CASE STUDY #262

CORPORATE ESPIONAGE

A Global Leader in Innovation and Manufacturing Cracks Down on Attempts to Steal its Secrets

CLIENT'S CHALLENGE

Corporate espionage and sabotage (e.g., industrial, economic, corporate) commonly takes many forms – from cyber intrusion to physical security incidents, intelligence collection, and compromising internal personnel.  Even when these attacks are identified, it can be challenging to determine attribution, and whether the threat is an insider, industry competitor, market investor, or even an attack sponsored by a nation-state.  Motivations also vary widely, from revenge or retaliation for a perceived grievance to a thirst for intelligence that might inform a competitive strategy, or the inside track on a market trade.  In this case, the company – an internationally branded enterprise known for its technical innovation – was well versed in recognizing warning signs and taking quick action.   

At one location, a series of incidents captured the attention of the corporate head of security.  At first, sabotage appeared to be the intent.  In one case, company equipment was deliberately damaged and, in another, equipment was set afire.  During the same period, several drones were spotted hovering over a key factory center.  Most troubling, however, were a rash of instances involving badged employees with access to restricted internal areas who appeared to have been taking pictures of operational details with their personal cameras.

MATADOR’S SOLUTION

As part of its campaign to identify and remediate several vulnerabilities of a physical, technical, and digital nature, management engaged external security experts for assistance, advisors that included a Matador member.  Over several weeks, this hybrid team of internal managers and external specialists reviewed policies and procedures; intensified internal surveillance and monitoring of on-the-floor camera systems; heightened the visibility of security personnel; and launched an educational campaign to raise security awareness among all employees.

IMPACT ON THE CLIENT

The company’s quick response to elevated risk levels in its operating environment represented a critical exercise that highlighted security as a strategic business priority and reminded every employee across departments and functions that “security is both a collective and an individual responsibility.” No additional security incidents occurred.  Moreover, no evidence emerged indicating there might be any further compromise of the company’s intellectual property and proprietary work practices.