The Ultimate Guide for Small Businesses to Combat Economic Espionage

For decades, the US has been a victim of economic espionage — a foe that is now costing American companies billions of dollars in lost revenue. From hacking government websites to infiltrating research institutions with spies, competitors and foreign governments are pulling out all the stops to steal trade secrets.

This scourge is no longer limited to large enterprises and government organizations, even small business owners need to watch out. Particularly, those who work with larger enterprises or government organizations. Such organizations often succumb to these attacks because of the lack of a strong counterintelligence mechanism.

This statement is purported by the fact that there has been a massive increase in the total number of supply chain attacks. This form of cyberattack is launched to gain access to a target through a third-party service provider. According to a report, the year 2020 has witnessed a 430% surge in next-gen supply chain attacks launched by injecting malware into open-source software applications. While the goal is generally the theft of trade secrets or intellectual property (IP), companies can also find themselves the victims of ransomware attacks and extortion.

Studies reveal that over 43% of cyberattacks target small businesses, which is mainly due to weak security protocols. Also, that one out of every six small businesses shuts down after a cyberattack emphasizes the magnitude of this menace. So, to help small businesses defend themselves in the digital world, we decided to discuss some proven cost-efficient tactics to avoid the theft or misappropriation of trade secrets or intellectual property.

Secure your Intellectual Property (IP) and Digital Assets

Also referred to as industrial or corporate espionage, economic espionage is a broad concept with technology at its epicenter. Since data is now stored electronically, the tactics used by state-sponsored enemies have also transformed, and so should your defense strategy.

So, it is inevitable for businesses to secure physical and digital forms of business assets such as intellectual property (IP). Also, business assets such as source codes, innovative designs, formulae, etc. must be adequately protected. Such assets have been stolen in the past and are now targeted more than ever before. After all, intellectual property accounts for over 6 trillion US dollars, which is roughly about 38.2% of the total US GDP. More importantly, it creates close to 45 million jobs, which are likely to be affected unless the IP is adequately protected. The most efficient way of doing this is by limiting access to such assets and using multi-factor authentication systems.

Defend Cyberattacks using Advanced Technologies

Just because small businesses cannot spend millions of dollars on setting up an in-house SOC doesn’t require them to remain vulnerable to security risks. A simple way forward is to hire the services of reliable managed SOC service providers. In doing so, pick one that is equipped with the best Artificial Intelligence (AI) and machine learning security solutions.

These tools constantly monitor your systems and shoot out alerts in case of anomalies, which lets you detect and respond to threats with no delay. By identifying changes in network traffic patterns, such tools easily track suspicious elements. With an increased reliance being placed on Internet of Things (IoT) devices, organizations cannot ignore such security measures.

So, hiring managed services works extremely well for small businesses because it eliminates the costs associated with security software licenses, cybersecurity professionals, training costs, etc. Depending on the size and volume of your business, such managed SOC service providers evaluate your needs and provide budget-friendly services. You can then upgrade these services when your business requirements increase.

Recruit Carefully

Competitive nations such as China and Russia are leaving no stone unturned to walk away with economic intelligence. In 2017, an IBM employee pled guilty for corporate espionage involving the theft of IBM’s source code. Although the employee worked in China, the trial went on in the New York District Court and ended in a guilty plea.

So, make it a point to perform thorough background checks and due diligence investigations before hiring professionals. Especially those who are likely to gain access to confidential data such as those having a technical background. Recently (in 2014) DuPont’s titanium dioxide formula was stolen by its Chemical Engineer, who was later convicted by the Californian Federal District Court. 

That explains how dangerous it can be for smaller businesses with fewer restrictions or oversight. Adopting ad hoc measures such as data segregation, followed by limited access based on job profiles, are important steps to safeguarding IP or trade secrets. When possible, businesses must also make use of CCTV surveillance for physical monitoring and screen recording for digital monitoring. Restricting digital devices with storage within the work area is also recommended.

Finally, small businesses must implement ongoing precautionary measures such as employee screen recording for employees at all levels. Back in 2013, Motorola’s ex-employee, who worked with the telecom giant for over 9 years was convicted by a Federal Court for stealing trade secrets. This helps explain why simply running a background during recruiting and then letting your employees loose can be fatal. Economic espionage affect businesses of all sizes, and training for smaller organizations can be a real challenge. What brings me to our next topic.

Train your Employees

Ever since cyber crime developed, phishing attacks have been extremely successful despite being easy to detect. A study reveals that one out of every eight employees ends up being a victim and sharing information with the wrong person. Over time, there’s a new variant of this form of cyberattack called the spear-phishing attack that has been making rounds. 

Did you know that over 95% of all attacks that targeted enterprise networks were launched through spear-phishing? This is an attack wherein the attacker deceives the recipient into disclosing sensitive information on the pretext of being someone the recipient knows, like a colleague or a customer.

For instance, if your bank asks you for your social security number, you are likely to oblige. Spear Phishers pretend to be such credible persons and steal data from employees. The only way to prevent this from happening is by creating cybersecurity awareness among your employees through regular training sessions and penetration testing

Takeaway:

In the US, small businesses contribute to over 50% of the total GDP. So, if you are one out of the 27 million small businesses that support the world’s largest economy, competitors aren’t going to let that pass. Before things go wrong and you end up being a victim of economic espionage, consider implementing the above-mentioned security measures to defend your organization.

As always, if you think your organization may be threatened by economic espionage, our security experts are here to help. For over 30 years we’ve helped businesses anticipate and navigate risk before it becomes a crisis. If you would like to learn more about how we can help you protect what matters most, let’s talk.

Additional Resources

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

6 new business risks crom Coronavirus

6 New Risks for Businesses post COVID-19

By Chesley Brown | May 5, 2020

Coronavirus: 6 New Business Risks Your risk management strategy can and should play an important role in managing your business’s response to the coronavirus outbreak. By implementing the right risk management strategies for coronavirus, your…

Read More
Crisis Management Process Framework diagram

5 Tips for Creating Better Crisis Management Plans

By Chesley Brown | April 29, 2020

Like a lot of people, you may be wondering what comes next for your business or organization following the Coronavirus outbreak (or any other crisis for that matter). Well, you’ve come to the right place.…

Read More

FREE DOWNLOAD Securing a New World: Security, COVID-19, and Boots on the Ground

By Chesley Brown | March 16, 2020

There can be no argument that technology has infiltrated virtually every aspect of daily life for the vast majority of people and businesses across the world. Technology is woven into the social fabric of everyday life. It monitors our movements, our interests, our purchasing power, our locations, habits, our risk to insurers, our body chemistry, and health. Our images are captured overtly and unknowingly 1000’s of times daily. It captures the best of us in amazing acts of heroism and human interaction, and it captures the worst of us; for accountability and delivery of justice.

Read More

When it Comes to Corporate Espionage, Harvard’s Dr. Lieber is Just the Tip of the Iceberg

By Chesley Brown | February 5, 2020

When it Comes to Espionage Harvard’s Dr. Lieber is Just the Tip of the Iceberg From Chesley Brown International By Dell Spry Renowned Harvard Professor Arrested for Lying About Connection to China. Feb 5th, 2020…

Read More

Chesley Brown Launches Initiative to Fight Human Trafficking

By Chesley Brown | January 13, 2020

Chesley Brown Launches New Initiative to Fight Human Trafficking From The Chesley Brown Group Risk Management [dpArticleShare] Chesley Brown, the security management experts, announced today a new training initiative to provide support to victims, families,…

Read More
The 7 Step Guide for Building Business Continuity Plans that Work