Q&A with Michel Juneau-Katsuya, CEO, The Northgate GroupWritten by Linda Johnson Monday, 22 August 2011 10:26
Corporate espionage can be an exciting topic. International spies, top secret research and, of course, the notorious honey-pot trap — the downfall of many a young engineer in a foreign country. At its core, however, it’s about losing market share, contracts and competitiveness.
Table of contents
(Page 1 of 2)
Michel Juneau-Katsuya, a former senior intelligence officer and senior manager with the Canadian Security Intelligence Service, estimates that corporate espionage costs Canadian companies billions of dollars a year. Now CEO of The Northgate Group, a security consulting firm, and guest professor in criminology at the University of Ottawa, he believes that companies must take a new, more vigorous approach to securing their confidential information.
Later this year, Juneau-Katsuya will heading up a conference, CISC2011: Protecting Your Company Against Corporate Espionage. It will be held Nov. 28–30 in Ottawa. Among presenters are members of several government departments, including the National Defence’s national counter-intelligence unit, which is responsible for investigating all spy activities against the department and its subcontractors.
Juneau-Katsuya, co-author, with Fabrice de Pierrebourg, of Nest of Spies (2009), will also be presenting at the conference.
Recently, Canadian Security spoke to Juneau-Katsuya about how significant the problem of corporate espionage is, mistakes companies make and ways to prevent competitive information from falling into the wrong hands.
CS: Is corporate espionage a significant problem in Canada?
Juneau-Katsuya: It’s huge. I would dare to say that, if it were not that terrorists shed blood, by far the greatest national security issue that Canada currently faces would be corporate espionage.
In 1995 we demonstrated that we were losing $10 billion to $20 billion a year. The U.S. at that time was losing an average of $25 billion, which is twice as much as us. But, because they are 10 times bigger than us, we were actually losing five times more. The reason is that Canada is a knowledge-based society. We have phenomenal research centres. We are at the cutting edge of research and technology in many different fields. And that becomes extremely attractive to foreign entities and industrial spies.
Since the end of the Cold War, we have moved from military confrontation to economic confrontation. And some players out there are playing in a very sophisticated way, and they are using their national intelligence services to come and spy on Canadian companies to steal their secrets. We lose market share, we lose contracts, we lose our competitiveness when that happens. And market share is revenue.
CS: What are the main mistakes companies make that lead them to lose competitive information?
Juneau-Katsuya: First, they do not perform a good threat-risk assessment. A good threat-risk assessment, from an executive point of view, can be simplified into an equation: “threat to” plus “threat from” equals vulnerability.
“Threat to” is “What do I need to protect?” Fortunately, about 90 per cent of security companies can give you a decent assessment of what you need to protect. It can be your intellectual property, trade secrets, production secrets, your people, R&D, information like that.
You also need to do the “threat from” or “Who wants to go after me?” If you don’t perform that, you will be lost. If you haven’t identified the “threat from,” you won’t be able to be very precise, and you will be condemned to taking something off the shelf — putting in bars or guards, putting in access control cards. But what if the problem is the employee you just hired, who’s got a gambling issue and wants to steal some technology to pay a debt? In that case, you have to able to protect yourself, and you have to be able to assess the risk.
The moment you have a clear picture of your vulnerability, you can optimize the use of your budget on security. And you don’t need to be a security expert. A CEO can understand “threat to/threat from.”
Companies often fail to perceive security as a strategic investment versus simply an expense, an overhead, or as a liability issue. If you do it intelligently, it’s something you can promote as part of the value of doing business with you because you have a better sense of what security is and how to protect your company.
Published in News