DeepINTEL 2015 – How to deal with (Industrial) Espionage
The DeepINTEL event in September will have a strong focus on a specific kind of intelligence. We will address the issue of espionage. Given the headlines of the past six months it is clear that companies are subject to spying. There is no need for euphemisms any more. Even with half of the information published on this matter, there is no way to deny it. Since the trading of data is a lucrative business, the issue won’t go away. So if you run a company or an organisation, then you might want to deal with risks and threats before they deal with you.
DeepINTEL is focused on security intelligence. Few CISOs and CEOs have a grasp what this really means. It is much more than doing risks analysis or threat assessment. As we have emphasized time and again, the Big Picture counts. You can counter some threats with a single device or a filtering rule. You cannot counter an concerted attack such as espionage easily. Spying involves many components and steps to retrieve the desired information. It also involves time. In order to detect malicious behaviour over the course of months or even years, you have to apply different techniques. This is where security intelligence enters the stage. You have to create your own tools and processes to get your very own early warning system. The knowledge of your company needs to be part of the analysis. There is no off-the-shelf software which does everything for you. Any vendor claiming to have the solution for your needs in this context is wrong. Of course there are a lot of good tools out there, but first you have to make up a clear picture of what your organisation does, where all relevant data sits, and how it flows.
If you are dealing with espionage in your day job or research ways to counter it, please consider the Call for Papers. Encrypted email preferred. DeepINTEL 2015 takes place on 21/22 September 2015.