One of the most valuable data sets any manufacturing company has is its intellectual property, proprietary processes, and product roadmaps. A single piece of critical information can give a competitor the details they need to leap ahead and dominate the market.
Last week, 6 employees of manufacturer BASF were arrested in Taiwan under suspicion of selling corporate secrets to a rival Chinese firm. According to the Reuters news service, China’s Jianghua Micro Materials Co. offered BASF employees in Taiwan as much as $5.8 million to provide proprietary documents detailing BASF manufacturing processes, technologies, and other trade secrets.
Payments of $1.3 million had been transferred to two bank accounts, indicating the BASF employees had successfully committed some degree of corporate espionage.
In industries like this where it’s critical to keep company secrets… well, secret, the key is having visibility into employee behavior and communications. In the BASF scenario, it’s safe to assume there was some sort of exchange of messages occurring between Jianghua Micro and the BASF employees prior to, and during the data theft. There also may have been leading indicators that the employees involved may have been going through financial difficulty or were unhappy with BASF. And lastly, the actual transfer of data had to involve the employee interacting with BASF files and performing some malicious action – copying to a USB drive, uploading to the cloud, attaching to personal webmail – something.
Organizations looking to stay a step ahead of employee-involved espionage need to leverage Insider Threat Detection and Employee Monitoring Software to proactively monitor for both leading and active indicators of insider risk and threat. By doing so, in BASF’s case, it may have been possible to detect inappropriate communications before the data theft occurred, sparing BASF of the now damage done.
Insider Risk – How Prepared Are You?
Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.