AMU APU Business Original

Defending an Organization from Intellectual Property Theft

By Col. (Retired) Lawrence D. Dietz, JD, MSS
Faculty Member, Intelligence Studies

In the news, there have been several incidents of Chinese espionage. For instance, on November 5, 2021, Chinese intelligence officer Yanjun Xu was convicted of conspiring to and attempting to commit economic espionage and the theft of trade secrets from U.S. aviation companies.

Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division stated, “This conviction of a card-carrying intelligence officer for economic espionage underscores that trade secret theft is integral to the PRC government’s plans to modernize its industries.

“But this conviction also serves notice that the United States will not sit by as China, or any other nation-state, attempts to steal instead of researching and developing key technology. Instead, and with the support of our allies, we will continue to investigate, prosecute, and hold accountable those who try to take the fruits of American ingenuity illegally.”

While nation-states such as China and Russia may top the list of threats to intellectual property, there are others that pose significant security threats, such as:

  • North Korea, Iran and Cuba
  • Non-state actors such as Hezbollah, ISIS and al-Qaeda
  • Transnational criminal organizations
  • Ideologically motivated groups such as hacktivists, leakers and public disclosure organizations

Most organizations have critical assets that need protection just as the U.S. government does, according to the FBI. Robust counterintelligence programs, however, have proven effective in shielding sensitive information from unauthorized employees.

Related link: Infrastructure Cybersecurity Should Become a Priority

What Steps Can Be Taken to Guard Against Intellectual Property Theft?

There are various steps that can be taken to guard an organization against intellectual property theft. First, it is important for an organization to identify and mark its intellectual property.

Often, departments in an organization have different definitions of what information needs to be protected. For instance, Tal Global investigated a confidential case where a client’s sales manager went to work for a key competitor. Shortly thereafter, the competitor announced a new product with features and benefits that were identical to the unannounced product their client had in development.

During its investigation, Tal Global learned that there were two major trade shows in that industry. One was in February and the other in June.

Tal Global investigators interviewed the client’s engineering, marketing, human resources and top management employees. They learned that the engineering department gave a presentation at the February trade show, which was open to all attendees.

During that presentation, engineers described the perfect new product that the industry needed, including its features and benefits. It was clear that marketing and engineering did not agree on the sensitive nature of this information.

Second, organizations should be alert to the motivations for intellectual property theft and any suspicious behavior from their employees. People steal from an employer for several personal reasons:

  • Money – Pressing financial needs are often an impetus to illegal activity.
  • Revenge – Employees who feel their employer has wronged them or who are having work issues are susceptible to the temptation of spying on an employer.
  • Divided loyalty – The employee might feel a strong allegiance to another individual, group or country.
  • Fun, travel and adventure – Some people picture themselves as the next James or Jane Bond and seek the thrill associated with the danger of spying.
  • Family problems or vulnerabilities – Marital troubles, extramarital affairs, financial losses due to gambling or impending criminal charges can all be motivating factors for intellectual property theft.

Another reason for intellectual property theft includes organizational factors. The attributes of an organization, slack policies and ineffective security procedures are all potential stimuli to illegal activities. Some of the more common factors leading to industrial espionage are:

  • Opportunity – An employee finds that it is very easy to acquire sensitive information or assets that can offer a lucrative return.
  • Lack of documentation – Trade secrets, sensitive data, or other proprietary information are not labeled and safeguarded, making them easy to spirit out of the organization.
  • Lack of physical security or cybersecurity – Proprietary or sensitive information/assets is easy for an employee to remove from an organization’s facilities or control.
  • Lack of security training for employees – Employees may not have proper training to properly secure confidential or sensitive information.

Behavioral Indicators of Intellectual Property Theft

There are several ways to detect if an employee is behaving suspiciously and may be participating in intellectual property theft, such as:

  • The employee takes sensitive or proprietary material home without need or authorization.
  • The employee has an unusual curiosity or interest in sensitive matters outside that employee’s scope of employment.
  • The employee lives a lifestyle that is beyond his or her normal salary level.
  • The employee has suspicious personal contacts, such as industry competitors or other people who would benefit from knowing an organization’s secrets.

Other Actions Organizations Should Take to Prevent Intellectual Property Theft

Fortunately, there are various actions that employers can take to prevent their sensitive proprietary information from leaving the organization. For instance, employers can:

  • Regularly train employees on proper security protocols and procedures.
  • Ensure that employees and contractors sign appropriate security agreements, non-disclosure agreements (NDAs), and acknowledgements that they have received, read, and understood all of the agreements that they have signed.
  • Use appropriate background investigations to select employees.
  • Ensure that there are simple, clear instructions for employees and contractors regarding what information to report, how to report it, and to whom to report. These instructions should underscore what company information should be kept confidential.
  • Routinely monitor computers and networks. Ensure that employees are aware that their organization are monitoring networks for their own protection as well as to protect the company’s assets.

Intellectual property theft and industrial espionage, particularly by foreign powers, is a growing concern for all organizations. To protect an organization from financial loss and damage to its reputation, all employees and leaders should understand their role in protecting themselves and an organization’s sensitive, proprietary information and assets.

Related link: 5 Important Cybersecurity Concerns for Business Managers

Professor Lawrence Dietz has more than 30 years of diversified military and commercial sector experience. He retired as a Colonel from the USAR in 2002, having held command and staff assignments in psychological operations (PSYOP) and military intelligence to include platoon, company and battalion command. Professor Dietz also served as the Deputy Commander for the NATO PSYOP Task Force (CJICTF) in Bosnia. His specialties include PSYOP, information operations, strategic intelligence and tactical intelligence. His commercial sector experience has included market intelligence, marketing, customer support and legal work dealing with information technology. Professor Dietz is an attorney admitted to the Bars of the U.S. Supreme Court, the State of California and the District of Columbia.

Comments are closed.