On 17 October 2013, ThomasNet ran a piece on industrial espionage (“Industrial Espionage Threats to SMEs Originate from Within“), and interviewed Prevendra’s CEO, Christopher Burgess on some of the fundamental issues and distinguishing the difference between ethical data collection and espionage.   

Christopher Burgess, CEO of Prevendra Inc., a security, privacy and intelligence firm based in Washington, told IMT that information is sought by two kinds of groups.

The first includes those who are exploiting everything companies put out through social networks, whitepapers, and other public disclosures and actions. This is what Burgess calls legitimate intelligence collection.

“Then there are those who have managed to hurdle that fence of propriety and appropriateness and are engaging in illegal activities,” he said.

“The inadvertent disclosure of information is your biggest threat — as opposed to being targeted and exploited directly,” said Burgess.

Companies need to know what data employees are sharing with customers or partners and how that information is shared, he said. “I do advocate that every company have a social network guide that lays out expectations as to what is and what is not shareable,” he said.

For example, employees who post resumes and related information on such social networks as LinkedIn might inadvertently be disclosing something their employer wants to protect, Burgess said. A trip app might allow a competitor to view a company’s travel itinerary. Information can be aggregated to show patterns. “The beauty of Foursquare is you can see people checking in to their clients and where and how many trips are being made to a specific location,” he said.

To read the entire piece:  Industrial Espionage Threats to SMEs Originate from Within.