Who’s Driving Security?
In the automotive industry, quality control is one of the most critical aspects of customer satisfaction. Fall behind the leaders in this category, and your market share is sure to follow. But what about maintaining this control over information that is used in the everyday operations of the company?
One of the fastest ways to close a competitive advantage gap is to hire away an expert. But what if the expert brings documents that are clearly the intellectual property of his former employer?
That’s the quandary Hyundai Motors finds itself in after hiring former Toyota quality control officer Bruce Shibuya. According to whistle-blowers inside Hyundai, Shibuya brought with him an impressive collection of Toyota quality-control documentation. And for three years, he used these documents to brief his Hyundai quality-control team.
Over at Boeing, they have been reeling since the revelations in 2003 that it used stolen trade secrets to beat rival Lockheed Martin to a US rocket contract, and that it recruited a senior government official when she was in charge of allocating multi-billion-dollar contracts for the US Air Force. For those indiscretions they face Department of Justice fines up to $500 million.
These two cases illustrate the importance of building a culture that takes information security and corporate ethics seriously. For one thing, internal documents flow more readily these days. E-mail and information storage technologies such as flash drives make it easier for proprietary information to walk out the front door. And what about the ethical implications? Clearly, there were enough people in high levels who knew they were gaining an unfair advantage, but said and did nothing for years.
The financial cost, the ruined careers, the damaged corporate image are all consequences too great to risk. Without buy-in and commitment from the top to the bottom of the organization, and continual review and reinforcement, security and ethics policies are just words on paper. When no one drives security, the organization may very well be on a road to nowhere.
David Drab
Principal, Information Content Security Services
Xerox Global Services