Nissan’s disclosure this week of a malware attack in which attackers stole employee user-account credentials was a chilling reminder of the reality of industrial espionage.
While it may be easy to get caught up in toeing the compliance line and focusing solely on the protection of personally identifiable information (PII), at the end of the day security professionals need to remember that protecting business-critical intellectual property (IP) should be their No. 1 concern, security pundits warn.
“Will I say that every company is at risk? No, not every company. If you’re already open-source or don’t possess IP of great value, then there’s not a huge monetary [or] intellectual gain in ripping you off,” says Ken Pickering, development manager of security intelligence for Core Security. “But time and time again, we’ve seen evidence that foreign powers and corporations are finding it’s easier to steal information than develop it.”