Protecting Automotive Intellectual Property from Insider Threats

  • Join the LiveStream
  • When: June 25, 2020 | 6 p.m. Central Europian Summer Time(UTC+02)

    Where: LiveStream

    Who: Cristina Lekati Social Engineering Security Specialist at Cyber Risk GmbH

    Protecting Automotive Intellectual Property from Insider Threats

    In the automotive industry, intellectual property (IP) is the differentiator and asset that is often most critical to business success and continuity. Whether we look at R&D, product development, CAD/CAE designs, software development and more, IP is always the core DNA that represents most of the value. It is also very vulnerable to theft. Most of the times, intellectual property is stolen by insiders, who have authorized access to that information or have contributed to their creation. They typically steal it while at work, during normal business hours and while pretending to be conducting “business as usual”. Because of that, detection becomes challenging. It is very difficult to detect illicit access from legitimate access. In addition, there is generally no indication of suspicious activity until the IP is in the process of being stolen or has already been stolen. This allows only an exceedingly small window of opportunity for detection and response. Due to current political, technological and other global developments that are causing sales to plummet, while forcing companies in the automotive industry to make tremendous investments into new technologies and products to keep up with the competition, it cannot be overlooked that the ever-present threat of targeting insiders for economic or industrial espionage is higher than ever. Insiders in key positions are either being recruited or targeted for theft during business travel, or other occasions when they are the most vulnerable. This presentation aims to shed light on the challenging topic of insider theft of intellectual property in the automotive industry. It will discuss the motives that lead employees to theft and/or the facilitation of third-party access to organizational assets intentionally or unintentionally. Despite the challenges, there are measures that businesses in the automotive industry can take to protect their intellectual property. Research has repeatedly found a clear link between insider activity taking place and exploitable weaknesses in security and management processes. Therefore, this talk will go on discussing the organizational factors enabling insider threat operations as well as countermeasures against them, by combining the lessons learned on insider activity prevention from the fields of counterintelligence, psychology, and cyber-security.

    About the Presenter:

    Christina Lekati is a psychologist and a social engineer that has dedicated her work life improving the security standards surrounding the human element. With her background and degree in psychology, she learned the mechanisms of behavior, motivation, decision making, as well as manipulation and deceit. She became particularly interested in human dynamics and passionate about social engineering and insider threat activity. Contrary to typical career paths, her history and involvement in the cyber-security field started quite early in her life. Being raised by a cyber security expert, she found herself magnetized by the security field at a very young age. Growing up, she was able to get involved in different projects that were often beyond her age, that gave her an edge in her own knowledge and experience. Christina has participated among other things in penetration tests, in training to companies and organizations, and in needs and vulnerability assessments. She is working with Cyber Risk GmbH as a consultant and trainer on the human element of security. Christina is the main developer of the social engineering and insider threat training programs provided by Cyber Risk GmbH. Those programs are intertwining the lessons learned from real life cases and previous experiences with the fields of cybersecurity, psychology and counterintelligence. They often cover unique aspects while their main goal is to inspire delegates with a sense of responsibility and a better relationship with security. Being committed to sharing knowledge and expertise, Christina is also an international speaker. She has been invited to participate in a variety of cyber security events around Europe, the USA and Asia, raising awareness and educating people on social engineering techniques, insider threats, and the psychological elements involved in human hacking.

    Visit Speaker Profile