TRUSTED PERSPECTIVE TRUSTED RESULTS The Value Proposition of Our Firm © Copyright 2009. ZeroPoint Risk Research, LLC. All ri 1 Protecting Critical Information the Age of Economic Espionage and Identity Theft Managing Risk in a Hostile World
TRUSTED PERSPECTIVE
TRUSTED RESULTS
The Value Proposition of Our Firm
© Copyright 2009. ZeroPoint Risk Research, LLC. All rights. 1
ProtectingCritical Information
In the Age of Economic Espionageand Identity Theft
Managing Riskin a Hostile World
Global Threat, Domestic Risk
© Copyright 2009. ZeroPoint Risk Research, LLC. All rights. 2
Targeting U.S. Corporate Assets
• More than 100 nations targeting U.S. technology secrets.• People’s Republic of China is the number one offender.• Russia is second.• China and Russia have aggressive cyber acquisition and attack
systems.• China is rapidly becoming manufacturer to the world and
intellectual property rights enforcement is not anticipated until at least 2020, despite World Trade Organization agreements.
• U.S. commands 40 percent of the global research & development spend, making the U.S. a target-rich environment.
• Many companies have inadequate protections against economic espionage.
3© Copyright 2009. ZeroPoint Risk Research LLC. All rights.
Two At-Risk Information
PersonallyIdentifiableInformation
IntellectualProperty
&Trade Secrets
Both are corporate assets, both are targeted.
© Copyright 2009. ZeroPoint Risk Research, LLC. All rights. 4
Information is stolen by governments, employees, and even byorganized crime, which sells stolen information as part of a $2 trillion
global money laundering.
High-Risk Information Targets
Personal DataEnergy Technology
Advanced MaterialsInformation Technology
Resource & Environment TechnologyBiotechnology & Advanced Agricultural Technology
Advanced Manufacturing and Automation Technology
© Copyright 2009. ZeroPoint Risk Research LLC. All rights. 5
Privacy: Personally Identifiable Information
• As defined by state and federal statutes:– Personal identifiers
• First name• Middle initial• Last name• Address• Name of children• Social Security Number• National identification number• Telephone & fax numbers• Street address• Driver’s license number• Vehicle registration plate• Credit card numbers
• Face, fingerprint, handwriting• Digital attributes, such as passwords• Email• Certain URLs• Certificate & license numbers• Health plan beneficiary numbers• Full-face photographic images• Employer information• Household member information• Biometric identifiers, including fingerprints and voiceprints• DNA
© Copyright 2009. ZeroPoint Risk Research, LLC. All rights. 6
About the Firm
© Copyright 2009. ZeroPoint Risk Research, LLC. All rights. 7
Professional Services Rendered
ConsultingAdvice & Counsel
Syndicated ResearchSpecial Research Projects
© Copyright 2009. ZeroPoint Risk Research LLC. All rights. 8
Disciplines in Asset Protection
Administrative SecurityTechnical SecurityPhysical Security
Privacy ComplianceRisk-Based Privacy
© Copyright 2009. ZeroPoint Risk Research LLC. All rights. 9
STRATEGYPOLICY
TESTING &
ANALYSISREMEDIATION
10
Legal Risk
Financial &
Investment Risk
RegulatoryRisk
ReputationRisk
Focus on Variable and Cascading Risk
© Copyright 2009. ZeroPoint Risk Research, LLC. All rights.
INTELLECTU
AL PROPERTY
TRADE SECRETS
PERSONALLY IDENTIFIABLE INFORMATION
© Copyright 2009. ZeroPoint Risk Research LLC. All rights. 11
The following slide reflects research conductedby ZeroPoint Risk Research on the role of
foreign country hosts in protecting third-party intellectual property and trade secrets.
© Copyright 2009. ZeroPoint Risk Research LLC. All rights. 12
Government &
Industry
TradeSecrets
IntellectualProperty
PersonalInformation
Company
Information
Assets atRisk M
ust Be
Protected O
ff-ShoreLegislation
Policy
Operations
Standards
Economic
Espionage
Global
Information
Theft
Denied
Safe Harbor for Critical Inform
ation Protection
Defensive Inform
ation Barrier
Foreign Country Role in Counter-Economic
Espionage
Proprietary Research Tools
13© Copyright 2009. ZeroPoint Risk Research, LLC. All rights.
Every Enterprise Has a Strategic Risk Inflection Point™
© Copyright 2009. ZeroPoint Risk Research, LLC. All rights.
14
46 Conditions Analyzed
13 Survey Question Range
US Scenario:Privacy
Compliance
US Risk DataElements
598
US Scenario:Risk-Based
Privacy
US Risk DataElements
598
US Scenario:Intellectual
Property
US Risk DataElements
598
1,794 -7,176 Potential Enterprise Risk Data Elements per Country
ERX™ Thermal Map Identifies and Prioritizes Critical Concerns
© Copyright 2009. ZeroPoint Risk Research, LLC. All rights.
Enterprise Risk Index™
15
Trusted Community Development Model™
SecurityStandards
Agreement
PrivacyStandards
Agreement
Audit TermsAgreement
Defined
ComplianceTerms
Defined
EnforcementMechanisms
Defined
SpecificRisks
Defined
This tool is used to assess the risk to intellectual property and trade secrets based on service agreements with third-party companies, either domestically or in foreign countries.
16© Copyright 2009. ZeroPoint Risk Research, LLC. All rights.
The Analysts
17© Copyright 2009. ZeroPoint Risk Research LLC. All rights.
Executive Research Fellows
• ZeroPoint Risk Executive Research Fellows possess backgrounds in privacy, information security, facility and data center security, forensics, national security, maritime security, defense, military, intelligence, risk management, internal audit, law, compliance, medicine, life sciences, media, and finance and accounting. These analysts come from many industries, including life sciences, financial services and investment management, banking, government, professional services, the armed forces, communications, and technology.
18© Copyright 2009. ZeroPoint Risk Research, LLC. All rights.
About the Chief Risk Analyst, MacDonnell Ulsch
• Served on United States Government Secrecy Commission.
• Authored security policy paper for United States Senator Sam Nunn.
• Industrial espionage and security analyst at National Security Institute.
• Vice President & Chief Analyst, Security, Dun & Bradstreet Dataquest.
• Director, Global Risk Management, PricewaterhouseCoopers.
• Sr. Director, regulatory compliance, Gartner, Inc.
• Author of the book, “Threat! Managing Risk in a Hostile World.”
• Author of global risk assessment tool intellectual property.
• Distinguished Fellow of the Ponemon Institute.
19
By MacDonnell Ulsch
© Copyright 2009. ZeroPoint Risk Research, LLC. All rights.
CONTACT
FIRM PARTNERS
MacDonnell UlschManaging Partner
John [email protected]
Lorie [email protected]
Susan [email protected]
Telephone (617) 878-2144
www.ZeroPointRisk.com
20© Copyright 2009. ZeroPoint Risk Research LLC. All rights..
Remediating your zero-point of risk!