most company’s value, sources of revenue, and foundations for future wealth creation and sustainability lie in - are directly related to intangible assets, those company’s dependant upon (their) intangibles and routinely find them in play as important elements to business growth and/or business transactions, would be well advised to keep abreast of current (insider threat) research with an ‘eye’ for fine tuning and/or updating (their) best practice defenses.  

No ‘war stories’ here because I believe most management teams, boards, and investors are generally familiar with the fiduciary importance/relevance of intangibles.  But let it suffice to say, insider (threat) challenges, left unchecked, or poorly addressed, go to the very heart of a company’s value and sources of revenue.  Such risks are unlikely to miraculously recede or fade away through attrition, terminations, or resignations, etc., absent the execution of best practices that thoroughly reflects and can adjust to current and forward looking research, e.g., (a.) how the insider threat evolves, (b.) who the ‘insider’ is, and (c.) the various motives.

Research findings of this caliber that provide both a ‘big picture’ as well as practical and relevant insights ‘into insiders’ are regularly produced by two institutions that represent assemblages of genuine subject matter experts, i.e., Carnegie Mellon’s CyLab and DoD’s Personnel Security Research center (PERSEREC). 

Both PERSEREC and Carnegie Mellon’s definition of ‘insider theft of IP’ share commonalities which I have converged as ’crimes in which current or former employees, contractors, or business partners intentionally exceeded or misused an authorized level of access to networks, systems, or data to steal confidential or proprietary information from an organization and variously use it in three primary ways, (a.) get another job, (b.) help a new employer, (c.) or promote their own ’side’ business. 

A central theme underlying (perhaps embedded in) each motive however is the insiders’ desire to leverage their illegal deed to achieve some form of ’personal financial gain’.

Designing effective practices-techniques to mitigate, counter, and ultimately defend against the insider threat should, above all, not be based solely on or unduly prejudiced by (a.) past practice, (b.) anecdotle (internal, external) snap shots, or (c.) generalized assumptions about ethnic allegiance.  Rather ‘defenses’ to the broad and complex phenomena of insider threats should be well grounded in the relevant, current, and applied research and findings of specialist research teams ala the CyLab, PERSEREC or other institutions.

Michael D. Moberly   November 18, 2009

Since 1995, the Office of the National Counterintelligence Executive (ONCIX), has been mandated to gather data and submit a report (annually) to Congress on the state of (a.) foreign economic intelligence collection, (b.) industrial espionage, and (c.) export control violations.  Data for the report is collected from government agencies that comprise the counterintelligence community. 

What’s new in ONICIX’s most recent report (unclassified version) are remarks regarding (1.) ’the increasing new modes of communication and social netorking providing uncharted opportunities for (a.) transferring information, and (b.) spying by enterprising foreign intelligence services’, (2.) ‘companies encouraging (a.) outsourcing of (their) R&D, and (b.) establishing foreign bases of operation providing foreign entities with more opportunities to target U.S. information and technologies, and (c.) mask their collection activities’.  A consequence is that ONCIX’ report states it is ’increasingly difficult to fully (accurately) measure the extent of espionage and illegal acquisitions (of U.S. trade secrets).

In contrast, the Department of Defense’ Personnel Security Research Center (PERSEREC) produced a 2005 study (report) titled ‘Technologicial, Social, and Economic Trends That Are Increasing U.S. Vulnerability To Insider Espionage’.  I am not suggesting that ‘insider’ (threats, risks) are synonymous with economic-industrial espionage or export control violations as a means to (illegally) acquire trade secrets.  What I am suggesting is that the PERSEREC study findings exacerbate - make significantly more complex the challenges most every company faces relative to its ability to sustain (indeterminate) control, use, ownership, and value of its most valuable assets, i.e., intellectual property, trade secrets, proprietary information, know how, and other intangible assets, e.g.,

1. Fewer employees are deterred by a traditional sense of (employer) loyalty.

2. Employees are more inclined to view espionage (theft of information assets) to be morally justifiable if sharing those assets will benefit the world community or prevent armed conflict.

3. For employees engaged in multi-national trade and transactions there is greater inclination to regard unauthorized transfer of information assets and technology as a business matter, rather than an act of betrayal or treason.

4. A growing allegiance exists among employees to the/a global community, i.e., an increasing acceptance of global as well as national values.

5. Tendency for employees to view human society as an evolving system of ethnically and ideologically diverse and inter-dependant people which makes illicit acts (i.e., theft of trade secrets) easier to rationalize.

As increasing percentages of most company’s value, sources of revenue, sustainability, and foundations for future wealth creation (in global, knowledge-based economies) lie in - are directly related to intangible (information-based) assets and intellectual property, to be sure, the challenges conveyed in ONCIX’s report are formidable and will persist!

Michael D. Moberly   August 18, 2009

Insider theft of IP and intangible assets will likely continue to rise and become even more irreversably devastating to (victim) companies.  In large part the increase is attributable to two things:

1. the economic fact - business reality that higher percentages (65+%) of company value, sources of revenue, sustainability, and future growth now lie in - evolve from intangible assets such as intellectual property, proprietary know how, and other forms of intellectual capital that are readily available and vulnerable.

2. the category/class of insider thief which Carnegie Mellon’s CERT Program calls ‘the entitled independant’. 

In their recently published report titled ‘Insider Theft of Intellectual Property for Business Advantage: A Preliminary Model’ an entitled independant is described as an ambitious insider, acting alone, who steals information which they have contributed to its development.  They do this in order to take it to a new job or to use in their own side business. 

Of the ’entitled independants’ CERT studied, nearly 75% were actually involved in the development of the (proprietary) information they ultimately stole and came to possess a ’sense of entitlement’ which can manifest itself further in some instances as a ’sense of ownership’.  A correlation exists between the entitled independants’ perception of contribution and the likelilhood they will develop a sense of entitlement (ownership).

Many management teams and decision makers will undoubtedly find these findings interesting.  But, to those who remain dismissive or hesitant to act on CERT’s findings and models, they’re encouraged to also review McAfee’s recent survey titled ’Unsecured Economies: Protecting Vital Information’.  Here, respondents agreed (not surprisingly) that if an employee, perhaps comparable to CERT’s ’entitled independant’ is able to appropriate (steal) valuable information assets it will likely lead to the production of a comparable product or service (albeit it a counterfeit or involving infringement) and win space in the marketplace at a far lower cost.

Preferably though, as more management teams and business decision makers come to recognize just how relevant IP and intangible assets are to their company’s value, revenue, sustainability, and growth, their motivation to seek out and act on the findings of relevant reseach studies, like those produced by CERT and PERSEREC (Personnel Security Research Center) will elevate.  

Be assured though, company management teams will want their awareness to be simultaneously joined by effective and precise strategies to mitigate, counter, and/or combat the findings that resonate (with them) most.  Such strategies should commence with, (1.) purposeful dialogue among a company’s various (turf oriented) professional disciplines and business units, i.e., specialists in information asset protection, HR, IP, IT security, risk management, marketing, R&D, etc., and (2.) disciplined attitudes (among the various disciplines) to reach consensus on what actions are necessary to effectively address (mitigate, counter, prevent) the risks on an enterprise wide basis.