Preventing Corporate Espionage: Investigations, Data Analyses and Business Intelligence

Similar documents
THE PROCESS FOR ESTABLISHING DATA CLASSIFICATION. Session #155

716 West Ave Austin, TX USA

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

CloudSOC and Security.cloud for Microsoft Office 365

The Impact of Cybersecurity, Data Privacy and Social Media

Cyber Risks in the Boardroom Conference

2017 Annual Meeting of Members and Board of Directors Meeting

A practical guide to IT security

DeMystifying Data Breaches and Information Security Compliance

Hacking and Cyber Espionage

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

INFORMATION SECURITY-SECURITY INCIDENT RESPONSE

Red Flag Regulations

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

Securing Office 365 with SecureCloud

ANATOMY OF A DATA BREACH: DEVELOPMENTS IN DATA SECURITY AND CLOUD COMPUTING LAW

Governance Ideas Exchange

ANATOMY OF AN ATTACK!

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

CYBER SECURITY RISK ASSESSMENT: WHAT EVERY PENSION GOVERNMENTAL ENTITY NEEDS TO KNOW

Cyber-Threats and Countermeasures in Financial Sector

Combating Cyber Risk in the Supply Chain

Reducing Cyber Risk in Your Organization

It s About the Data, Stupid.

Dissecting Data Breaches. What Keeps Going Wrong?

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

How to Prepare a Response to Cyber Attack for a Multinational Company.

Mission Defense via Information-Centric Security

Cyber Security Updates and Trends Affecting the Real Estate Industry

Jeff Wilbur VP Marketing Iconix

Information Security Is a Business

How Cyber-Criminals Steal and Profit from your Data

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

Cyber Security Issues

Oracle Data Cloud ( ODC ) Inbound Security Policies

Leading Authority Doug Kaminski On 3 Key Ways To Protect Your IP. #FearlessLaw on High Performance Counsel

Cyber Security and Project Planning: How to Bake It In

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

A Privacy and Cybersecurity Primer for Nonprofits Nonprofits in the Digital Age March 9, 2016

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

The Cyber War on Small Business

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

McAfee Total Protection for Data Loss Prevention

Cybersecurity for Health Care Providers

THE ACCENTURE CYBER DEFENSE SOLUTION

Internet of Things Toolkit for Small and Medium Businesses

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

Critical Information Infrastructure Protection Law

Legal Considerations and Case Studies

The security challenge in a mobile world

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

External Supplier Control Obligations. Cyber Security

Office 365 Buyers Guide: Best Practices for Securing Office 365

Why you MUST protect your customer data

50+ Incident Response Preparedness Checklist Items.

Cybersecurity and Nonprofit

DIRECTIVE ON INFORMATION TECHNOLOGY SECURITY FOR BANK PERSONNEL. June 14, 2018

Building a Business Case for Cyber Threat Intelligence. 5Reasons Your. Organization Needs a Risk-Based 5Approach to Cybersecurity

CCISO Blueprint v1. EC-Council

Security Issues and Best Practices for Water Facilities

IS Today: Managing in a Digital World 9/17/12

Legal, Ethical, and Professional Issues in Information Security

Bring Your Own Device (BYOD)

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

Is your privacy secure? HIPAA Compliance Workshop September Presented by: Andrés Castañeda, Senior Manager Steve Nouss, Partner

The CERT Top 10 List for Winning the Battle Against Insider Threats

PCI Compliance. What is it? Who uses it? Why is it important?

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

Big data privacy in Australia

Protecting Your Business: Best Practices for Implementing a Legally Compliant Cybersecurity Program Trivalent Solutions Expo June 19, 2014

Certified Cyber Security Specialist

Compliance in 5 Steps

What FinAid offices need to know about cyberattacks. Presented by: Chris Chumley, COO at CampusLogic Thursday, March 31, EST

Data Inventory and Classification, Physical Devices and Systems ID.AM-1, Software Platforms and Applications ID.AM-2 Inventory

Cyber Security Incident Response Fighting Fire with Fire

CipherCloud CASB+ Connector for ServiceNow

PROVIDING INVESTIGATIVE SOLUTIONS

Data Breach Preparedness & Response

Data Breach Preparedness & Response. April 16, 2015 Daniel Nelson, C EH, CIPP/US Lucas Amodio, C EH

Elements of a Swift (and Effective) Response to a HIPAA Security Breach

Cyber Security. The Question of the Day. Sylint Group, Inc. How did we come up with the company name Sylint and what does it mean?

Cyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations. Arkansas Joint Committee on Energy March 16, 2016

COMPUTER FORENSICS (CFRS)

2015 VORMETRIC INSIDER THREAT REPORT

Changing face of endpoint security

MIS5206-Section Protecting Information Assets-Exam 1

Introduction to Ethical Hacking. Chapter 1

Best Practices for a Successful DLP Deployment

A company built on security

GDPR: The Day After. Pierre-Luc REFALO

Sobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.

