You’re at an important company board meeting discussing a top secret product development project. If this unique product idea gets leaked to your competitors, the consequences could be dire. The key stakeholders are in the conference room or participating via conference call. The meeting goes well and later you find out your competitor has beat you to market with the same product idea. How could this have happened? Your business or organization could be the victim of corporate espionage. Someone could be collecting competitive intelligence through unethical means, such as listening devices, video surveillance, or even something as basic as rummaging through your trash. Whether the threat comes from bugging devices at a one-time event, or ongoing surveillance at your corporate site, make sure you are aware of surveillance techniques, find the threats, determine who is behind the intelligence gathering and put systems in place to prevent future breaches.
Your competitors and corporate enemies want to know what is said at meetings with shareholders, new business partners or clients or new product development teams. They may be seeking information about your financial outlook, or access to your intellectual property. Some companies will stop at nothing to gain that information and for many reasons, it’s easier than ever for them to get it. Today, surveillance is easier than ever. Advanced wireless devices such as covert listening devices, miniature cameras, concealed, wearable recording devices or hidden micro-cameras are just a click away online and can be very inexpensive. Employees or someone on the cleaning crew could be paid to place a device in a conference room or collect paper trash afterwards, or look for computer passwords left on desks or taped under keyboards. Safeguarding your company secrets requires a preventative approach. The most common surveillance targets are CEO offices, their private conference rooms, and assistant’s work area, since these spaces are the most likely locations for strategic meetings where valuable company information is discussed. These areas should be swept for bugging devices before critical meetings and at regular intervals, based on the level of risk.
If you suspect that someone is obtaining company secrets or you’ve already experienced a damaging leak of information, we recommend screening for potential threats to prevent further leaks. A TSCM (technical surveillance countermeasure) examination can be performed to look for surveillance equipment or detect other risks. These can be done before an important meeting, at an off-site event, or at your site at regular intervals. A TSCM examination may include such counter surveillance tactics as:
Important business meetings held off-site at hotel convention centers can be easy opportunities for surveillance. Sweeps of the meeting rooms, guest rooms, or bathrooms can be done, and then security staff should maintain custody of the room to ensure the room stays free of bugs until after the meeting. Executive cars can be targeted and especially at risk if using valet parking, as well as executive phones which are susceptible to Trojan horse software that can allow someone to listen in on all the conversations or steal data from email or text messaging.
What happens if listening devices are found during a sweep? If surveillance equipment is found during the TSCM examination, it should not be removed immediately because it can be used as a trap to find out who put it there. The TSCM examination is just the stepping off point for a full analysis and investigation. Suspects need to be interviewed. A full security assessment may be necessary if many problems are found. Systems should be established to prevent this kind of activity. Embedded and dedicated security personnel may be needed to keep security at the forefront of executives’ minds, staff who can be there to watch, learn, listen and report on surveillance threats. Everyone in the organization can contribute to prevent leaks. Policies and procedures should be developed and communicated to employees regarding the handling of passwords, access, and confidentiality agreements.
Companies are hungry for that competitive edge that will help crush their competition. They may hire corporate surveillance companies to gather company secrets from their competitors, often through unethical means. Low level employees with low moral or low paid personnel from external maintenance services can be paid off to gather intelligence or plant bugs. Most companies are naive and feel that industrial espionage and surveillance does not happen in real life, it only happens in the movies and “cannot happen here.” They feel they can trust all of their employees like family. But all it takes is a hungry competitor and a disgruntled employee passed over for a promotion to initiate the leaking of your company secrets that could be devastating to your business. Then, with the preponderance of equipment easily available, your company’s most important information and conversations could get into competitors hands in an instant. What proprietary business information could cause damage to your company if your competitor was able to listen in on your meetings? Have you done all that you can to protect that information? Contributing author: Doug Cunningham, Director of Operations, Chicago Field OfficeTweet