And you’ve all had to go through the old “what do you do for a living” conversation with someone you’ve just met and had to explain that CI isn’t about stealing secrets, not about following people around building up dossiers.
Well get ready for some more fun as the Formula One community spins itself into a media frenzy over the alleged industrial espionage between 2007’s leading manufacturers, McLaren and Ferrari. You can read more about this story at Fox Sport here and here, but to summarise:
Disgruntled Ferrari worker (now saying he is the fall guy) allegedly passes technical information regarding Ferrari’s cars performance to a senior member of McLaren’s design team. This design team member takes the 700+ set of materials to a local printing shop to make copies, who dutifully tip-off Ferrari. The parties are now in court proceedings to sort the matter out.
Now it’s very clear what the vast majority of CI professionals think of these actions. Unethical and illegal. SCIP has a set of ethical guidelines that include these gems:
- To continually strive to increase the recognition and respect of the profession.
- To comply with all applicable laws, domestic and international.
- To promote this code of ethics within one’s company, with third-party contractors and within the entire profession.
- To faithfully adhere to and abide by one’s company policies, objectives, and guidelines.
But what about on Ferrari’s side? Does CI have a reversed role to play here?
Counter Intelligence refers to intelligence organizations or efforts designed to prevent enemy intelligence organizations from successfully gathering and collecting intelligence. Seeing as CI professionals spend a lot of their time gathering information ethically, is there a responsibility to look at your company’s exposure to having data collected by 3rd parties?
I believe there is.
I’ll qualify that statement – I believe it is CI’s responsibility to educate senior management on the dangers of intelligence gathering and identify what information is freely available in the public domain. I don’t think anyone can stop the type of activity that was alleged to have took place at Ferrari, but you do have a responsibility who has access to CI materials within your organisation. You also have a responsibility to show management what you can gather ethically about your own company’s future trends.
Are PR announcements too detailed? What’s the security like on your partner network or community forums? Do you publish a partner or price list that can be freely used. Is that material necessary to be freely available, or can there be additional security steps? Have you made financial information or presentations available?
I’d be very interested to understand how others are protecting their CI assets within their organisations as well as anyone’s experiences showing your management potential threats.