As a result, a major focus has been on risk mitigation and response plans for cyberattacks, security breaches and the like.

Fundamentals matter

Organizational educational programming and process improvements have focused primarily on defensive positioning against these technological attacks, which could enable your internal plans and information to get into the wrong hands and jeopardize your competitive advantage. We go on the defense with extensive education and advice about selecting passwords, locking phones and computers and so on, that we get very careless about all of the other ways hackers find out what your organization is doing.

Traditional ways of gathering competitive information have been forgotten by companies in the age of technology and cyberattacks. Don’t get me wrong, mitigating cyberattacks is of utmost importance. But don’t forget the basics of practical counterintelligence education that should be part of every employee orientation, certification or refresher course, so employees are not inadvertently giving away company secrets.

“Traditional ways of gathering competitive information have been forgotten by companies in the age of technology and cyberattacks.”

What to ask

The startling truth is that most organizations don’t even know they are vulnerable and incorrectly answer these questions. How much can your competitor learn about your company from public information? How informed are your employees about information sharing? How is information unintentionally leaked and how significant is it? How do “information hackers” use bits and pieces of information to build a picture of you or your organization?

If you don’t have clear answers or a mitigation plan to eliminate risks associated these questions, then your organization is likely vulnerable even with the best technologies, firewalls and security software, because these threats are not happening in cyberspace.

They are happening in airports when your leading sales representative is waiting to board a plane, discussing the large deal he or he just closed for X number at Y price. Compromises are happening when R&D scientists are discussing the new war ship radar system during a breakfast at the hotel down the street from X company’s innovation lab in Washington DC. They are happening on the commuter train when the consultant is preparing the final recommendations presentation for tomorrow’s meeting.

Risks and fixes

Secrets are passed on in the most obvious but least expected ways, and they are used by trained experts to build a solid picture of your company plans. So why do we fail here?

So, here are five steps to tighten up the leaks:

1. Stress test

Conduct a full countermeasures vulnerabilities assessment of your company.

2. Emergency plan 

Develop a quick response plan to recognize and address threats.

3. Priority pages

Recognize NDAs and Conflict of Interest agreements only protect your organization in limited fashion. Most employees don’t give away information on purpose.

4. Orientation

Educate all employees in countermeasures and make it part of their orientation program.

5. Word of mouth

Remind by recertifying resources: post signs, brief before sales meetings or trade shows in order to remind employees and retrain periodically.