O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Secrets Stolen, Fortunes Lost

Book Description

The threats of economic espionage and intellectual property (IP) theft are global, stealthy, insidious, and increasingly common. According to the U.S. Commerce Department, IP theft is estimated to top $250 billion annually and also costs the United States approximately 750,000 jobs. The International Chamber of Commerce puts the global fiscal loss at more than $600 billion a year.

Secrets Stolen, Fortunes Lost offers both a fascinating journey into the underside of the Information Age, geopolitics, and global economy, shedding new light on corporate hacking, industrial espionage, counterfeiting and piracy, organized crime and related problems, and a comprehensive guide to developing a world-class defense against these threats. You will learn what you need to know about this dynamic global phenomenon (how it happens, what it costs, how to build an effective program to mitigate risk and how corporate culture determines your success), as well as how to deliver the message to the boardroom and the workforce as a whole. This book serves as an invaluable reservoir of ideas and energy to draw on as you develop a winning security strategy to overcome this formidable challenge.

• It’s Not “Someone Else’s” Problem: Your Enterprise is at Risk
Identify the dangers associated with intellectual property theft and economic espionage
• The Threat Comes from Many Sources
Describes the types of attackers, threat vectors, and modes of attack
• The Threat is Real
Explore case studies of real-world incidents in stark relief
• How to Defend Your Enterprise
Identify all aspects of a comprehensive program to tackle such threats and risks
• How to Deliver the Message: Awareness and Education
Adaptable content (awareness and education materials, policy language, briefing material, presentations, and assessment tools) that you can incorporate into your security program now

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright page
  5. Authors
  6. Introduction
    1. Your Enterprise at Risk
    2. How to Read This Book
  7. Part 1: The Challenge
    1. Introduction
    2. Chapter 1: The Tale of the Targeted Trojan
      1. Introduction
      2. The Haephrati Case
    3. Chapter 2: When Insiders and/or Competitors Target a Business’s Intellectual Property
      1. Introduction
      2. Lightwave Microsystems
      3. America Online
      4. Casiano Communications
      5. Corning and PicVue
      6. Avery Dennison and Four Pillars
      7. Lexar Media and Toshiba
      8. SigmaTel and Citroen
      9. 3dGEO – China
    4. Chapter 3: When State Entities Target a Business’s Intellectual Property
      1. Introduction
      2. Airbus and Saudi Arabian Airlines
      3. Russian Intelligence and Japanese Trade Secrets
      4. Japan and the Cleveland Clinic Foundation
      5. China and Russia: TsNIIMASH-Export
      6. Overt Nation State Attempts: India, Venezuela, Brazil, and Others
      7. Current and Future Threats to Economic Security
    5. Chapter 4: When Piracy, Counterfeiting, and Organized Crime Target a Business’s Intellectual Property
      1. Introduction
      2. Technology Counterfeiting
      3. The Apparel Industry
      4. The Entertainment Industry
    6. Chapter 5: Virtual Roundtable on Intellectual Property and Economic Espionage
      1. Introduction
      2. The Legal Perspective: Naomi Fine
      3. The OpSec Perspective: Keith Rhodes
      4. The Professional Investigator’s Perspective: Ed Stroz
      5. The DoD Cyber Sleuth’s Perspective: James Christy
      6. The Security and Privacy Consultant’s Perspective: Rebecca Herold
  8. Part 2: The Strategy
    1. Introduction
    2. Chapter 6: Elements of a Holistic Program
      1. Introduction
      2. False Memes Lead People the Wrong Way
      3. From the Industrial Age to the Information Age
    3. Chapter 7: Case Study: Cisco’s Award-Winning Awareness Program
      1. Introduction
      2. What Is This Scenario?
      3. The Message Is the Medium: Be a Security Champion
      4. When Your Message Reaches the Employees They Become Your Messengers
      5. Staying on Message
      6. It Takes More Than Compelling Content and Hard Work
      7. Lessons Learned
    4. Chapter 8: Case Study: A Bold New Approach in Awareness and Education Meets an Ignoble Fate
      1. Introduction
      2. The Mission, the Medium, the Message
      3. Meaningful Content and Persuasive Delivery
      4. Investment and Empowerment
      5. Three-Phase Approach
      6. Don’t Be Surprised If…
    5. Chapter 9: Case Study: The Mysterious Social Engineering Attacks on Entity Y
      1. Introduction
      2. Fundamentals of Social Engineering Attacks
      3. The Mysterious Social Engineering Attacks on Entity Y
      4. Guidance for the Workforce
    6. Chapter 10: Personnel Security
      1. Introduction
      2. Coming and Going: Guidelines for Background Checks and Termination Procedures
      3. And Everywhere in between: Guidelines for Travel Security and Executive Protection Programs
    7. Chapter 11: Physical Security: The “Duh” Factor
      1. Introduction
    8. Chapter 12: Information Security
      1. Introduction
    9. Chapter 13: The Intelligent Approach
      1. Introduction
      2. The Intelligence Function As an Internal Early Warning System
      3. What Happens to a Million Grains of Sand in a Perfect Storm?
      4. The Partnership Issue Is a Daunting Force-Multiplier, Double-Edged Sword
    10. Chapter 14: Protecting Intellectual Property in a Crisis Situation
      1. Introduction
    11. Chapter 15: How to Sell Your Intellectual Property Protection Program
      1. Introduction
      2. Questions to Ask and People to Approach
      3. What Is Your Business Differentiation from Your Competitors?
      4. Notes on Figure 15.1
      5. Notes on Figure 15.2
      6. Implications of IP loss
      7. Notes on Figure 15.3
      8. Notes on Figure 15.4
      9. Notes on Figure 15.5
    12. Chapter 16: Conclusion
      1. Protect Your IP
  9. Appendix A: Baseline Controls for Information Security Mapped to ISO
  10. Appendix B: Leveraging Your Tax Dollar
    1. Domestic
    2. International
  11. Appendix C: Notes on Cyber Forensics
    1. Digital Evidence: Volume
    2. Digital Evidence: Searches/Legal
    3. Digital Evidence: Cell Phones
    4. Digital Evidence: Accreditation
    5. Digital Evidence: Digital Forensics Intelligence
  12. Appendix D: U.S. International Trade Commission Section 337 Process
  13. Appendix E: U.S. Trade Representative’s 2007 Special 301 Watch List
  14. Appendix F: U.S. Department of Justice Checklist for Reporting a Theft of Trade Secrets Offense
    1. Background and Contact Information
    2. Description of the Trade Secret:
    3. General Physical Measures Taken to Protect the Trade Secret
    4. Confidentiality and Non-Disclosure Agreements
    5. Computer-Stored Trade Secrets
    6. Document Control
    7. Employee Controls
    8. Description of the Theft of Trade Secret
    9. Civil Enforcement Proceedings
  15. Index