Sunday, September 03, 2000
Information thefts create demand for investigators
By Tracy Seipel
Knight Ridder News Service
SAN JOSE, Calif. This spring, Betsy Blumenthal began to receive telephone calls from worried executives and investors in some of the dot-com companies that had been awash in venture capital only months before.
Now they had a different problems: Employees were abusing expense accounts, making improper bank transfers, and even walking out with business documents. It was another sign of the beginning of the end for many dot-coms.
Part of the perpetrator's psyche is "The VC is making so much money off my back, I'm entitled to X, Y, and Z,' said Ms. Blumenthal, who is managing director of the San Francisco office of Kroll Associates, the world's largest private investigation firm.
One of the most frequently stolen pieces of information, according to investigators, is the company's customer list. Such a list might contain data on the customers, including their likes and dislikes, their product-ordering history, and information on new products the company might have in development for those customers.
People will say, "It doesn't sound very high-tech,' but in this day and age, it means much more than just a list of names and addresses, said David Cook, a former FBI agent and now managing partner of Noesis, an investigative consulting firm in San Francisco.
In Silicon Valley, private investigators have become an integral part of business ever since the 1970s and mid-1980s. Oracle Corp. may have highlighted this behind-the-scenes world, when it hired investigators to look into Microsoft Corp.'s financing of nonprofits, but its move was hardly unusual.
For years, half a dozen firms founded by former federal prosecutors or FBI agents in both San Francisco and Santa Clara counties have helped companies for years guard their trade secrets, stop pilfering, investigate suspicious hiring practices and outright theft.
They have been used in some of the high-profile cases ranging from the early 1980s case when Hitachi Corp. stole computer designs and software from IBM Corp. to the more recent unsuccessful prosecution of Avant! Corp. for alleged theft of trade secrets from Cadence Design Systems Inc. of San Jose.
Even before the dot-coms started tanking, the statistics told the story: Last year, Fortune 1000 companies reported losses of more then $45 billion from thefts of their proprietary information, according to a study done by the American Society for Industrial Security International and PriceWaterhouseCoopers.
The average Fortune 1000 company reported 2.45 incidents, with an estimated loss per incident in excess of $500,000. Tech companies reported 54 percent of those incidents with $120 million in direct losses. The average loss was estimated at $15 million.
To investigate these losses, tech executives turn to professionals such as Ms. Blumenthal, Mr. Cook or John Martin.
Mr. Martin worked for the U.S. Department of Justice for 31 years before joining his friend John Gibbons at The OSO Group Ltd., an investigative consulting firm that does work for multinational corporations and firms. Under Mr. Martin's leadership as chief of the DOJ's Internal Security Section, over 80 defendants were charged with espionage, including the first KGB officers, the first FBI agents, and the first CIA clandestine officers, among others.
He has also collaborated on stories with Tom Clancy, the author of several best-selling spy thrillers. I helped Clancy on a couple of things, said Mr. Martin, 62.
He used to call me to spin a few yarns. He'd ask, "How would this play out? Can I do this or that?' What about the constitutional issues? recalled Mr. Martin, who is not afraid to tell the author that his ideas don't happen that way in real life.
To which he said Mr. Clancy replied, That's why they call it fiction.
If Silicon Valley is rife with security problems, then much of it is avoidable, say investigators.
After five years of living in the Bay Area, Ms. Blumenthal is stunned at the lax security on the West Coast.
I can't tell you how many times we've been called for this: "Betsy, can you come here? We have proprietary information leaking out about quarterly earnings. We don't know how it leaked out, but it's affecting our stock; it's affecting things,' she recalled.
So we go out, and I run around, and I'm about 10 years older than everyone else. We explain what we can do and make the following suggestions: Get a systems security; don't allow people to be able to modem from home into the system; have people read a compliance manual and sign it every year; educate them on what are considered insider trading issues. And they never go for it, she said.
What comes back is, "We don't want to inhibit creativity for the engineer who comes up a great idea at 2 a.m.' It's the spirit of not being risk-averse, she said.
Silicon Valley is built on risk. We are in the business of mitigating risk. The challenge is to strike the right balance.
Doing preliminary background employment checks on everyone, from janitors to more extensive due diligence on executives, could prevent a lot of loss and heartache.
Twenty-five percent of the time, Mr. Gibbons says, his firm discovers something about an executive candidate, like a lawsuit, bankruptcy, or significant business problem that needs explanation.
They (clients) need to review and ask questions, said Mr. Gibbons, a former federal prosecutor who works out of the company's San Francisco office.
You don't want to make a guy a CEO of a company and the next thing you know, he's dragged into an antitrust suit by the U.S. government.
Shoppers grow weary of city's retail deficiency
Businessmen lack suitable quality, prices
Colorful fabrics hard to find
Selection miniscule in plus-size clothing
BYCZKOWSKI: New Economy
Be suspicious of work-at-home offers
Carving out a niche
Credit can be key to keeping, drawing customers
Information thefts create demand for investigators
Online security checkpoints prospering
Software opens Internet to the blind
What's the Buzz?