Is the Secret Out?

Article excerpt

AMERICAN COMPANIES WILL continue to expand into the global marketplace throughout the decade, creating a tremendous challenge for security professionals charged with protecting proprietary information. Managers who fail to take on this challenge may be jeopardizing the financial stability of their firms.

United States industries were already collectively losing $23.8 billion due to intellectual property piracy as far back as 1987, according to the International Trade Commission (ITC). By 1989, ITC found that the damage had climbed to $40 billion.(1) These figures include only the dollar value of patent, copyright, and trademark abuse. They do not include the loss from trade secrets and other proprietary information.

The 1992 ASIS-sponsored Proprietary and Technology Theft Survey addressed this other aspect of intellectual property problems. In that survey, thirty-two companies reported dollar losses of $1.82 billion.(2) If all respondents had reported dollar losses, that figure would have been far greater. Extrapolating the average company's loss to account for the potential losses for the entire US business community would easily compare to the $40 billion loss from patent, copyright, and trademark infringement.

In the same survey, respondents were asked about the cost of safeguarding proprietary information. They reported annual average expenditures of approximately $15,000 for formal safeguarding of proprietary information programs. There seems to be a dichotomy between the loss American companies suffer and what they are spending to prevent that loss.

Proprietary information is the lifeblood of any business. The resources directed to safeguard this valuable commodity are not up to the task. But is it really an issue that demands corporate attention?

ALVIN TOFFLER, AUTHOR OF Power Shift, describes a power shift as a fundamental change in how society functions. The power shift that Toffler writes about is the increasingly important role of information in every aspect of society. Information is now more important to success and survival of a business than access to capital.(3) This new level of importance for information requires that security professionals take a fresh look at the entire issue of information security.

Business success in this high-tech world will belong to those who manage access to their corporate data. Information protection requires a broad understanding of the material to be guarded. Information, in all its forms--written, electronic, visual, and oral--is what makes any business succeed.

Unauthorized access to business information has traditionally been handled by physical security safeguards, computer security, and proprietary safeguard methods. Depending solely on these techniques to protect information presents challenges. These disciplines are often under the control of separate parts of the corporation. The security department provides security officers, access control, and perimeter barriers. The management information systems department is responsible for computer security, and anyone from human resources to administration could be responsible for the proprietary safeguarding program.

A lack of central control has left potential vulnerabilities in current proprietary safeguarding efforts. Worse still is that these efforts do not confront the realities that modern corporations are facing when operating worldwide. According to Special Agent David Major, special assistant to the assistant director in charge of the FBI's intelligence division, foreign targeting of American technology and trade secrets continues. Foreign governments have increased their efforts to monitor and acquire sensitive information developed in this country.

Commercial espionage is having such a serious impact on U.S. competitiveness that the FBI has established a strategy to address the problem. As part of the new national security threat list program, the bureau has issued definitions to help focus the issues. …