| Most Indian CEOs still feel that corporate espionage is something that happens to others. |
| When the famous Pepsi-Coke corporate espionage case became public in the US in July last year (a Coca Cola employee had asked Pepsi for $1.5 million for sharing the trade secrets of a new beverage), a senior executive in a large Indian company dismissed it as a typical western way of functioning. |
| The executive, who has spent years in many companies, said his only exposure to corporate espionage in India has been through his child's story book, Willy Wonka and the Chocolate Factory. In the book, Arthur Slugworth tries to steal Wonka's secret recipes by bribing young visitors to the Oompa Loompa sweets maker. |
| A year later, however, the executive is busy setting up systems that would prevent corporate espionage in his company. Three much-publicised cases in quick succession forced him to change his mind. |
| The first was the Thermax-Purolite legal battle that intensified last month. Purolite had charged its business competitor, Thermax, with recruiting four of its ex-employees just for stealing intellectual property. Thermax, however, hit back and filed a counter-suit against the US company. The second was the arrest of the VSNL managing director's executive assistant on charges that he leaked out crucial information to a rival company. And the third was the revelation that an MBA student from one of the leading B-schools in India recently succeeded in breaking through the security barriers of 10 Indian banks. Recruited on campus by a multinational bank for a company project, his assignment involved getting classified information from the bank's competitors. |
| Though relatively new in India, corporate espionage has been in the news the world over since 1943 when the first such case was reported. A P&G employee that year bribed a Lever Brothers worker to steal several bars of a soap called Swan that was under development. P&G used the formula to improve its own Ivory soap and ended up paying Lever $5.67 million for infringing on its patent. |
| The most colourful and high-stakes case embroiled General Motors and Volkswagen for much of the 1990s. The cased hinged on GM's head of purchasing who defected abruptly to VW in 1993. GM accused him of masterminding the theft of more than 20 boxes of sensitive documents. The world's largest corporate espionage case ended when VW admitted no wrongdoing but agreed to pay GM $100 million in cash. More recently, Oracle chief executive Larry Ellison was in the dock for his decision to hire detectives to mine garbage pails and investigate two research groups funded by the company's rival, Microsoft. |
| Though no proper estimate has been made in India on the losses companies make due to data theft, the US Chamber of Commerce has said that corporate espionage costs American shareholders at least $25 billion a year in intellectual property losses. |
| A KPMG study had, however, found that most Indian companies still feel that corporate espionage is something that happens to others. Most are also unaware of the fact that the greatest threat is from their own employees because they do not have adequate internal controls in place. They don't realise that 80 per cent of reported break-ins are inside jobs and an elaborate information technology system alone can't solve the problem. What is required is employee awareness about the risks involved. |
| The other problem is that only 20 per cent of corporate espionage cases in India get reported due to the sensitivity involved. Moreover, there have been very few convictions in India till date for corporate espionage or data theft. |
| That's the bad news. The good news is that at least some Indian companies are putting in a series of measures to restrict access to trade secrets. They perform background checks on new employees and ask for exit interviews for departing ones. Most of them also maintain a paper trail detailing those with access; and they ask for non-disclosure agreements. |
| They obviously need to do more and could take lessons from what Kevin Mitnick, described as a computer terrorist and who made corporate espionage a fine art, said in one of his testimonies before a Senate committee. Mitnick said companies spend billions in building an information security system but forget that the most complex element is the people who use the systems in which the information resides. For example, Motorola had a highly sophisticated information security system under which the pass code on the employees' computers changed every 60 seconds. However, Mitnick was able to convince Motorola operations employees to provide him on repeated occasions the pass code on their security access device and to enable an account for his use on one of their machines. |
| Mitnick's comments are enough justification for companies to give more stress on managing the softer side of corporate espionage management. After all, systems are not only about machines; they are also about the people who run them. |
Disclaimer: These are personal views of the writer. They do not necessarily reflect the opinion of www.business-standard.com or the Business Standard newspaper
