NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY
10/13/05
Today's focus: Industrial espionage, Part 4: Risk factors and
losses
Dear security.world@gmail.com,
In this issue:
* Industrial espionage responsible for huge losses, much of
which isn't reported
* Links related to Security
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Tenebril, Inc.
FREE GUIDE: EVASIVE SPYWARE PROTECTION
Learn how you can successfully defeat evasive, hyper-mutating
spyware - spyware that antivirus, conventional antispyware, and
gateway solutions simply can't detect - with an innovative new
technology, Spyware Profiling. Download your FREE guide,
Advanced Tactics for Defeating Spyware.
http://www.fattail.com/redir/redirect.asp?CID=117502
_______________________________________________________________
GRID SURPRISE
Once considered a specialty technology, the latest buzz pegs
grids as great all-around application servers. Network
executives are finding that once grids are installed, they are
useful for a far wider variety of applications than just
computationally heavy ones. Are there any hitches? Click here
for more:
http://www.fattail.com/redir/redirect.asp?CID=117184
_______________________________________________________________
Today's focus: Industrial espionage, Part 4: Risk factors and
losses
By M. E. Kabay
The 2002 "10th Annual Trends in Proprietary Information Loss
Survey" organized by ASIS reported that respondents in 138
companies in the Fortune 1,000 and from the U.S. Chamber of
Commerce membership list experienced industrial
espionage-related losses totaling over $50 billion.
About 40% of the respondents reported industrial espionage
incidents during the period July 1, 2000, to June 30, 2001. The
survey ( PDF
<http://www.asisonline.org/newsroom/surveys/spi2.pdf> )
summarizes the risk factors and impacts of loss as follows:
RISK FACTORS
* The greatest risk factors associated with the loss of
proprietary information and intellectual property among all
companies responding were former employees, foreign competitors,
on-site contractors, and domestic competitors. Hackers also were
cited as a major concern among some sectors.
* The most commonly cited areas of risk by companies that
reported an incident were: research and development (49%),
customer lists and related data (36%), and financial data (27%).
* The number of reported incidents, in order of magnitude, were:
1) customer data, 2) strategic plans, 3) financial data, and 4)
R&D.
IMPACT OF LOSS
* Among all companies, the greatest impacts of proprietary
information loss were increased legal fees and loss of revenue.
For large companies (over $15 billion), loss of competitive
advantage was the most serious problem. For financial firms,
embarrassment was the biggest concern; and for high technology
companies, the major issue was loss of competitive advantage.
* The assessment or assignment of intellectual property value is
the responsibility of in-house patent and legal counsel who base
their judgments on competitive advantage, profitability, and
research and development criteria.
In 2004, the Office of the National Counterintelligence
Executive reported to Congress that:
* "[A] recent private US survey indicated that more than half of
the impacted firms do not report the breach for fear of reducing
shareholder value. As a result, no one is certain how much
technology and sensitive proprietary information are lost
annually to cyber theft."
* "During FY2004, the US Department of Immigrations and Customs
Enforcement (ICE) conducted more than 2,500 export
investigations involving violations of the Arms Export Control
Act, International Traffic in Arms Regulations (ITAR), Export
Administration Regulations (EAR), Inter national Emergency
Economic Powers Act, and the Trading With the Enemy Act. These
investigations resulted in 146 arrests, 97 criminal indictments,
and 79 criminal convictions."
In the next article in this series, I review information about
the origin of these industrial espionage attacks.
The top 5: Today's most-read stories
1. Windows 2000 vulnerability could lead to new outbreak
<http://www.networkworld.com/nlsec8733>
2. Symantec AntiVirus Scan Engine has serious bug
<http://www.networkworld.com/nlsec8531nlsecuritynewsal8588>
3. The ABCs of SOA
<http://www.networkworld.com/nlsecuritynewsal8592>
4. Nortel's uphill battle
<http://www.networkworld.com/nlsec8109nlsecuritynewsal8258>
5. Bechtel says move to IPv6 is all about business
<http://www.networkworld.com/nlsecuritynewsal8589>
_______________________________________________________________
To contact: M. E. Kabay
M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Division of Business and Management at Norwich University in
Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay@norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.
New information assurance journal - Norwich University Journal
of Information Assurance (NUJIA). See
<http://nujia.norwich.edu/>
_______________________________________________________________
This newsletter is sponsored by Tenebril, Inc.
FREE GUIDE: EVASIVE SPYWARE PROTECTION
Learn how you can successfully defeat evasive, hyper-mutating
spyware - spyware that antivirus, conventional antispyware, and
gateway solutions simply can't detect - with an innovative new
technology, Spyware Profiling. Download your FREE guide,
Advanced Tactics for Defeating Spyware.
http://www.fattail.com/redir/redirect.asp?CID=117501
_______________________________________________________________
ARCHIVE LINKS
Archive of the Security newsletter:
http://www.networkworld.com/newsletters/sec/index.html
Security Research Center:
http://www.networkworld.com/topics/security.html
Instant sign-up for Security News Alert:
http://www.networkworld.com/isusecna
Instant sign-up for Virus & Bug Patch Alert:
http://www.networkworld.com/isubug
_______________________________________________________________
WEBCAST: OfficeMax: Taking Email Security to the Max
Examine how this enterprise of 35,000 users on three continents
developed a corporate email defense strategy. In stark detail,
you'll see the entire arc of the process: Requirements building,
Demos and trials evaluation, Deployment and ROI calculation -
Tune in today:
http://www.fattail.com/redir/redirect.asp?CID=117105
_______________________________________________________________
FEATURED READER RESOURCE
Network World Technology Insider on Security: Is Encryption the
Perspective?
Encryption won't solve all your security issues but these days
there is no excuse for not safeguarding your organization's
sensitive data. From Clear Choice product coverage to new
regulations and high-profile breaches, this Technology Insider
on Security covers it all. Click here to read now:
<http://www.networkworld.com/nlsec7411nlsecuritynewsal7443>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2
International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>
To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>
Subscription questions? Contact Customer Service by replying to
this message.
This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________
Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>
Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772
For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>
Copyright Network World, Inc., 2005
No comments:
Post a Comment