A Quick Start Defensive CI Checklist

May 31, 2016

What is competitively sensitive data (CSD)? CSD includes data from which a third party can reconstruct your trade secrets as well as data which, if accessed by competitors, would diminish your competitive advantage and/or improve theirs. That varies from firm to firm and could be customer lists, product formulations, pricing tactics, total sales and profits, or employee incentive systems.

Very few firms worry about restricting the way their competitors may be able to access CSD. Even fewer firms have formal defensive CI programs. However, there are a few simple first steps that all firms and individuals involved with CI can take to protect against their competitors’ actual or potential CI activities.

Here is a short check list to get started:

  • Identify which of your data is truly competitively sensitive.
  • Assess your current CSD inventory. In particular, check your business web sites as well as the firm’s social media sites, such as postings on YouTube and Face Book for CSD already in plain sight. Take it down at once. Check employee sites for similar leaks and alert them to take action.
  • Know where your firm produces and stores CSD, who has access to it (including third party contractors), and why they have that access.
  • Minimize your CSD footprint. Restrict access to CSD by your personnel and third parties. Base that access not on trust or previous reliability, but only on a real, current need to know.
  • Train all employees, particularly those that are customer-facing, such as sales and support, on what CSD is and how to spot efforts to get access to it.
  • Work with third parties who have access to your CSD to sensitize them to the need to protect it. Make sure your agreements with them cover this point.
  • Work with corporate security to reinforce protections against the accidental release of CSD as they do with trade secrets.
  • Make sure employees and third parties know who to notify if they suspect the possible leak or loss of CSD.
  • Don’t over react. CSD usually loses its value over time, so don’t try and protect everything from everyone forever.

Skills of CI analysts and collectors

May 25, 2016

When talking about the different skills of CI analysts and data collectors, I often use the example of two fictional detectives: Rex Stout’s Nero Wolfe and Archie Goodwin. For those who are not familiar with these two, let me give a brief summary:

Nero Wolfe was a large (1/7th of a ton) man who rarely left his New York residence. He usually sent a detective, Archie Goodwin, to collect evidence for him to analyze at his home, where he always solved the mystery.

So I point to Nero as the ultimate analyst and Archie as the ultimate collector. (BTW, my brief description does not do justice to a series of over 3 dozen wonderful detective novels.)

However, when assigning tasks, hiring staff, or evaluating your own skills, you need a little more guidance. Let me provide a working list of some key skills for analysts and for data collectors[1]. For you DIYers, use this to see where you are strong, and, more importantly, where you are not:


For CI Collectors For CI Analysts
Quickly identify and master relevant primary and secondary sources, their reliability, and validity Analyze creatively – be able to put yourself in someone else’s place
Know how to access and manage both internal (i.e., networks) and external resources Use both inductive and deductive reasoning
Recognize anomalies in data and work around them Have overview of basic analytical models and ability to apply them
Continuously develop and refine research skills Know when to use advanced analytical tools such as psychological profiling, patent mapping, etc.
Understand when and how to apply elicitation interviewing techniques Recognize and deal with inevitable existence of intelligence gaps and blind spots, both personal and of data sources
Know when to stop collecting data Know when to stop analyzing data
Adhere to ethics and policies associated with data gathering Develop and deliver actionable analyses and recommendations

[1] This list is heavily adapted from a working list I developed in conjunction with Dr. Ben Gilad several years ago.

Ready, fire, aim

May 18, 2016

A recent syndicated article by Washington Post’s Sarah Halzack[1] dealt with the rise of fast-casual dining and its impact on the overall restaurant industry. Her conclusion is that, based on new industry research, fast-food and fast-casual restaurants “are essentially siloed”. In other words, with a few exceptions, their customers tend to stay with similar types of restaurants and do not cross-over.

But is that what the restaurants see? She says that they see instead headlines like “How Chipotle is killing McDonald’s”. With respect to that, she notes that Chipotle “might be better off not trying to emulate Taco Bell’s new breakfast menu, but instead trying to win over Panera customers.”

For those of us in competitive intelligence, we see here a classic case of skipping one of the first steps in a competitive intelligence assignment – determine who are your competitors – really!

In these cases, it seems that it took a third-party researcher to do the unthinkable – find out what a firm’s actual and potential customers see as its competitors, rather than what management or trade publications or strategy consultants or financial analysts know/guess is the situation.

You are warned.

[1] “What we get wrong when we talk about the fast-food wars”, Washington Post, May 11, 2016.

Defend Trade Secrets Act

May 11, 2016

The President of the United States is expected to sign a bill called the “Defend Trade Secrets Act” (DTSA) which has been passed by both the House of Representatives and the Senate.

This bill is a supplement to the Economic Espionage Act of 1996 which, broadly stated, protects trade secrets from theft by federalizing that theft. This new bill amends federal law to create a private civil cause of action for trade secret misappropriation.

