The economic recession has spawned a range of additional and parallel risks and challenges for companies particularly in the area of safeguarding information assets, i.e., intellectual property, intangible assets, sensitive information, trade secrets, and proprietary business processes, etc.
Personnel layoffs and terminations, regardless of severance package, advance notice, or opportunity for ‘call back’ are likely to produce disgruntled and worried individuals due to, among many other things, the uncertainty it produces about one’s financial future and solvency. But also, it conjures a sense of employer disloyalty and collectively these factors can manifest themselves into elevated propensity (proclivity, receptivity) to engage in illegal and/or unethical acts (sabotage, theft, misappropriation, infringement, etc.) against their employer.
Obviously exit interviews must be ratcheted up at this point to emphasize the (legally binding) contractual components of non-disclosure and confidentiality agreements, as well as, non-compete agreements where they’re enforceable especially for employees who have access to sensitive-proprietary information.
The recession has also prompted countless companies to initially ‘look to the low hanging fruit’ for budget reductions by curtailing if not eliminating (security) travel and training budgets. Translated this means fewer information asset audits and less direct oversight, stewardship, and management of information assets which includes intangibles, intellectual property, sensitive information, and proprietary competitive advantages and business processes. Collectively, these assets conservatively comprise, for most company’s, 65+% of their value, sources of revenue, and future sustainability.
We see many companies reallocating (re-distributing) their security resources or literally dismantling their security departments causing decentralization of security responsibilities and delegating (entrusting) those responsibilities to untrained – inexperienced personnel and/or business units unaccustomed to consistently addressing security issues which, practically speaking means, inconsistent interpretation, assessment, and treatment of risk and threat thresholds.
We can also presume, (with considerable certainty) there will be an elevated presence of even more aggressive – predatorial tactics emanating from information brokers and competitor intelligence operations that will specifically target ’disgruntled employees’, e.g., elicit – solicit sensitive, proprietary information.
Similarly, we can presume, with equal certainty, there will be an elevated propensity of laid-off (disgruntled) employees who try to ‘leverage’ (offer) their knowledge of former employer’s sensitive-proprietary know how and/or trade secrets for (a.) cash payment from competitors, information brokerss, competitor intelligence entities, etc., (b.) employment with a competitor, or (c.) start their own company.
A collective bottom line to all of this is that some company’s appear to be positioning themselves, at least during the recession, to accept increasingly higher thresholds for risks and threats. The question – challenge for information asset protection professionals is how much company value, reputation, image, goodwill, and IP, etc., will be eroded, de-valued, or outright lost in the interim?