Search This Blog

Thursday, October 06, 2005

Industrial espionage, Part 3: Survey results

NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY
10/06/05
Today's focus: Industrial espionage, Part 3: Survey results

Dear security.world@gmail.com,

In this issue:

* Surveys showed rise in industrial espionage in 1990s
* Links related to Security
* Featured reader resource
_______________________________________________________________
This newsletter sponsored by Nortel
Building the Mobile Enterprise Online Expo

The workplace is changing rapidly. Employees need to be
untethered from their desks while remaining connected and
accessible. This online event helps you solve your enterprise
mobility challenges by bringing together industry leaders,
including Nortel's CTO and CIO and RIM's VP Enterprise Systems,
to discuss the hottest topics in enterprise mobility. Broadcast
live to your desktop on Nov. 8, 2005. Register today!
http://www.fattail.com/redir/redirect.asp?CID=116977
_______________________________________________________________
INSIGHT ON WEB PERFORMANCE

Many Web administrators live in a state of blissful ignorance,
unaware of the true health and performance of a Web site until
users complain. Network World's latest Clear Choice Test
reviews an appliance that actively monitors actual Web site
traffic, giving Web managers a heads-up on problems before their
users do. For more, click here:
http://www.fattail.com/redir/redirect.asp?CID=116132
_______________________________________________________________

Today's focus: Industrial espionage, Part 3: Survey results

By M. E. Kabay

In the first two articles in this series, I reviewed some of the
information in the annual reports of the National
Counterintelligence Center and later the Office of the National
Counterintelligence Executive. In this article, I pass along
some interesting estimates from surveys of industrial espionage
conducted by security associations and cited by the NACIC
itself.

In 1995, the American Society for Industrial Security ( ASIS
<http://www.asisonline.org/> ) ran a survey that was used by
NACIC in its report. Among the significant findings were the
following (quoting NACIC but adding bullets):

* Reported incidents increased 323% since 1992.
* Losses of corporate information increased from a reported 9.9
incidents per month in 1992 to an average of 32 incidents per
month in 1995.
* About three-fourths of reported losses occurred in the U.S.,
and the majority of those incidents involved ''trusted
relationships'' (employees, vendors, contractors, retirees, and
so forth).
* Other incidents were attributable to a variety of sources:
domestic competitors, computer hackers, foreign competitors,
foreign intelligence services, and foreign business partners.
* Of incidents outside the U.S., approximately half took place
in countries traditionally considered allies of the U.S.
* Foreign nationals were identified in 21% of the incidents
where the perpetrator's nationality was known.

The 1997 NACIC report cited work by the Computer Security
Institute ( CSI <http://www.gocsi.com/> ) in cooperation with
the FBI's International Computer Crime Squad in San Francisco.
Interesting results included the following (bullets added to
verbatim quotes):

* According to the survey, about 75% of the 563 responding
corporations, government agencies, financial institutions and
universities surveyed by CSI reported financial losses in the
past 12 months.

* [In 1996] financial losses from financial fraud, computer
viruses, sabotage, and theft of proprietary information and
laptops were up seven percent and topped $100 million.
Reflecting the increased competition in the global marketplace,
over 50% of the respondents cited foreign competitors as a
likely source of attack and 22% cited foreign governments as a
likely source of attack.

* The survey also showed that only 17% of the respondents
reported crimes to law enforcement authorities. There appears to
be reluctance on the part of the private sector to report
allegations of computer and economic crime to law enforcement
authorities. A large number of these crimes go unreported
because of a company's fear of undermining the confidence of
their shareholders, negative publicity, and further exposure of
trade secret information during prosecution.

In 1998, NACIC reported on a then-new economic modeling tool
developed at the Department of Energy's Pacific Northwest
National Laboratory that was applied to a single case of theft
of intellectual property in which a foreign competitor succeeded
in capturing the market due to the theft: "Using this tool, the
misappropriation of intellectual property in this case resulted
in over $600 million in lost sales, the direct loss of 2,600
full-time jobs, and a resulting loss of 9,542 jobs for the
economy as a whole over a 14-year time frame. Analysis also
determined that the U.S. trade balance was negatively impacted
by $714 million and lost tax revenues totaled $129 million."

I continue my survey of industrial-espionage surveys in the next
article in this series.

The top 5: Today's most-read stories

1. How to solve Windows system crashes in minutes
<http://www.networkworld.com/nlsecuritynewsal7602>
2. Nortel faces uphill battle
<http://www.networkworld.com/nlsec8109nlsecuritynewsal8258>
3. Cisco pushes new security software
<http://www.networkworld.com/nlsec8110nlsecuritynewsal8259>
4. WLAN QoS specification approved
<http://www.networkworld.com/nlsec8280>
5. Somebody's got to pick up the 'Net's tab
<http://www.networkworld.com/nlsecuritynewsal8261>

_______________________________________________________________
To contact: M. E. Kabay

M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Division of Business and Management at Norwich University in
Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay@norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.

New information assurance journal - Norwich University Journal
of Information Assurance (NUJIA). See
<http://nujia.norwich.edu/>
_______________________________________________________________
This newsletter is sponsored by Sybase

It sounds so simple: if you collect enough business information,
you'll glean valuable insights that can drive both revenue
growth and competitive advantage. Along the way, however,
companies are discovering that managing the explosive growth of
online data can prove a formidable challenge. Here's how to
assess your data management style, and maximize your
opportunities to turn online data into business opportunity.
Click here for more on taming the data explosion.
http://www.fattail.com/redir/redirect.asp?CID=116978
_______________________________________________________________
ARCHIVE LINKS

Archive of the Security newsletter:
http://www.networkworld.com/newsletters/sec/index.html

Security Research Center:
http://www.networkworld.com/topics/security.html

Instant sign-up for Security News Alert:
http://www.networkworld.com/isusecna

Instant sign-up for Virus & Bug Patch Alert:
http://www.networkworld.com/isubug
_______________________________________________________________
FEATURED READER RESOURCE

IT PROS SHARE THEIR TALES OF MAKING ITIL WORK

Running an enterprise network is challenging. IT organizational
change can be even more so if managers don't balance efforts
proportionally across people, process and technology.
Implementing best practices frameworks such as Information
Technology Infrastructure Library (ITIL) can help, but they
introduce their own set of challenges. Click here for more:

<http://www.networkworld.com/news/2005/092205-itil.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

No comments: