Security Director Budget Booster - The Value Of Corporate Secrets

Here are the findings from a Forrester Consulting paper on the value of corporate secrets.

• Secrets comprise two-thirds of the value of firms’ information portfolios. Despite the increasing mandates enterprises face, custodial data assets aren’t the most valuable assets in enterprise information portfolios. Proprietary knowledge and company secrets, by contrast, are twice as valuable as the custodial data. And as recent company attacks illustrate, secrets are targets for theft.

• Compliance, not security, drives security budgets. Enterprises devote 80% of their security budgets to two priorities: compliance and securing sensitive corporate information, with the same percentage (about 40%) devoted to each. But secrets comprise 62% of the overall information portfolio’s total value while compliance related custodial data comprises just 38%, a much smaller proportion. This strongly suggests that investments are over-weighed toward compliance.
 

• Firms focus on preventing accidents, but theft is where the money is. Data security incidents related to accidental losses and mistakes are common but cause little quantifiable damage. By contrast, employee theft of sensitive information is 10 times costlier on a per-incident basis than any single incident caused by accidents: hundreds of thousands of dollars versus tens of thousands.
 

• The more valuable a firm’s information, the more incidents it will have. The “portfolio value” of the information managed by the top quartile of enterprises was 20 times higher than the bottom quartile. These high value enterprises had four times as many security incidents as low-value firms. High-value firms are not sufficiently protecting data from theft and abuse by third parties. They had six times more data security incidents due to outside parties than low-value firms, even though the number of third parties they work with is only 60% greater.
 

• CISOs do not know how effective their security controls actually are. Regardless of information asset value, spending, or number of incidents observed, nearly every company rated its security controls to be equally effective — even though the number and cost of incidents varied widely. Even enterprises with a high number of incidents are still likely to imagine that their programs are “very effective.” We concluded that most enterprises do not actually know whether their data security programs work or not. (more)

Need help. Call us.

SpyCam Story #591 - You can stop saluting now.

Australia - An army corporal has gone on trial accused of putting a tiny camera in women's showers at his barracks.

Prosecutors told Adelaide Magistrates Court Nathan William Freeman disguised a tiny camera as a car remote control and put it in the women's showers at Woodside army barracks in the Adelaide Hills last December.

A police analysis of the footage allegedly showed Freeman putting the device in the shower. (more)

Doh! Another spycam'er shoots himself.

Stolen Laptop Reward... Drugs

PA - A Philadelphia man used his skills as an advertising executive to devise a unique way of getting back his stolen laptop... Surveillance video captured the robbery on tape... Refusing to take the robbery lying down, Kurt Shore devised a campaign to find the missing notebook.

First, he posted the surveillance video on the Philly-based website wheresthefairness.com with hopes of getting attention for his cause. The same video also went to YouTube, announcing a reward of an ounce of marijuana.

He then printed and posted posters offering a “fabulous drug stash” to whoever returned the computer.

Shore isn’t actually offering drugs. The bottom of the poster reads “Actual reward may vary.” (more)

The Wrong Question

I am asked some really odd security questions. Take this one from a media editor, for example…

“I’ve been reading various articles in which experts are quoted as saying that terrorism is a threat that is just as important as malware to corporations. But I’m not sure whether that is the case, or if it is, what terrorism means in the enterprise context. Also, how can corporate terrorism be guarded against?”

She was right. The debate didn’t make sense. She smelled a rat and was double-checking. I asked her to bear with me while I steered the discussion back to sanity. I began…

Malware is annoying and can be damaging, but keep it in perspective. It won’t sink your ship. A “terrorist spending vs. IT spending” debate also misses the mark... The welfare of the employees and their companies is better served with an “intellectual assets spending vs. IT spending” debate. (more)

Why you want us on your team in 2011...

“The secret of business is to know something that nobody else knows.”
—Aristotle Onassis (1906-1975)

You know some things.

We help you keep them confidential.

Have us check your offices for bugs, taps and more in 2011.

—Kevin D. Murray, counterespionage.com

Is Your Cell Phone Spying On You?

It's possible that someone could listen to your conversations -- even when you're not on the phone. (video news report)

The solutions mentioned, while helpful, do not present a complete picture. Coming soon... Is My Cell Phone Bugged - Everything you need to know to protect your mobile communications.

SpyCam Story #590 - Can't Stand the Heat

OH - A 51-year-old former Mayfield Heights fire captain accused of hiding cameras in bathrooms filed a motion to change his not-guilty plea, instead of going on trial...

The camera found in an air freshener in a men's bathroom stall at the YMCA was there for less than a day, before a worker noticed a blinking light in it. Investigators said (the man) could be seen in the video installing the camera.

Detectives seized 60 videotapes lasting up to eight hours each from (his) home. They found pinhole cameras hidden in three of the walls in (the) bathroom. Wires in the walls connected the cameras to recording equipment in a closet. (more)

Doh! Another spycam'er shoots himself.

Tapped Out after Tapping

UK - A jealous husband confessed to his wife that he had bugged her phone because he wrongly suspected her of having an affair. 

Harvinder Singh Gora, a successful businessman, was sued by Georgina Bansal and agreed to pay her a five-figure out-of-court settlement.

