Profile picture
Horkos @WylieNewmark
, 8 tweets, 3 min read Read on Twitter
This is a great question about corporate #counterintelligence and I’ve already seen smart responses from @jckichen @taosecurity and @QW5kcmV3. But I wanted to add my .02: No, you most likely wouldn’t. (1/n)
Others I’ve mentioned have made this point but it bears repeating: virtually all corporate entities lack the capability (human + technical) and authority to execute the kind of counterespionage action that would be necessary in this case. (2/n)
Note that I say “counterespionage” - the proactive, primarily defensive aspect of CI that is commonly referred to as “mole hunting” or “spy catching” - because I can’t think of a single corporation able to come at answering that question from the other, offensive side. (3/n)
If a MNC was able to figure out a malicious insider was spying on IR efforts for a FISS, it would likely be through some kind of counterespionage - or more likely insider threat detection - activity. And it wouldn’t necessarily be clear a FISS was involved right away. (4/n)
More likely, the malicious insider would be detected engaging with IR-related files. But that detection might (A) not be properly noticed and (B) might not in and of itself indicate a foreign intel angle. An LE+CI case by the gov is more likely to do that. (5/n)
More than likely, an asset for a foreign intel entity spying on an IR team would not necessarily be readily recognizable to corporate security for a variety of possible reasons. Not saying it couldn’t happen, but that’s a high burden of proof to meet. (6/n)
The offensive side of this would be, as @taosecurity put it, counterintelligence operations. This primarily translates into a human or technical penetration of a foreign intelligence entity that illuminates their activities. Don’t see corporations pulling that off. (7/n)
The private sector operating on its own behalf lacks the capabilities, resources, and authorities to do offensive CI - which is incredibly difficult and complex. So like I believe @QW5kcmV3 said, being targeted by a FISS is a risk many orgs must live with as best they can. (8/~)
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Horkos
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!