Risk Management: Competitor Espionage
A manufacturer of automotive components who had a dominate position in the market was concerned about loss of corporate assets to local competitors. The task was to review and assess company internal prevention processes & procedures, identify areas of weakness and to develop improvements to company security and asset protection programs.
Step 1: Definition of 4 core areas of investigation
- Physical Security – offices, factories, physical access control, guard force effectiveness, etc.
- HR Issues – clear expectations, recruiting due diligence, proper access control, leadership/”tone at the top”
- IT Systems, laptops, and mobile devices
- Security policies and procedures, control & monitoring
Step 2: Conducted a 2 month audit of internal processes & procedures
Step 3: Recommendations for corrective action with a particular focus upon Physical Security and Control & Monitoring
Step 4: Implementation of numerous corrective programs including
- CCTV, IT server access control, intrusion detection, firewall and anti-spyware, vetting of vendors, visitor security, access control, data storage & disposal procedures
- No new acts of corporate espionage or theft