Recently, Tesla has been at the center of yet another insider incident, this time involving custom software. While Tesla has contended publicly with insider threats in the past, this particular incident could potentially be the most damaging one to date. The details should cause anyone involved in cybersecurity for organizations to take a minute to reflect on your own capabilities and strategies. If your organization needs a comprehensive assessment of your insider risk management program by a team of experts, contact ITMG right away. What happened at Tesla could happen to any organization – including your own.
Intellectual Property Theft
According to a report by Yahoo Finance, Tesla is suing former engineer Alex Khatilov for stealing the company’s proprietary “Warp Drive” software, which is used by the company to automate purchasing as well as other systems. The engineer had allegedly begun stealing files from the company within three days of starting to work for them by copying thousands of script files to his personal Dropbox account. Moreover, Tesla is accusing Khatilov of lying to investigators to cover up his theft and warned that not all of his actions have been uncovered as of this point. Tesla has been known to be very protective of its technology and has sued other companies in the past for hiring former Tesla engineers who brought their trade secrets with them.
What Does This Mean for Your Organization?
Clearly, this incident should ring some alarm bells for insider risk management personnel all over the world. While a new employee stealing intellectual property within three days of their employment is a particularly brazen incident, it can still happen and should be planned for as part of your organization’s comprehensive insider threat strategy. Screening potential new hires is essential to protecting your organization, especially those who are expected to have access to your sensitive data from day 1. Having clear and coherent policies in place for employees is also extremely important. While it’s highly likely that Tesla had clear policies prohibiting the usage of personal cloud storage to store company data, and those policies didn’t stop this one engineer, it’s still important to have those rules in place.
Finally, the incident highlights the critical role that monitoring software can play in protecting your organization. It’s true that Tesla will suffer some organizational damage as a result of this employee’s actions, but they would have suffered even further had the activity not been caught sooner. While the exact details of how Tesla caught this individual are vague, it’s highly likely a user or data activity monitoring software played a pivotal role.
Contact ITMG to Assess Your Current Capabilities and Develop Strategies and Protocols Designed to Help Your Company Mitigate Your Insider Risk
ITMG is an industry leader in helping organizations throughout the United States strengthen their insider risk management programs and secure sensitive data and intellectual property. Our team of bona fide experts has the real-world experience necessary to plan out and create holistic security solutions tailored to the special needs and risks in your industry. Contact ITMG today to learn more about how we can help! You can also visit our Facebook, Twitter, and LinkedIn pages for more updates and insights into the world of insider risk management.