The FBI has been busy on the trade secret front over the past few weeks, unveiling a trade secret protection awareness campaign on billboards in 9 major cites and, more recently, providing tips on spotting a potential trade secret thief in the workplace.
In a news release entitled “How to Spot a Possible Insider Threat,” the FBI has identified the following “warning signs that may indicate that employees are spying and/or stealing secrets from their company:
- They work odd hours without authorization.
- Without need or authorization, they take proprietary or other information home in hard copy form and/or on thumb drives, computer disks, or e-mail.
- They unnecessarily copy material, especially if it’s proprietary or classified.
- They disregard company policies about installing personal software or hardware, accessing restricted websites, conducting unauthorized searches, or downloading confidential material.
- They take short trips to foreign countries for unexplained reasons.
- They engage in suspicious personal contacts with competitors, business partners, or other unauthorized individuals.
- They buy things they can’t afford.
- They are overwhelmed by life crises or career disappointments.
- They are concerned about being investigated, leaving traps to detect searches of their home or office or looking for listening devices or cameras.”
While most of these clues are fairly obvious, they nevertheless highlight something that companies need to do a better job of doing — namely, identifying those employees most likely to breach their fiduciary or contractual duties.
In a presentation that I attended last year, Intel’s Janet Craycroft noted the importance of identifying potential red-flag employees in advance of any breach. She illustrated her point by describing the many missed opportunities with PFC Bradley Manning, the soldier who allegedly copied and released approximately 250,000 classified files to WikiLeaks in 2010 (and who now faces court martial and an assortment of charges, including aiding the enemy).
What everyone came to learn after Manning’s arrest was that he was, in the words of The Washington Post, “a lonely and disconsolate young man.” Janet went through a litany of behavioral and security “red flags” for Manning that were apparently ignored: a police report that he threatened his mother with a knife, near-discharge from the Army because of concerns about his stability, a reprimand for assaulting an officer, discipline for previous security lapses, the list goes on. Many of these and other incidents are documented in the thorough Wikipedia biography of Manning for those interested in reading more (if you are wary of Wikipedia as a source, check out the links to the established media sources within that bio as they are consistent with what I have heard and read else where).
The Takeaway? Identify the problem employees before they can become trade secret thieves. Look for unusual behavior, monitor employees who have had security lapses in the past, and above all, be proactive. (Thanks to Nixon Peabody’s Mark Halligan for alerting me to the FBI’s article).