Corporate Espionage at Dyson: Looking Inside an Inside Job

Is there a chance that someone could be stealing your most profitable business secrets? Competitive intelligence isn’t new, but it certainly has gotten easier with the introduction of ubiquitous high resolution cameras (smartphones), miniature storage devices that hold massive amounts of data (USB drives) and advanced tools of human manipulation (social networking).

Dyson, the British engineering firm behind the popular bagless vacuum cleaners and Airblade hand dryers, accused their German counterpart, Bosch, of planting a mole, or corporate spy, inside their headquarters for two years to steal vital research and development information. Bosch has denied any wrongdoing and refuses to return the technology or intellectual property. In an odd twist, Bosch hasn’t publicly denied planting an inside spy to siphon competitive intelligence from their rival.

In a world of highly competitive and rapid technological advancements, this sort of news brings to mind three crucial questions for businesses wanting to protect their intellectual property:

Does corporate espionage happen frequently?

The short answer?  YES!  When you combine competitive pressures to outshine the competition with easy-to-use espionage tools (smartphones, Wi-Fi hacking apps, Facebook), it’s easier than ever for a spy to walk out your door with the proverbial recipe for the secret sauce.

Can the inside job be stopped?

Remember, Bosch could go buy a Dyson, take it apart, and reverse engineer it. When this happens (as with Apple and Samsung), the victim’s recourse is to sue.  But here’s the reality: Once intellectual property starts to leak, regaining it is like trying to collect raindrops with cupped hands; you go to an awful lot of work to quench a tiny portion of your thirst. Occasionally the results of taking it to court justify the fight. If you have a war chest like Apple, it can be profitable to fight for your intellectual property. For most companies, however, the prudent strategy is to prevent or minimize the damage of competitive espionage in the first place. In other words, yes, the inside job can be stopped, or at least marginalized to a point where damage is minimal.

How can companies prevent corporate espionage?

Every form of competitive espionage has one thing in common — a spy. There is always a human element to data theft.  Businesses tend to fixate on gadgets and the software that protects them. In the meantime, a human being walks out the door with the information in his pocket.  The best solutions to prevent competitive espionage then, focus on the human side of the equation:

  • Properly vet new hires utilizing appropriate and legal background checks.The EEOC has essentially made it illegal to NOT hire someone based solely on their criminal record, so be cautious with your process
  • Train staff  on inside theft and warning signs of corporate espionage (particularly those positions key to fraud detection). With the right training and a supportive culture, most spies are caught red handed by loyal employees before the data leaves the building. But your honest employees need to be properly trained to detect possible spying and must operate within an environment that encourages anonymous reporting of suspicious behavior.
  • Create aggressive non-disclosure agreements (NDAs) with tight legalese that covers your intellectual property when it falls into the wrong hands. More importantly, aggressive NDAs send a message to potential spies that you are serious about protecting your intellectual property.
  • Implement technical tools that log and alert you when intellectual property is being copied to an unapproved device
  • Utilize IP Compartmentalization of confidential information. This should address  all three realms of exposure: physical, digital, and human. In the spy world, this known as giving access on a “need-to-know basis”. Examples include implementing user-level permission settings on your network and creating a classification system (public, confidential, top secret) throughout your digital and physical filing structure.

John Sileo is an award-winning author and keynote speaker on data privacy and reputation protection. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his Keynote Presentation or watch him on Anderson Cooper, 60 Minutes or Fox Business.