What does that mean? Well, more precisely, DTSA permits the owner of a trade secret to file a civil action in a U.S. district court seeking relief for trade secret misappropriation related to a product or service. It provides traditional remedies, such as an injunction and damages.

What is of most interest is that a trade secret owner may apply for, and a federal court may grant, a seizure order to prevent dissemination of the trade secret if the court makes specific findings, including that an immediate and irreparable injury will occur if seizure is not ordered. As one source notes, “The DTSA allows a federal court to seize property and prohibit the dissemination of the trade secret ‘ex parte’ (without advance notice to the former employee) in ‘extraordinary circumstances’.”[1] That court must take custody of the seized materials and hold a seizure hearing within seven days.

From the other side, any party harmed by the order may move to dissolve or modify the order and may also seek relief against the applicant of the seizure order for wrongful or excessive seizure.

In other words, DTSA allows a firm to stop the further dissemination of a trade secret as soon as it is discovered. What is also important is that while this allows a business to sue in federal court, it does not require it to do so. It can still sue in a state court under state law.

[1] What You Need to Know About the Federal Defend Trade Secrets Act of 2016 by Travis Crabtree, Michael Kelsheimer, David Lisch (Gray Reed & McGraw, P.C.), 5/6/16.


May 5, 2016

In the past, I have mentioned in passing that multitasking is not necessarily a valuable skill[1], but rather that it is an inefficient way to work. A recent piece in the Washington Post, “Multitasking is actually kind of a problem — for kids and adults”, has put additional focus on this.

How can we deal with this – given that our workplaces and our personal performance seems to demand that we multitask (excuse me, I just got an unimportant text on my smartphone I have to read). Now, where was I?

Oh yes, how should you deal with multitasking?

First, recognize that it is not a sign of efficiency, but rather it is becoming recognized as being very, very inefficient. When multitasking, you are not concentrating on any one of the tasks, but merely “handling” all of them.

Second, when you need to learn something, whether it is in a training session or in self-study, protect yourself, if possible isolate yourself, from multitasking. Why? Because research increasingly indicates that your ability to retain what you are supposed to be “studying” or “learning” while multitasking is diminished – possibly substantially.

Third, consider politeness. If you are talking with someone, not only is it inefficient to try and deal with an email or text, it is impolite. Rudeness is not a step on the path to learning to work with others. Maybe that is why multitasking is associated with other asocial attitudes.

Fourth, by using multitasking to handle a variety of items, you are not learning how to prioritize. If everything is important, then nothing is important. And your work product will eventually show that.

Fifth, learn to do things differently. Does every email you are copied on demand a reply or acknowledgement? If so, why? Is that a sign that everyone needs to be on board, or just a sign of another’s inefficiency brought out by multitasking? You know (oops excuse me, a just got a new “friend” on Facebook). Ok, now…yes. If you want to contact some people, it is too easy just to contact all of them, particularly if they are already on the email you are replying to or forwarding.

Sixth, separate business from personal. Use your business email only for business. Do not use it to set up a birthday party for a fellow employee, or to forward a joke, or to get a confirmation for an Amazon order. Set up and use a personal email for all non-business activities. Then check that only on your time, not on company time.

Seventh, do not get drawn into multitasking because others are doing it. It is bad enough that you dress yourself the way others do. Do not buy into this bad habit just because others cannot deal with their problems with it. Think of shutting off the smartphone during meetings. And, from a CI point of view, you should not be using your smartphone for any business communication while in public places where others can hear what you say or see what you see. Protect your firm’s information.

Eighth, structure and pace things out. Now, ideally, you should set some (reasonable) goals every day when you start work. If possible, try to aim at completing specific things by specific times. And do not allow yourself to be distracted while doing that. If you know you are aiming to finish a presentation by 10 AM, you are a lot less likely to allow a routine email to interrupt it. Also, take a break, at least a mental one, between tasks. Start by appreciating that you completed one task. Then do something to clear your mind. Maybe this is the time to check the inbox (not during a meeting with the new product development team). Or maybe you can play one hand of solitaire or Mahjong. Or just stand up and take a few steps.

In short, treat multitasking the way you would treat having to type on a smartphone while on a trampoline – it is the most inefficient way to work, and something to be avoided at all costs.

Sorry, that’s all I can do now – LinkedIn just sent me a note about how many people viewed my profile, so I must go and check who they are.

[1] https://diy-ci.com/2015/07/14/this-is-your-brain-on-ci-part-2-of-3/ ; https://diy-ci.com/2015/09/10/millennials-and-competitive-intelligence-part-1-of-2/ ; https://diy-ci.com/2015/09/15/millennials-and-competitive-intelligence-part-2-of-2/.