A married employee of a leading technology firm has been arrested for espionage, suspected of providing source codes to a foreign agency. He appears to have provided critical IP to this agency over a long period of time. It turned out that he had been recruited, while on an overseas trip after he was confronted with compromising photographs of him with a young women that he had met in the hotel bar the night before.
Technology firms need to be aware of general risks of (corporate) espionage. The risk is real. In addition, and possibly applicable in this situation, research has pointed out that in 65% of the insider IP theft cases, employees were already on their way out. Companies should therefore consider insider risks along the full employee lifecycle, from recruitment to a (redundancy) exit-process and even thereafter. Was the employee an infiltrator from a foreign hostile agency, was he recruited, and/ or did he become, e.g. disgruntled at a later stage and decided to act when his redundancy process started?
Signpost Six supports companies in insider risk assessments and solutions and case management. In a case assessment like the above example we will analyse the personal process of an (ex-)employee in conjunction with their environment and situation, provide lessons for the company but also support and coach in running case management with the aim of managing the current risks and future escalations (if this is viable).