Protecting from Attack in Office 365

ROADMAP TO DFARS COMPLIANCE

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

Cybersecurity in Higher Ed

TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS

Securing Office 365 with MobileIron

KuppingerCole Whitepaper. by Dave Kearns February 2013

Transcription:

Preventing Corporate Espionage: Investigations, Data Analyses and Business Intelligence Presented by Keith Barger and Audra A. Dial March 19, 2014 2014 Kilpatrick Townsend & Stockton LLP

Protection of IP Assets To qualify as a trade secret, an asset must derive economic value from not being generally known and be subject to reasonable degrees of protection. Securing confidential information is equally important. IP assets that do not rise to the level of trade secrets can still be protected as confidential information through NDAs and possibly through statutory protections. 2

Perceptions of the Current Threat The highly publicized stories of leaked or stolen personally identifiable information (PII) in the form of credit cards, Social Security numbers and so on. Increased awareness is resulting in the institution of laws, regulations and industry standards resulting in organizations investing millions in controls to prevent and detect hacks. 3

The Less Publicized Threat Cyber-criminals, state governments, organized crime and hackers have and increasingly continue to target IP. Estimates show that IP theft costs U.S. businesses billions of dollars a year, while robbing it of jobs and lost tax revenues. The threat from emerging economies is of particular concern, as laws in those jurisdictions can be lax and enforcement more difficult. 4

Awareness of Risks Competitors conducting corporate espionage Launching social engineering ploys Departing employees who remove IP Leaks through social media/email/mobile devices/ removable media Bribery of employees Hacking Dumpster diving 5

Increasing Awareness Economic espionage or IP theft conducted by insiders, competitors or combinations of the two are the most tangible, common, and destructive threats. Attacks originate from a variety of sources such as an employee, a member of the management team, a corporate board member, third-party contractors or a collaborative partner in a joint venture. 6

Securing Your Companies Intellectual Property Educate employees about what your organization considers its most valuable assets. Identifying what your valuable assets consist of and where they reside is no easy task and can be found in multiple forms: Structured and unstructured Amorphous and concrete Capture in whole or in part across multiple documents Entire databases As simple as a thought or idea discussed during meetings 7

Prioritize Then Act Conduct a risk and cost-benefit analysis. Map your company s assets and determine what information, if lost or stolen, would have the greatest impact. Then consider which of those assets are at highest risk of being stolen. Identify it: Label confidential information. If your company data is proprietary, put a note to that effect on every log-in screen. Take precautions to protect information before it is compromised. 8

Prioritize Then Act Secure your organization s valuable information: Physical and digital protection is a must. Control access where sensitive data is stored. Track and limit access. Monitor the movement and who has possession of valuable information throughout your organization--whether it s the server farm or the musty paper archive room. Educate your employees: Humans are often the weakest link in the defensive chain. Education must be ongoing and practical. 9

Prioritize Then Act Devise the appropriate level of protection: Inhibiting data and information sharing, critical to today s collaborative environments, can adversely affect your organization. Yes, having a small amount of the crown jewels trade secrets that are protected by encryption or data masking, two- or three-factor authentication and embedded access controls may be appropriate. Audit the protection of your information and protect the most valuable 1-2% at the highest level. 10

Protection Strategies Apply a range of technologies: An essential tool is data loss protection (DLP), which helps track, identify and protect confidential and sensitive information for data that is stored, in use or in motion. In addition to DLP, you need to be able to monitor your two biggest communications channels (Web and e-mail) for outbound data and stop it in its tracks if necessary. Identity and access management tools are increasingly useful for ensuring that data doesn t fall into the wrong hands, and using security information and event management software with a solid log management tool can help you identify suspicious behavior and follow it all the way through to remediation of the threat. 11

Protection Strategies In terms of data, the highest risks to the loss or theft of trade secrets stem from mobile devices, cloud services and SSL traffic. SSL accounts for up to 50% of Web traffic, and criminals know that most IT security systems do not inspect it. Most anti-malware security solutions don t look out for such attacks decrypting SSL traffic coming into a network. This is also not something that s always covered by DLP. As services such as Gmail move to automatically send all traffic to SSL, this will only become more of an issue. Understand encryption and apply it judiciously. 12

Protection Strategies: USB Storage Risks: Low cost; easily concealed; portable; zero configuration; plug and play with any computer. Mitigation: Disconnect USB ports; confiscate keys and copiers; ban possession or limit to on-site use only. Monitor important file activity/transfers. 13

Protection Strategies: Laptops Risks: Create immediate access outside company; physical removal not necessary; quick transaction; can make it look like normal online activity. Requires an accomplice (knowing or unwitting) person or machine to receive data; likely to leave audit trail. Mitigation: Use products to inspect and prevent transactions. Ban hard-to-control apps like IM (But some companies can easily ban IM; others will have a user revolt!). Monitor applications and file transfer activity. The challenge here isn t the mechanics of preventing or stopping the loss of trade secret theft, but the balance of productivity and openness with the need to secure. 14

Protection Strategies: Mobile Devices Risks: Pictures of notes, whiteboards, labs, other sensitive data. Discreet; can capture handwritten data; portable; concealable; physical removal unnecessary. Mitigation: Ban mobile device cameras from use on premises. Where appropriate, search bags upon entry and/or departure to sensitive areas. Employees should report unusual behavior involving mobile devices. Many companies already ban mobile device cameras, especially in research areas or at sensitive meetings. Searches should start with visitors and extend to employees working in high-risk environments. 15

Protection Strategies: Departing Employees Create mirror images of hard drives. Don t taint potential evidence. Don t redeploy too quickly. Prepare an incident instruction memo. Understand modern methods of trade secret misappropriation and build defenses against their abuse. Make sure employees understand that, on computers, delete doesn t actually mean delete. Create a litigation response team. Be ethical, no matter what. 16

Protection Strategies: The Exit Interview Remind employee of confidentiality agreements previously executed and explain that the obligations are ongoing. Use a checklist! Do you have any company documents or materials at home? Have you returned all flash drives that contain company information? If doubtful, consider requesting the employee sign affidavit or certification. Must have ability to inspect or wipe mobile devices before employee separates! 17

Contact Information Keith Barger, Managing Director BDO Consulting 713.576.3477 kbarger@bdo.com Audra A. Dial, Partner Kilpatrick Townsend 404.815.6307 adial@kilpatricktownsend.com @audradial 18

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback