Secrets Stolen, Fortunes Lost
Preventing Intellectual Property Theft and Economic Espionage in the 21st Century
- 1st Edition - March 5, 2008
- Authors: Richard Power, Christopher Burgess
- Language: English
- Paperback ISBN:9 7 8 - 1 - 5 9 7 4 9 - 2 5 5 - 3
- eBook ISBN:9 7 8 - 0 - 0 8 - 0 5 5 8 8 0 - 6
The threats of economic espionage and intellectual property (IP) theft are global, stealthy, insidious, and increasingly common. According to the U.S. Commerce Department, IP theft… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteThe threats of economic espionage and intellectual property (IP) theft are global, stealthy, insidious, and increasingly common. According to the U.S. Commerce Department, IP theft is estimated to top $250 billion annually and also costs the United States approximately 750,000 jobs. The International Chamber of Commerce puts the global fiscal loss at more than $600 billion a year.
Secrets Stolen, Fortunes Lost offers both a fascinating journey into the underside of the Information Age, geopolitics, and global economy, shedding new light on corporate hacking, industrial espionage, counterfeiting and piracy, organized crime and related problems, and a comprehensive guide to developing a world-class defense against these threats. You will learn what you need to know about this dynamic global phenomenon (how it happens, what it costs, how to build an effective program to mitigate risk and how corporate culture determines your success), as well as how to deliver the message to the boardroom and the workforce as a whole. This book serves as an invaluable reservoir of ideas and energy to draw on as you develop a winning security strategy to overcome this formidable challenge.
Secrets Stolen, Fortunes Lost offers both a fascinating journey into the underside of the Information Age, geopolitics, and global economy, shedding new light on corporate hacking, industrial espionage, counterfeiting and piracy, organized crime and related problems, and a comprehensive guide to developing a world-class defense against these threats. You will learn what you need to know about this dynamic global phenomenon (how it happens, what it costs, how to build an effective program to mitigate risk and how corporate culture determines your success), as well as how to deliver the message to the boardroom and the workforce as a whole. This book serves as an invaluable reservoir of ideas and energy to draw on as you develop a winning security strategy to overcome this formidable challenge.
- It’s Not “Someone Else’s” Problem: Your Enterprise is at Risk
Identify the dangers associated with intellectual property theft and economic espionage - The Threat Comes from Many Sources
Describes the types of attackers, threat vectors, and modes of attack - The Threat is Real
Explore case studies of real-world incidents in stark relief - How to Defend Your Enterprise
Identify all aspects of a comprehensive program to tackle such threats and risks - How to Deliver the Message: Awareness and Education
Adaptable content (awareness and education materials, policy language, briefing material, presentations, and assessment tools) that you can incorporate into your security program now
Chief Information Officers, Chief Technology Officers, Chief Security Officers, CFOs, Chief Legal Officers, Information Security Professionals, Risk Managers, Auditors, IT Directors, Business Managers, Analysts, Consultants, Government Agency Officials, Investigators, Law Enforcement
Authors
Introduction
Your Enterprise at Risk
How to Read This Book
Part 1: The Challenge
Introduction
1: The Tale of the Targeted Trojan
Introduction
The Haephrati Case
2: When Insiders and/or Competitors Target a Business’s Intellectual Property
Introduction
Lightwave Microsystems
America Online
Casiano Communications
Corning and PicVue
Avery Dennison and Four Pillars
Lexar Media and Toshiba
SigmaTel and Citroen
3dGEO – China
3: When State Entities Target a Business’s Intellectual Property
Introduction
Airbus and Saudi Arabian Airlines
Russian Intelligence and Japanese Trade Secrets
Japan and the Cleveland Clinic Foundation
China and Russia: TsNIIMASH-Export
Overt Nation State Attempts: India, Venezuela, Brazil, and Others
Current and Future Threats to Economic Security
4: When Piracy, Counterfeiting, and Organized Crime Target a Business’s Intellectual Property
Introduction
Technology Counterfeiting
The Apparel Industry
The Entertainment Industry
5: Virtual Roundtable on Intellectual Property and Economic Espionage
Introduction
The Legal Perspective: Naomi Fine
The OpSec Perspective: Keith Rhodes
The Professional Investigator’s Perspective: Ed Stroz
The DoD Cyber Sleuth’s Perspective: James Christy
The Security and Privacy Consultant’s Perspective: Rebecca Herold
Part 2: The Strategy
Introduction
6: Elements of a Holistic Program
Introduction
False Memes Lead People the Wrong Way
From the Industrial Age to the Information Age
7: Case Study: Cisco’s Award-Winning Awareness Program
Introduction
What Is This Scenario?
The Message Is the Medium: Be a Security Champion
When Your Message Reaches the Employees They Become Your Messengers
Staying on Message
It Takes More Than Compelling Content and Hard Work
Lessons Learned
8: Case Study: A Bold New Approach in Awareness and Education Meets an Ignoble Fate
Introduction
The Mission, the Medium, the Message
Meaningful Content and Persuasive Delivery
Investment and Empowerment
Three-Phase Approach
Don’t Be Surprised If…
9: Case Study: The Mysterious Social Engineering Attacks on Entity Y
Introduction
Fundamentals of Social Engineering Attacks
The Mysterious Social Engineering Attacks on Entity Y
Guidance for the Workforce
10: Personnel Security
Introduction
Coming and Going: Guidelines for Background Checks and Termination Procedures
And Everywhere in between: Guidelines for Travel Security and Executive Protection Programs
11: Physical Security: The “Duh” Factor
Introduction
12: Information Security
Introduction
13: The Intelligent Approach
Introduction
The Intelligence Function As an Internal Early Warning System
What Happens to a Million Grains of Sand in a Perfect Storm?
The Partnership Issue Is a Daunting Force-Multiplier, Double-Edged Sword
14: Protecting Intellectual Property in a Crisis Situation
Introduction
15: How to Sell Your Intellectual Property Protection Program
Introduction
Questions to Ask and People to Approach
What Is Your Business Differentiation from Your Competitors?
Notes on Figure 15.1
Notes on Figure 15.2
Implications of IP loss
Notes on Figure 15.3
Notes on Figure 15.4
Notes on Figure 15.5
16: Conclusion
Protect Your IP
Appendix A: Baseline Controls for Information Security Mapped to ISO
Appendix B: Leveraging Your Tax Dollar
Domestic
International
Appendix C: Notes on Cyber Forensics
Digital Evidence: Volume
Digital Evidence: Searches/Legal
Digital Evidence: Cell Phones
Digital Evidence: Accreditation
Digital Evidence: Digital Forensics Intelligence
Appendix D: U.S. International Trade Commission Section 337 Process
Appendix E: U.S. Trade Representative’s 2007 Special 301 Watch List
Appendix F: U.S. Department of Justice Checklist for Reporting a Theft of Trade Secrets Offense
Background and Contact Information
Description of the Trade Secret:
General Physical Measures Taken to Protect the Trade Secret
Confidentiality and Non-Disclosure Agreements
Computer-Stored Trade Secrets
Document Control
Employee Controls
Description of the Theft of Trade Secret
Civil Enforcement Proceedings
Index
Introduction
Your Enterprise at Risk
How to Read This Book
Part 1: The Challenge
Introduction
1: The Tale of the Targeted Trojan
Introduction
The Haephrati Case
2: When Insiders and/or Competitors Target a Business’s Intellectual Property
Introduction
Lightwave Microsystems
America Online
Casiano Communications
Corning and PicVue
Avery Dennison and Four Pillars
Lexar Media and Toshiba
SigmaTel and Citroen
3dGEO – China
3: When State Entities Target a Business’s Intellectual Property
Introduction
Airbus and Saudi Arabian Airlines
Russian Intelligence and Japanese Trade Secrets
Japan and the Cleveland Clinic Foundation
China and Russia: TsNIIMASH-Export
Overt Nation State Attempts: India, Venezuela, Brazil, and Others
Current and Future Threats to Economic Security
4: When Piracy, Counterfeiting, and Organized Crime Target a Business’s Intellectual Property
Introduction
Technology Counterfeiting
The Apparel Industry
The Entertainment Industry
5: Virtual Roundtable on Intellectual Property and Economic Espionage
Introduction
The Legal Perspective: Naomi Fine
The OpSec Perspective: Keith Rhodes
The Professional Investigator’s Perspective: Ed Stroz
The DoD Cyber Sleuth’s Perspective: James Christy
The Security and Privacy Consultant’s Perspective: Rebecca Herold
Part 2: The Strategy
Introduction
6: Elements of a Holistic Program
Introduction
False Memes Lead People the Wrong Way
From the Industrial Age to the Information Age
7: Case Study: Cisco’s Award-Winning Awareness Program
Introduction
What Is This Scenario?
The Message Is the Medium: Be a Security Champion
When Your Message Reaches the Employees They Become Your Messengers
Staying on Message
It Takes More Than Compelling Content and Hard Work
Lessons Learned
8: Case Study: A Bold New Approach in Awareness and Education Meets an Ignoble Fate
Introduction
The Mission, the Medium, the Message
Meaningful Content and Persuasive Delivery
Investment and Empowerment
Three-Phase Approach
Don’t Be Surprised If…
9: Case Study: The Mysterious Social Engineering Attacks on Entity Y
Introduction
Fundamentals of Social Engineering Attacks
The Mysterious Social Engineering Attacks on Entity Y
Guidance for the Workforce
10: Personnel Security
Introduction
Coming and Going: Guidelines for Background Checks and Termination Procedures
And Everywhere in between: Guidelines for Travel Security and Executive Protection Programs
11: Physical Security: The “Duh” Factor
Introduction
12: Information Security
Introduction
13: The Intelligent Approach
Introduction
The Intelligence Function As an Internal Early Warning System
What Happens to a Million Grains of Sand in a Perfect Storm?
The Partnership Issue Is a Daunting Force-Multiplier, Double-Edged Sword
14: Protecting Intellectual Property in a Crisis Situation
Introduction
15: How to Sell Your Intellectual Property Protection Program
Introduction
Questions to Ask and People to Approach
What Is Your Business Differentiation from Your Competitors?
Notes on Figure 15.1
Notes on Figure 15.2
Implications of IP loss
Notes on Figure 15.3
Notes on Figure 15.4
Notes on Figure 15.5
16: Conclusion
Protect Your IP
Appendix A: Baseline Controls for Information Security Mapped to ISO
Appendix B: Leveraging Your Tax Dollar
Domestic
International
Appendix C: Notes on Cyber Forensics
Digital Evidence: Volume
Digital Evidence: Searches/Legal
Digital Evidence: Cell Phones
Digital Evidence: Accreditation
Digital Evidence: Digital Forensics Intelligence
Appendix D: U.S. International Trade Commission Section 337 Process
Appendix E: U.S. Trade Representative’s 2007 Special 301 Watch List
Appendix F: U.S. Department of Justice Checklist for Reporting a Theft of Trade Secrets Offense
Background and Contact Information
Description of the Trade Secret:
General Physical Measures Taken to Protect the Trade Secret
Confidentiality and Non-Disclosure Agreements
Computer-Stored Trade Secrets
Document Control
Employee Controls
Description of the Theft of Trade Secret
Civil Enforcement Proceedings
Index
- No. of pages: 300
- Language: English
- Edition: 1
- Published: March 5, 2008
- Imprint: Syngress
- Paperback ISBN: 9781597492553
- eBook ISBN: 9780080558806
RP
Richard Power
Richard Power is an internationally recognized expert in the areas of Security, Intelligence and Risk. An independent consultant, he provides guidance in the areas of personnel security, cyber security, crisis management, terrorism, cyber crime and economic espionage to Fortune 500 companies and government agencies globally. Previously, he served as the Director of Security Management and Security Intelligence for the Global Security Office of Deloitte Touch Tomatsu from 2002-2005. Prior to that, he was Editorial Director of the Computer Security Institute. He authors a monthly column on information security issues for Computer Fraud and Security Journal, as well as a monthly column on for the Research and Technology Protection section of the FBI’s Infragard program. He is the author of Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace (Macmillan/QUE 2000).
Affiliations and expertise
Internationally recognized expert in the areas of Security, Intelligence and Risk; former Director of Security Management and Security Intelligence for Deloitte Touche TomatsuCB
Christopher Burgess
Affiliations and expertise
Senior Security Advisor, Cisco Systems; former Senior Operations Officer with the Central Intelligence Agency (CIA)Read Secrets Stolen, Fortunes Lost on ScienceDirect