This afternoon I was at an Infragard meeting (I am a member
of Infragrad which is a partnership with the FBI to protect the US
infrastructure https://www.infragard.org/
and there was a presentation on insiders threats for Cyber Security. Truly eye
opening with some of the stats given. One of which was the estimated 73% of
breaches are done intentionally or unintentionally from the inside.
The unintentional ones are when an employee will click on a
link that loads some malware, spyware or other harmful ware which is used by
the bad guys to get inside. It is like someone unknowingly letting an intruder
in by unlocking the door and walking away. In the meantime the intruder quietly
strolls in to have a look around and to do what he pleases, undetected. I have
seen examples of this myself. Though this can be a significant event the
examples of other ways were shocking how huge of an impact they will have.
One example was of a company called Sinovel. http://www.bostonglobe.com/business/2013/06/27/feds-charge-chinese-firm-with-stealing-technology-mass-company-amsc/CTE66TzhtD19qvEfU35RQN/story.html
AMSC made software for this company and suddenly its orders
dropped. The long and the short of it is that the software was stolen by
Sinovel and AMSC sued them for 1.2billion dollars. Why? One person stole
proprietary information and gave it to Sinovel. The result was devastating and
jobs were lost, families affected and ripples felt throughout industries.
Proper measures were not in place to protect the intellectual property.
In another case presented today an individual stole
information from the Medical College of Wisconsin. http://www.scmp.com/news/world/article/1280109/chinese-researcher-pleads-guilty-stealing-drug-us-medical-school In this case the individual downloaded 2.4
million files to a personal hardrive and sold the information.
I myself have been involved in aftermaths of employees who
were disgruntled and tried to either destroy or steal information from
employers. How devastating would this be if your client list, information about
business dealings or blueprint for your product walked out the door and was
sold to your competitor? Yet I do not
see companies taking this seriously. How much is going on that we don’t know
about?
So how can you stop this? It is critical that you put in
place policy and procedure which will first of all make it harder for this to
happen and second of all detect when it does happen. I hear so many times from
business owners how much they trust their employees. I also have seen multiple
cases that those same employees are robbing them blind. We are trusting
especially here in the Midwest. There is a difference between trusting and
being aware.
I have seen one company get put out of businesses and
destroyed because of this scenario. They trusted everyone only to have an
employee turn on them and within 8 months they were done. Lives destroyed and a
business ruined.
IF your gut is telling you to look into things that do not
seem right then follow it. The worst that is going to happen is you are wrong. I am not saying to be paranoid. I am saying
you need to be aware.
It’s your business. I do everything I can to protect mine.
Sometimes it’s not comfortable… but it is necessary. Don’t be your own worst
enemy.
No comments:
Post a Comment