But last week, on the day the payment was due, he filed for bankruptcy and now she may never see a penny of the money she is owed. (more)

The Spin on the BlackBerry News

via FastCompany...
BlackBerry smartphones have been under fire around the world from terrorism-fearing governments. Now RIM's revealed how it'll let the Indian government spy on users, so the service can stay running. It's not too bad...

...RIM has consented to the governments wishes. It will allow access to BlackBerry Messenger communications inside India on a "case by case" basis, where "lawful" access requests are made. This means the government will have to follow due legal process to spy on BlackBerry users, on an individual basis, and with the consent of the courts. (more)

Expect more consenting as other governments squeeze BlackBerry with offers they can't refuse... "Say yes, or you're out of business."

A similar story, Anatomy of a Wiretap, in The Hindu newspaper has had the link to this graphic pulled. ("The article you are looking for is no longer available in this website.")

Odyssey of an Eavesdropper - now an e-book

Originally released as a hard cover book in 2006, Odyssey of an Eavesdropper: My Life in Electronic Countermeasures and My Battle Against the FBI by Martin Kaiser III with Robert S. Stokes is now available in an e-book version.

From Publishers Weekly 
Modesty aside," says electronic surveillance expert Kaiser, "I was to the FBI, and the CIA, and the rest of the intel community, what 'Q'—the British Secret Service technical genius—was to James Bond." And Kaiser, who consulted on the 1998 film Enemy of the State, which he says is loosely based on his story, first made his name in the late 1950s and early '60s, when he helped develop a missile-directing system. Eventually he began making "bugs" for the FBI and CIA as well as private companies. But after his 1975 testimony before the House of Representatives about his work in government intelligence, the FBI, he says, came after him. He was indicted for illegal wiretapping and other crimes, and while he was acquitted on all charges, his business was ruined and he suffered an emotional breakdown that he attributes, in part, to childhood abuse. Kaiser ends the book with a chapter about the lack of privacy in America today—and while some of his warnings seem alarmist, his background will make readers of this compelling and sympathetic book (written with journalist and novelist Stokes) think twice.
Copyright © Reed Business Information, a division of Reed Elsevier Inc. All rights reserved. --This text refers to the Hardcover edition.

Spy Holiday Gifts & and a Free offer from me!

This year, I'm giving lock picks.
What's your cool spy gift going to be?

My friends at the International Spy Museum in Washington, DC have a few suggestions. My personal favorite is the Spy Gnome. Put him anywhere and your statement is made... "You don't know-m me!"

Here are some more of their suggestions...

Kryptos Replica
Stealth Secret Amplifier

Watch Phone
Mission Video Watch

Spy Video Trakr (free gift with purchase)

Of course, they have hundreds of other cool spy gifts to choose from. Hey, you're in the security business. What are you going to give? Socks?!?! Heck, no. You have a reputation to uphold.

Yes, they sell lock picks. But they are not half as cool as mine. :)

Hey, if your business card says "Security Director" or similar on it, and you want one of our complimentary stainless steel lock pick cards, just sign in here and let me know before December 24th.

P.S. - The International Spy Museum offers Free shipping on orders over $25. Use secret coupon code "fs25" at checkout.

SpyCam Story #589 - Chicken Soup?!?!

CA - Donald Lee Bedford said he hid a small video camera in his girlfriend’s daughter’s bedroom because he was concerned about her financial welfare and wanted to listen in on her conversations about it. What he wound up recording, though, is 46 minutes of footage of the victim and her boyfriend talking and watching TV in their underwear... his victim discovered the camera — cut into the spine of a Chicken Soup for the Soul book — and turned it over to authorities.

The 55-year-old Carpinteria resident is now facing a felony charge of eavesdropping, which carries a maximum sentence of three years in jail, and a misdemeanor charge of unlawful electronic peeping.

...Bedford filmed himself setting up the camera and later admitted to his girlfriend a version of what he had done. (more)

Doh! Another spycam'er shoots himself.

Business Espionage - Snooping interne

France - After months of squabbling, walkouts and fears of a feud in the upper echelons, France 24's boardroom drama has taken a turn for the worse after police were called in to investigate accusations of spying and computer-hacking in the organisation. Journalists at the channel were stupefied this week to discover that police are looking into charges of a massive spying operation at the top. (more)

Merry Christmas, kid.

"Mommy has a new toy she would like you to play with."

 "Find out who's telling the truth—and who's not—by giving your suspect a lie detector test! Attach the sensor to your suspect's finger. Ask tough questions to really make 'em squirm! The indicator lights light up when your suspect isn't telling the truth. Busted!"

You better watch out
You better not cry
Better not pout
I'm telling you why
Santa Claus is coming to town
He's making a list
And checking it twice;
Gonna find out Who's naughty and nice
Santa Claus is coming to town... (sing-a-long)

Need to track a package?

Check this out...

 from the seller's website...

The United States Postal Service (USPS) processes and delivers more than 212 billion pieces of mail per year to Americans. The U.S. Postal Service continually aims to increase its quality of service, to reduce delivery times, to pinpoint logistical inefficiencies, to save costs and to eliminate waste.

To support this challenging task, the USPS commissioned TrackingTheWorld Inc., a leading global positioning technology firm, to develop a letter-tracking GPS device that would meet the agency’s precise needs.

These needs include reporting the positioning of letter mail from anywhere on the planet at customizable time intervals, interfacing with Google Earth, and recording down time, all fitted in a device conveniently and completely unnoticed within a standard size envelope. (more)