COUNTING THE COST OF INDUSTRIAL ESPIONAGE

COUNTING THE COST OF INDUSTRIAL ESPIONAGE

Industrial espionage is an intangible problem that companies and governments are reluctant to admit exists. It's hard to pin down and even harder to tackle.

Yet in the United States it has been estimated that corporate spying costs industry $100 billion a year in lost sales. This bill is even higher, says James Chandler, head of the Institute of Intellectual Property Law, ''if the full marketing ramifications of the intellectual-property theft and unrestricted technology transfer are factored in.''If you think bugging, bribery and break-ins all sound improbable, more a part of the world of James Bond than the humble workplace, think again. But this spying has little to do with fast cars, tuxedos or vodka martinis. It is more about temptation for the disaffected or low-paid.

''It is not always easy to identify the vulnerable people in an organization who would be open to bribery,'' says Ken Lodge, director of SIP Services International, security specialists based in London. ''The easiest way to have a bug installed, or to gain access to a building, is to bribe cleaning contractors or low-paid security staff.''

The companies that call in SIP may have inexplicably lost out on bids or had a rival launch a similar product at the same time.

''A lot of companies get bugged if they are involved in a possible takeover deal or are big players in the money market,'' Lodge says. ''Stockbrokers are also high-risk.''

The detection equipment that SIP uses to sweep offices for bugs is matched in sophistication, it proudly boasts, only by the gear used by NATO and one other European security firm. Lodge says many more bugs are found than companies own up to, but concedes that in the business world as a whole, devices are still ''few and far between.''

In the experience of Tommy Helsby, chairman of Kroll Europe, part of one of the world's biggest security firms, vital company secrets are often revealed by mistake.

''We'll get called in if, for instance, there's been a leak. We find that in most cases the leak has been inadvertent. We counsel clients to be more sensitive about recognizing important information and to restrict access to it.''

Human-resource departments are under increasing pressure to educate employees about being more discreet and security conscious, in some cases emphasizing that the survival of the organization could be at stake.

''Confidentiality policies'' are becoming increasingly common. A paper on industrial espionage by Philip C. Wright, a visiting scholar at the Hong Kong Baptist University in Kowloon, and Geraldine Roy, of the University of New Brunswick in Canada, states: ''To make the point forcefully, an awareness program should detail what records need protection, who is looking to steal the information and how they can be stopped.

''Internal publications might give 'true story' examples of damage caused by computer hacking, viruses or 'coffee talk' in non-safe places such as airports.''

The Japanese conglomerate Matsushita, for example, has implemented a central database where employees can suggest how to protect sensitive information.

Helsby says: ''The real culprit is not paying attention, leaving confidential documents lying around. People are hypersensitive about, say, a contract document but throw an early draft in the rubbish bin.''

That would not be such a foolish thing to do if there were not the chance, albeit quite small, of someone then taking it out of the trash can to profit from its contents. Helsby concedes: ''There is probably somebody in every organization who would sell information at the right price.''

This - along with the profile of a likely office spy, someone with serious personal problems, often connected with money - puts a new spin on the rise of counseling services that many larger companies provide to help employees.

One security specialist was advising companies more than five years ago to create confidential counseling services to help workers with financial, drug and alcohol problems ''to decrease the risk that pressure could be exercised on them to gather corporate information.''

However, more imaginative cases of industrial espionage are rather harder to counter. Lodge cites the example of a well known U.S. manufacturer whose Japanese rival was keen to topple it from its No. 1 position in the American market.

To achieve this, the Japanese firm bought the scrap-metal plant where damaged parts from the U.S. company's machines were taken. It was able to find out the weaknesses of its rival's equipment, use this in its advertising and steal the lead from the competitor.