Insider Risk Digest: March ???

Dive into our latest Insider Risk Digest, where we explore recent espionage in the German military, trade secret theft at Tesla, espionage risks in critical infrastructure, data leaks in the pharma sector, and security lapses at NASA. Plus, a look at the delicate balance between research collaboration and knowledge security.

??We value your insights—like if you find this digest insightful and join the conversation in the comments. Let's continue to tackle these challenges together. ????

Military Insiders

The German military has apprehended an individual suspected of espionage on behalf of Russia. The arrest underscores growing concerns regarding foreign intelligence activities within Western militaries. The detained individual, identified as a German soldier, allegedly passed sensitive information to Russian handlers, raising alarms about insider risk and highlighting the growing challenge of safeguarding national security against insider threats amidst heightened geopolitical tensions.

Tesla Victim Once More

Tesla is in the spotlight of insider risk incidents once again this month. Two individuals have been apprehended, facing charges of trade secret theft. Through the obtained secrets, the individuals had set up their own company in China. Tesla, as a leader in high-tech vehicle solutions, is often targeted by insiders who attempt to profit from their large investments in R&D. Current investment in adequate safeguards, however, is lagging behind.

Spying Cranes

American officials are growing worried over the potential espionage capabilities of foreign procured elements within the national critical infrastructure. Specifically, procured cranes have been identified as posing a risk of clandestine intelligence collection, as they contain communication equipment and sophisticated sensors that can capture information about materials being shipped around the world. Procurement has often been leveraged as a legitimate process exploited by external actors to get the privilege of an insider, especially in critical infrastructure.?

Departing Employee Pandemic

A former Johnson & Johnson employee brought thousands of sensitive strategy-related files with him to his new employer Pfizer, in a new tale in the long history of strategic rivalry between the two companies. The information included confidential sales data, customer and channel lists, pricing models, market research, contracting strategies launch playbooks and more. J&J’s company security program flagged his activities, but this did not stop the former employee from accessing the information within his new position at Pfizer. The pharmaceutical industry is increasingly defined by high competitiveness, with departing employees taking more and more of the spotlight.

NASA iPad Theft

NASA is yet to conclude its investigations concerning the theft of materials used to train astronaut crews. Specifically, iPads used by the training crew had gone missing in June of?

2023. The incident and lagging investigations have created concerns regarding NASA’s approach to device management, a crucial safeguard to ensure the confidentiality and integrity of confidential information.

Research Collaboration Vs Knowledge Security

The Canadian University of Ottowa says it does not screen China-affiliated researchers in federal grants. Whilst researchers are screened over potential affiliation to Russian, Chinese and Iranian institutions posing a potential threat, affiliation to talent programs like the Chinese Thousand Talents Program is still not standardised. Over $2 billion is granted yearly in research funding, potentially financing the expatriation of critical Canadian developments. A complex balance still needs to be struck between the desired openness of research ecosystems and the necessity of safeguards advancing knowledge security.

Like & Share ????