Usually when the topics of security and coffee are raised in the same sentence, one of two thoughts comes to mind:

1. Very late nights in the past resolving a security incident
2. Stalking (i.e. hackers breaching free Wi-Fi hot spot services at local coffee shops)

I strongly believe there should be a third:

3. Leveraging a simple cup of coffee as a mechanism for breaking the ice and building a relationship with the leaders of business units within your organizations

Too many times I’ve walked in early to a customer meeting to find the IT Security group introducing themselves to the leaders of other departments within their own organizations for the first time.

This event is typically driven by an upcoming project to secure item “XYZ” which involves a new application or process.  Although this is a less than perfect situation, it is better than the alternative where the business does not consult IT security until the organization suffers a breach, possibly from this new project.

A couple weeks ago, a preview for a new movie by a famous actor playing himself as both the lead man and woman caught my attention. I like this actor and his movies are pretty funny, but it got me thinking…How many of these same movies have there been in the past with just a slight variation? How many people have paid to see, rent or own roughly the same movie with some alterations to make it seem new – either the actors change, the motivation for the characters change, the plot is slightly different? And, if this happens with movies then what about TV, music and books? I continued to ponder this, then it hit me that the same can be said for most of these art forms. We’ve seen countless TV shows about a group of friends living in close proximity to each other sharing life’s events, songs with the same message or similar notes and rhythms, books about spies, double crosses, wizards, vampires, but the stories all have strong commonalities.

In today’s business world, information is as valuable as cash. In fact, industrial espionage costs U.S. businesses more than $250 billion each year. [i] This has organizations scrambling to shore up their defenses against all manner of outside attacks.  At the same time, companies of all sizes may be neglecting one of the most important perpetrators of intellectual property (IP) theft: their employees.

In order to assess this often underrated threat, Symantec asked forensic psychologists Eric D. Shaw and Harley V. Stock to examine various factors leading to insider IP theft. While most research is put into the development of technology-based security measures, their white paper focuses on the behavioral and environmental issues that can lead to theft of corporate data.

Who Is the Typical IP Thief, and What Are They Stealing?

The average data thief is 1) a current employee; 2) male; and 3) 37 years old, on average. They serve mainly in technical positions such as programmer, engineer or scientist. [ii]