We need to discuss the importance of the countermeasures you can take to protect your company from social engineering and the subsequent business espionage. It is a serious existential threat. Nothing less.
HAPHAZARD CLASSIFICATION OF SENSITIVE DATA WILL RESULT IN BUSINESS ESPIONAGE!
We need to talking about classifying information. And we need to discuss developing policies to guide it.
Here is how Ira Winkler put it in his classic work: Corporate Espionage: What it is, Why it’s happening in your company, What you must do about it.
- Any document containing the name of an employee is restricted to company employees.
- Information concerning product development is restricted to people working specifically on the development, and
- Corporate financial information is restricted to senior officials and others responsible for compiling the information.
Sounds like pretty good advice. These are basic things that you should keep foremost in your mind.
MONITOR THE FLOW OF DATA OR FACE BUSINESS ESPIONAGE!
You need to be sure and monitor the flow of information that is categorized as being especially problematic.
You simply must put procedures in place in order to guide and then monitor the flow of information that you have categorized as being especially sensitive.
One way to do this is to have a log-in procedure. Anytime the information is “checked-out” there will be a signature (a real signature). Besides this someone needs to be responsible for checking the accuracy of the logs.
If you don’t make this an important issue, it will not work. It is important so make sure whoever is responsible will actually do it and not just consider it as just another job to keep track of or maybe blow off when possible.
When the log is checked for accuracy, then a report must go to someone who is responsible and they must be responsible enough to notice if it is done or not done in a timely manner.
This system must be considered important or else it will be ignored and you will have another vulnerability and one that everyone knows about.
SOCIAL ENGINEERS WILL KNOW THIS TO BE A VULNERABILITY IF YOU JUST BLOW IT OFF. BUSINESS ESPIONAGE WILL BE THE RESULT!
Thoughtful monitoring of this issue will result in a safer environment. Social engineers will consider this an easy way to approach their business espionage if you don’t.
Your competitors will know. And they will despise you for leaving this giant opening.
YOU ARE AS VULNERABLE TO BUSINESS ESPIONAGE AS YOU ALLOW YOURSELF TO BE!
No more, but certainly no less.
AVERTING BUSINESS ESPIONAGE WILL REQUIRE RESOLVE! AND EFFORT! SKIP IT AT YOUR PERIL!
In the future we will go into security alert systems.
Thank you for coming,