About UsContact UsOther ResourcesLibraryCareersDynCorp International
Course Catalog Search: <-Simple  
  Is Somebody Dulling Your Competitive Edge?

Successful companies recognize that information fuels the competitive process, and by protecting their own information, they can keep a sharp competitive edge

More and more companies, across many industries, are employing the Competitive Intelligence (CI) process in order to remain in the hunt for market share. These companies recognize that information fuels the competitive process. By protecting their own information under changing conditions and rules, they can keep their competitive edge sharp. And, by their participation in this process, corporate security professionals increase their value to the organization in substantially greater ways than ever before.

Some firms rely on CI consultants to collect information that eventually goes directly to the bottom line. Others, after demonstrating proof of principle with consultants, are developing in-house CI staff. In both cases, companies find that they can employ legal and ethical means to collect, analyze and report intelligence about competitors in a much more comprehensive way than ever before.

And, because the CI process is legal and ethical - and highly effective - it requires a considerably different approach to protecting the information that leads to competitively valuable insights: new product launches, changes in pricing strategy, mergers and acquisitions, new manufacturing processes, to name just a few.

Indeed, in company after company where we've helped build internal CI operations, the same question is invariably asked by senior management: "If we can get this kind of quality information about our competition, how effective is our security department in protecting our competitive edge?"


The consistent answer is that traditional security approaches, focussed on criminal and/or unethical issues, are rarely effective in providing countermeasures to competitive intelligence collection activities. And that's not surprising, given the fact that they're working against wholly different threat actors and methods.

To better understand this distinction, consider that national governments around the world separate their criminal investigations and counterintelligence agencies. Counterspies are rarely on the trail of bank robbers or narcotics dealers; conversely, beat patrolmen don't try to prevent the loss of national secrets to an intelligence agent. Simply, the approaches are so different that the methods of dealing with them have to be significantly different too.

Taking a page from the international intelligence operations book, smart companies are developing Competitive Intelligence Countermeasures (CICM) functions which provide an active - rather than reactive - alternative for dealing with the changing business environment. Before describing CICM functions, it may be helpful to look at the Competitive Intelligence process itself.

The nature of Competitive Intelligence.


Making effective use of available information demands a rigorous, focused and disciplined collection and analysis program. Moreover, the information can not have been obtained wrongfully. Beyond the normal, ethical and `good business sense' issues, competitors are typically using methods that have been approved in advance by the corporate counsel. These factors help to distinguish the increased use of the CI process from industrial espionage - CI's illegal cousin with whom it's often confused.

CI develops information sources across the board - some that can be controlled and some that can not. These include oral and written inquiries of people inside a company, people and organizations outside the firm who know a great deal about a company, and the explosion of publicly available information. A central principle of CI is that information of great value - to you as well as to your competitors - is in the hands of people who reveal it for a variety of reasons. And the reasons are not always malicious. Instead, most often they reveal it because they don't understand the value that each piece has when taken together with others in an analytical process.



The competitive intelligence cycle, depicted in Figure 1, is driven from start the top of a company or division - wherever strategy is developed and senior-most decisions are made. Once those strategies are developed, and information needed to support strategy and further decision- making is identified, the collection requirements are defined. Once defined, the requirements - as tasks - are assigned to the individuals or groups who can be expected to have the greatest access to the targeted information.

Following collection, the raw information is processed or transmitted to those who are in the best position to analyze it, evaluate it and develop it into an actual intelligence product. This "actionable" intelligence is then disseminated to those who need it. In turn, they can make decisions about the actual competitive environment without the subjectivity or bias that often result from trying to operate in an information vacuum. The process begins anew, with additional requirements inevitably flowing back into the cycle from the decision-maker who now knows what other, specific informational needs have to be satisfied.

Clearly, this is not the type of process that is practiced by the typical criminal actor - the one against whom traditional security efforts are directed.

Traditional security programs emphasize the protection of a company's assets - physical, personnel and intellectual - against theft, break-in, clandestine electronic surveillance, and the like. They do little to identify and protect the information that is the stock in trade of the CI professional. Neither is the typical security program closely associated with the profit side of the business; instead it's altogether too often viewed as an obstructive cost center.

On the other hand, when properly organized and operating, a corporate CICM program contributes directly to the business side of the company's operation. It can not only help maintain the competitive edge, it is often engaged directly in honing it as well.



Corporate Approaches to Protecting Proprietary Information

Most companies today realize the value of information and the potential for competitive loss when that information is compromised. From an overall security perspective, companies tend to fall into one of the following three categories:

  1. Some companies rely on traditional physical and personnel security programs. Absent any real assessment of the value of the information, however, such procedures are generally seen in their best light as a necessary cost of doing business; less favorably, they're seen as impediments to everyday business activity; and in their worst light, as infringements on the basic rights of the employee.

  2. More proactive companies have instituted programs that seek to assess - and protect - the actual value of corporate security programs to the bottom line. In some of these cases, there even evolves a somewhat systematic process. The most refined of these establish a cyclical process similar to the intelligence collection process at Figure 1. In these cases, management becomes more involved in defining what is needful of protection as shown in Figure 2.

  3. The third group of companies, comprised of what Total Quality Management practitioners would call "best-in-class," have developed CI and CICM linkages that set them apart from others. And, as shown in Figure 3, senior management plays a significant role - both as an actor as well as a beneficiary. Concurrently, the value of the professional security practitioner increases because of the closer interaction with senior management and heads of profit centers - not a small thing when security management is often deeply affected by downsizing and business process re-engineering. And, having a rigorous, definable and systematic approach to security operations allows process- oriented management to more clearly appreciate and value the contributions of the security function.


