What is a Corporate Counterespionage Strategy?


A well-reasoned plan to protect conversations, privacy, and intellectual assets.

When a Corporate Counterespionage Strategy (CCS) is plugged into your overall security program you gain a profit center.

The Basics...

Every organization needs
a Counterespionage Strategy

• Executives have a fiduciary responsibility
   to protect intellectual property for stockholders.

• Many businesses must demonstrate compliance with
   privacy and information security laws. (Fines are costly.)

• Intangible asset losses have greater financial impact
   than physical property losses.


Simple TSCM is Not a Strategy
It is an Outdated Concept
You Need More

Technical Surveillance Countermeasures (TSCM) is a decades old military term. It describes procedures soldiers followed to find the simple bugs and wiretaps of a bygone era. The objective – "Find the bug, soldier."

New thinking...

• Establish an overall Counterespionage Strategy.
• Schedule periodic double-checks.

Preventing losses is smarter and cheaper than cleaning them up.

Why do I need a
Corporate Counterespionage Strategy?

Because, corporate espionage is rampent.

Failed spying attempts pop up in the news and courts regularly.

Successful espionage pops up as "interesting coincidences," look-a-like products and mysterious lost profits.

Dollars loss from corporate espionage can be calculated.
Simply total up...
• unrealized profits (items sold per year x product sales life span)
• and wasted investments in...
   - R&D
   - Manufacturing
   - Marketing
   - Sales
   - Employee talent
   - Legal actions
   - Unsold goods

A calculated loss from only one incident makes a compelling argument for adding CCS to any security program. Not having a strategy is indefensible from a stockholder's point-of-view.

Murray Associates CCS is a holistic approach to protecting profits.

Basic elements of a Corporate Counterespionage Strategy include...
• Management leadership to promote the overall effort.
• Employee education on information security and workplace espionage.
• Intellectual property safeguards.
   - Written rules and enforcement
   - Legal compliance (The "non" agreements from the legal department
     employees, vendors and consultants sign.)
   - Marketplace monitoring for violations.
• A regular schedule of proactive audits.
   - TSCM to detect electronic spying while it is still in the intelligence
     collection (no harm done yet) phase.
   - Wi-Fi audits to identify rogue devices and document compliance with
     applicable privacy laws.
   - Information security surveys (usually conducted concurrently with TSCM).
   - Physical security surveys (usually conducted concurrently with TSCM).
   - Research and report new vulnerabilities so proper safeguards can be
     pro-actively taken.
• An in-house system for...
   - Evaluation of employee reports of espionage suspicions
   - Research for "interesting coincidences" and look-a-like products
   - Accounting of the actual/potential dollar value of the consequences of
     espionage (real and suspected)
   - An annual cost / benefit analysis of proactive CCS to show the effort
     is profitable.