Scared of being swept out in a round of redundancies? Then join a security company, where your misery is the industry's opportunity to protect intellectual property.
It is our opinion that the majority of security threats faced by Australian companies come from employee's who are dissatisfied or at risk of redundancy
ESD Australia's Les Goldsmith
Thanks to the financial and economic crisis, which McAfee's CEO Dave DeWalt at the World Economic Forum in Davos last week twisted into the "global meltdown in vital information", the security industry has found its new public enemy number one: not clumsy insiders who accidentally leak information, but fearful insiders who suspect they're about to become outsiders.
"The current economic crisis is poised to create a global meltdown in vital information. Increased pressures on firms to reduce spending and cut staffing have led to more porous defences and increased opportunity for crime," said DeWalt.
DeWalt based his comments on research that found US$4.6 billion worth of intellectual property was stolen last year across several countries. McAfee extrapolated it to US$1 trillion for the globe — a figure which will probably have to be trimmed in today's finance-constrained world.
But DeWalt's argument was compelling — superficially at least. Locally, people have been angered by how retrenchments have been conducted — coldly — and revenge of a similar ilk would surely be on the minds of some. Just take a look at the feedback on the story about Dimension Data's recent layoffs.
Les Goldsmith, a veteran of technical surveillance counter-measure services and MD of ESD Australia, contacted me with a similar argument to DeWalts'.
"It is our opinion that the majority of security threats faced by Australian companies come from employee's who are dissatisfied or at risk of redundancy," said Goldsmith.
The current economic climate meant that staff would be aware of the threat of being laid off, leaving a company's intellectual property at a greater risk of theft, he said.
To an extent I agree with Goldsmith, but how different would that be to a climate in which poaching staff was the norm? Say, like last year.
I also had a chat with Rob McAdam, managing director of penetration testing firm, Pure Hacking, a company that often does forensics after a data theft has occurred. He made two points. First, companies that let their staff know its systems are being monitored reduce the risk of a theft occurring. Staff weigh up the risks, he said.
The second is more telling though of the risk of IP theft, specifically. "All the jobs we've been called in for have been around credit card data," he said. "It's been more about how can I make a quick return and that takes a while on IP, but for credit card information it's fairly immediate."
So is your IP under threat? Probably, just like it was last year, but it's the day-to-day low-hanging, easily liquefied fruit that's still likely to be at the greatest risk.