One in five companies in the electronics and electrical industry is affected by industrial espionage and corporate spying; this also applies to one in six companies in the mechanical engineering and the chemical and pharmaceutical sectors. This has just been shown by a new analysis by the German Fraunhofer-Institut für System- und Innovationsforschung (ISI). Evaluating input collected from 1,300 manufacturing companies, the researchers show that enterprises in virtually all sectors can potentially be affected – regardless of whether they are SMEs or large corporations.
On average, 11% of all companies surveyed experienced definite incidents or suspected cases of espionage in the past five years. According to the notice by Fraunhofer ISI, however, this is nothing but “the tip of the iceberg”. Moreover, the institute’s researchers assert that the risks are getting more and more serious as digitization has multiplied the amount of digitally available information and communications processes, and even production machinery has now been integrated into IT networks,.
In their view, the most important shortcoming here is the lack of efforts to create awareness among employees. “Employees, who often have access to sensitive information, [are] not involved in the protective measures,” according to Fraunhofer ISI’s current press release. Yet this is seen as crucial: “For more than half of the affected companies, in-house individuals [were] also involved in the spying. This was not always done with malicious intent, but also through carelessness, negligence, and ignorance.” Frequent examples include employees opening suspicious e-mails (in 67% of attacks) or not adequately safeguarding their smartphones and tablets (28%). However, only two out of five companies inform and sensitize their employees about information security.
The researchers emphasize that a great deal can be achieved here in a very efficient manner: “Companies [could] achieve a significantly higher level of protection with simple and cost-effective prevention measures for creating awareness among all employees, such as training courses or posters and screen savers.” For this, companies can also draw on the expertise of the authorities, and the experts for information security at Karg and Petersen are also glad to help.
The consequences of know-how theft can be disastrous. “A data leak can ruin the entire company,” warns Fraunhofer ISI in its notice. For example, a competitor could launch an equivalent product or service on the market more quickly and more cost-effectively. In 2017, a joint study by the Bundesamt für Verfassungsschutz and Bitkom had found similar problems in corporate information security and estimated the damage to the German economy at 55 billion euros annually (we reported).
For the now published notice Spione in der Produktion, Fraunhofer ISI evaluated data from its survey on Modernisierung der Produktion, as part of the WiSKoS project sponsored by the German government’s Bundesministerium für Bildung und Forschung.