Data Leaks and IP Theft

Even as viruses grow more dangerous and zombie botnets flood us with spam, security experts are turning inward. The real threat is from within. One disgruntled sales manager jumping ship to a competitor and taking customer lists along can do more damage than the latest worm, while being much harder to detect.

According to the U.S. Commerce Department, intellectual property theft costs U.S. business about $250 billion each year, while also slashing nearly 750,000 jobs from the U.S. economy.

Not all of the damage is intentional. Data leaks got a lot of press last year, with the TJX scandal leading the way. The typical data leak incident combines a careless employee or lax security policies with opportunistic crooks. Yes, TJX was technically the victim of an external attack. However, TJX gathered customer credit card information that it shouldn’t have and stored it in an unencrypted database. It’s pretty much like leaving the keys in the ignition of your car and being surprised when someone steals it.

Security vendors are tackling this problem with new solutions that range from enterprise rights management to data discovery and policy generation to data-leak prevention. If your security profile doesn’t take IP theft and data leakage into account, you should look at vendors like Liquid Machines, Proofpoint, Reconnex or Vericept.

You may soon have access to these features through your existing vendors, as well. Symantec recently acquired Vontu, while RSA and Websense made acquisitions of their own earlier this year, snatching up Tablus and PortAuthority.