The Ultimate Guide for Small Businesses to Combat Economic Espionage

For decades, the US has been a victim of economic espionage — a foe that is now costing American companies billions of dollars in lost revenue. From hacking government websites to infiltrating research institutions with spies, competitors and foreign governments are pulling out all the stops to steal trade secrets.

This scourge is no longer limited to large enterprises and government organizations, even small business owners need to watch out. Particularly, those who work with larger enterprises or government organizations. Such organizations often succumb to these attacks because of the lack of a strong counterintelligence mechanism.

This statement is purported by the fact that there has been a massive increase in the total number of supply chain attacks. This form of cyberattack is launched to gain access to a target through a third-party service provider. According to a report, the year 2020 has witnessed a 430% surge in next-gen supply chain attacks launched by injecting malware into open-source software applications. While the goal is generally the theft of trade secrets or intellectual property (IP), companies can also find themselves the victims of ransomware attacks and extortion.

Studies reveal that over 43% of cyberattacks target small businesses, which is mainly due to weak security protocols. Also, that one out of every six small businesses shuts down after a cyberattack emphasizes the magnitude of this menace. So, to help small businesses defend themselves in the digital world, we decided to discuss some proven cost-efficient tactics to avoid the theft or misappropriation of trade secrets or intellectual property.

Secure your Intellectual Property (IP) and Digital Assets

Also referred to as industrial or corporate espionage, economic espionage is a broad concept with technology at its epicenter. Since data is now stored electronically, the tactics used by state-sponsored enemies have also transformed, and so should your defense strategy.

So, it is inevitable for businesses to secure physical and digital forms of business assets such as intellectual property (IP). Also, business assets such as source codes, innovative designs, formulae, etc. must be adequately protected. Such assets have been stolen in the past and are now targeted more than ever before. After all, intellectual property accounts for over 6 trillion US dollars, which is roughly about 38.2% of the total US GDP. More importantly, it creates close to 45 million jobs, which are likely to be affected unless the IP is adequately protected. The most efficient way of doing this is by limiting access to such assets and using multi-factor authentication systems.

Defend Cyberattacks using Advanced Technologies

Just because small businesses cannot spend millions of dollars on setting up an in-house SOC doesn’t require them to remain vulnerable to security risks. A simple way forward is to hire the services of reliable managed SOC service providers. In doing so, pick one that is equipped with the best Artificial Intelligence (AI) and machine learning security solutions.

These tools constantly monitor your systems and shoot out alerts in case of anomalies, which lets you detect and respond to threats with no delay. By identifying changes in network traffic patterns, such tools easily track suspicious elements. With an increased reliance being placed on Internet of Things (IoT) devices, organizations cannot ignore such security measures.

So, hiring managed services works extremely well for small businesses because it eliminates the costs associated with security software licenses, cybersecurity professionals, training costs, etc. Depending on the size and volume of your business, such managed SOC service providers evaluate your needs and provide budget-friendly services. You can then upgrade these services when your business requirements increase.

Recruit Carefully

Competitive nations such as China and Russia are leaving no stone unturned to walk away with economic intelligence. In 2017, an IBM employee pled guilty for corporate espionage involving the theft of IBM’s source code. Although the employee worked in China, the trial went on in the New York District Court and ended in a guilty plea.

So, make it a point to perform thorough background checks and due diligence investigations before hiring professionals. Especially those who are likely to gain access to confidential data such as those having a technical background. Recently (in 2014) DuPont’s titanium dioxide formula was stolen by its Chemical Engineer, who was later convicted by the Californian Federal District Court. 

That explains how dangerous it can be for smaller businesses with fewer restrictions or oversight. Adopting ad hoc measures such as data segregation, followed by limited access based on job profiles, are important steps to safeguarding IP or trade secrets. When possible, businesses must also make use of CCTV surveillance for physical monitoring and screen recording for digital monitoring. Restricting digital devices with storage within the work area is also recommended.

Finally, small businesses must implement ongoing precautionary measures such as employee screen recording for employees at all levels. Back in 2013, Motorola’s ex-employee, who worked with the telecom giant for over 9 years was convicted by a Federal Court for stealing trade secrets. This helps explain why simply running a background during recruiting and then letting your employees loose can be fatal. Economic espionage affect businesses of all sizes, and training for smaller organizations can be a real challenge. What brings me to our next topic.

Train your Employees

Ever since cyber crime developed, phishing attacks have been extremely successful despite being easy to detect. A study reveals that one out of every eight employees ends up being a victim and sharing information with the wrong person. Over time, there’s a new variant of this form of cyberattack called the spear-phishing attack that has been making rounds. 

Did you know that over 95% of all attacks that targeted enterprise networks were launched through spear-phishing? This is an attack wherein the attacker deceives the recipient into disclosing sensitive information on the pretext of being someone the recipient knows, like a colleague or a customer.

For instance, if your bank asks you for your social security number, you are likely to oblige. Spear Phishers pretend to be such credible persons and steal data from employees. The only way to prevent this from happening is by creating cybersecurity awareness among your employees through regular training sessions and penetration testing

Takeaway:

In the US, small businesses contribute to over 50% of the total GDP. So, if you are one out of the 27 million small businesses that support the world’s largest economy, competitors aren’t going to let that pass. Before things go wrong and you end up being a victim of economic espionage, consider implementing the above-mentioned security measures to defend your organization.

As always, if you think your organization may be threatened by economic espionage, our security experts are here to help. For over 30 years we’ve helped businesses anticipate and navigate risk before it becomes a crisis. If you would like to learn more about how we can help you protect what matters most, let’s talk.

Additional Resources

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

family playing outside while traveling for the holidays

Holiday Safety Tips

By Chesley Brown | November 5, 2020

3 practical ways to stay safe in 2020 We’ve all heard humorous holiday tales. They make for great entertainment around the table during a turkey dinner. You know the stories–e.g., the time Uncle Frank fell…

Read More
police prepare for election day civil unrest as a political protest moves through a downtown area during a moment of civil unres

Election Day: Planning for Civil Unrest

By Chesley Brown | October 28, 2020

Protecting your business in the event of election day civil unrest requires planning. Here we discuss four proven strategies for Civil Unrest

Read More
Lighthouse on a lonely dirt road preventing the threat of shipwrecks

The Transformational Power of Threat Assessments

By Chesley Brown | October 22, 2020

Ignoring Risk won’t make it go away Cyber crime is one of the most insidious threats facing businesses. As reported here, more than 50% of businesses have suffered cyber attacks–70% of them being small to…

Read More
small business team smiling after sucessfully navigating a crisis using their crisis management plan

3 Practical Strategies to Protect Your Small Business During Covid-19

By Chesley Brown | October 15, 2020

October 15, 2020 / Justin Hayes Ensure the Future of Your Company Small to medium-sized enterprises (SMEs) comprise a massive portion of American industry. In fact, 99% of all businesses have less than 500 employees;…

Read More
overhead view of business people working on a crisis management plan outside

The Anatomy of a Crisis Management Plan

By Chesley Brown | October 8, 2020

4 key strategies to protect your business against risk By Justin Hayes No executive expects a crisis to strike. But every day organizations fall prey to the unforeseen. One study found that 40% of businesses…

Read More
The 7 Step Guide for Building Business Continuity Plans that Work