Handbook of Information Security Management:Policy, Standards, and Organization

Previous Table of Contents Next


How Safe Are We?

According to the International Trade Commission, the loss to U.S. industries due to economic espionage in 1987 was $23.8 billion and in 1989 was $40 billion. Today, these losses are projected to be over $70 billion. During the same time, the American Society for Industrial Security found that U.S. companies only spent an average of $15,000 per year to protect their proprietary information.

It was determined by one survey that only 21% of the attempted or actual thefts of proprietary information occurred in overseas locations, indicating that major threats are U.S. based. A CIA survey found that 80% of one country’s intelligence assets are directed towards gathering information on the U.S. and to a lesser degree towards Europe. The FBI indicates that of 173 nations, 57 were actively running operations targeting U.S. companies and over 100 countries spent some portion of their funds targeting U.S. technologies. It was determined that current and former employees, suppliers, and customers are said to be responsible for over 70% of proprietary information losses. No one knows how much of those losses are due to foreign government-sponsored attacks.

Economic Espionage Threats

Economic espionage — that espionage supported by a government to further a business — is becoming more prevalent, more sophisticated, and easier to conduct due to technology. Business and government share a responsibility to protect information in this information age of international business competition.

Businesses must identify what needs protection; determine the risks to their information, processes, and products; and develop, implement, and maintain a cost-effective security program. Government agencies must understand that what national and international businesses do affects their country. They must define and understand their responsibilities to defend against such threats, and they must formulate and implement plans that will assist their nation in the protection of its economy. Both business and government must work together, because only through understanding, communicating, and cooperating will they be able to assist their country in the world economic competition.

It is quite obvious from the preceding discussion that when it comes to economic espionage, a new form of information warfare, the information systems security professional must play an active role in the economic information protection efforts. These efforts will help protect U.S. companies or government agencies and will enhance the U.S.’s ability to compete in the world economy.

TERRORISTS AND TECHNOLOGY (TECHNO-TERRORISTS): A FORM OF INFORMATION WARFARE

The twenty-first century will bring an increased use of technology by terrorists. Terrorism is basically the use of terror or violence, or the use of violent and terrifying actions for political purposes by a government to intimidate the population or by an insurgent group to oppose the government in power. The FBI defines terrorism as: “...the unlawful use of force or violence against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.”

The CIA defines international terrorism as: “...terrorism conducted with the support of foreign governments or organizations and/or directed against foreign nations, institutions, or governments.” The Departments of State and Defense define terrorism as: “...premeditated, politically motivated violence perpetrated against a non-combatant target by sub-national groups or clandestine state agents, usually intended to influence an audience. International terrorism is terrorism involving the citizens or territory of more than one country.” Therefore, a terrorist is anyone who causes intense fear and who controls, dominates, or coerces through the use of terror.

Why Are Terrorist Methods Used?

Terrorists generally use terrorism when those in power do not listen, when there is no redress of grievances, or when individuals or groups oppose current policy. Terrorists find that there is usually no other recourse available. A government may want to use terrorism to expand its territory or influence another country’s government.

What Is a Terrorist Act?

In general, it is what the government in power says it is. Some of the questions that arise when discussing terrorism are

  What is the difference between a terrorist and a freedom fighter?
  Does “moral rightness” excuse violent acts?
  Does the cause justify the means?


Previous Table of Contents Next



The CISSP Open Study Guide Web Site

We are proud to bring to all of our members a legal copy of this outstanding book. Of course this version is getting a bit old and may not contain all of the info that the latest version are covering, however it is one of the best tool you have to review the basics of security. Investing in the latest version would help you out in your studies and also show your appreciation to Auerbach for letting me use their book on the site.