A Corporate Competitive Intelligence Countermeasures Program

In the integrated model, the intelligence collection cycle is complemented by, supported by, and often feeds the countermeasures cycle at the analytical and dissemination stages as described in the discussion of the five elements of the CICM process.

Defining Protection Requirements

At this stage of the cycle, two inputs drive the CICM effort: direct tasking from the decision-maker and the need to independently validate some of the efforts of the CI collection effort.

The decision-maker or strategist provides the framework to help determine what is critical to success - what needs to be protected. For security practitioners, such a top down emphasis is often a welcome relief from the `voice crying in the wilderness' role that many have had to play. Questions that need to be asked and answered at this stage include:

  • How long do we need to keep the project under wraps?
  • What is the most critical element of the new product?
  • Which parts of the company are going to be involved and to what extent?
  • What is already known (or should be expected to be known) about the project/product?

The CICM approach also assists the CI collection effort. It includes a variety of devices to ensure that the information that is being collected, analyzed and reported is not misinformation designed to lead the collector down the wrong path. A multimillion dollar product development and launch in the building controls industry is a case in point.

Johnson Controls learned that rival Honeywell was trying to learn all it could about a new building control system while it was in the beta testing stage. Called LOBA by Johnson, Honeywell heard about it as LOBO. As a countermeasure, Johnson Controls introduced a rather routine upgrade to an existing system under the name of LOBO to conform to Honeywell's expectations and they did it with great fanfare.

Honeywell examined "LOBO" and found it to be nothing special - which indeed it wasn't. They abandoned their crash project to counter what they had thought Johnson was bringing to market. Johnson Controls was able to keep their original development and launch schedule, introduced LOBA (renamed Metasys) almost a year later. Honeywell was caught napping. Johnson Controls synergy between the CI and CICM functions permitted them to enjoy more than a year to consolidate their dominance of a newly created market.

On the other hand, had Honeywell's process included one of a variety of counterintelligence analytical methods to help evaluate the information about LOBO, the huge market share that went to Johnson Controls could have been significantly diminished. In fact, Johnson's use of misdirection is only one of several CICM options that occur at the Countermeasures Development stage of the cycle.

Competitive Assessment

The focus in this part of the CICM cycle is on the competition's intelligence collection capability, and to its underlying, governing philosophy.

For example, some companies rely solely on a part-time librarian to periodically scan the literature related to their industry. Often, these companies pay little real attention to individual competitors, focussing instead on broad trends and developments. Such a company will rarely be able to use that research to anticipate and counter your marketplace moves simply because the information is of more historical than current value.

Conversely, learning that your competitor's sales forces' compensation program has just been redefined to encourage collection and reporting of competitive information can be an important indicator. It may show that the competitor is becoming more of a consumer of the intelligence product. The competitor's collection methods will become more and more sophisticated - translating of course into a greater challenge for the CICM program.

Last year's change in leadership at Kodak offers an excellent case in point about the extent to which operating philosophy of the competition figures into the CICM cycle. Kodak, led by the courtly and gentlemanly Kay Whitmore was in sharp contrast to the style of George Fisher at Motorola. Indeed, Motorola had long been considered one of the premier competitive intelligence consumer firms in the world - ever since former Chairman Bob Galvin's stint as the Director of the President's Foreign Intelligence Advisory Board in the Reagan Administration.

With this history in mind, what should Kodak's competitors be doing to protect marketshare now that Fisher has left Motorola and replaced Whitmore at Kodak? On the financial side, the numbers are fairly revealing and openly available: since Fisher's arrival, Kodak's reported 1994 net income of $557 million ($1.62 per share) reversed 1993's losses of $1.52 billion ($4.62 per share). Obviously, not all of this turnaround can be attributed to the employment of intelligence principles - but study after study has shown the intelligence factor to be a significant discriminator between successful and unsuccessful companies across a variety of industries. And, aside from the numbers from the financial pages, there is a significant effort involved in evaluating your competition's CI capability.

Some of the questions that the CICM effort concerns itself with at this stage include:

  • What kind of an intelligence collection component do they have?
  • How is it organized?
  • What kind of success has it enjoyed in the past?
  • Where does it fit in the greater scheme of things (i.e., how much influence does it have within the competitor's structure?)
  • What kind of an intelligence analysis unit does it have and where is it located (i.e., at corporate, at business unit, et cetera)
  • What are their collection objectives and priorities?

Vulnerability Estimate

At this stage of the cycle, the CICM effort has been shaped by an understanding of what's valuable and needful of protection and by an appreciation of the intentions and capabilities of the competition to collect against the firm. Gaining the cooperation of the firm's competitive intelligence collection activity, the CICM effort now turns to creating a picture of the company from the outside.

By taking the competitor's view of the company, sometimes called a Red Team approach, the CICM effort can gain a clear understanding of what the company's vulnerabilities are to competitor collection efforts.

Questions asked by the CICM effort at this stage include:

  • When and where does our critical information exist?
  • How is this information vulnerable to exploitation?
  • When does our competition need to have our critical information in order to respond to our initiatives effectively?
  • How are we vulnerable at our communications nodes?
  • What alternative communications do we have at our disposal?
  • Who are our vendors, suppliers, customers, distributors, consultants and other indirect employees or associates?
  • What is it that they already know about our operations, plans, strategies, capabilities and weaknesses?
  • How do they handle information of importance to us?

The basic principle operating here is simple. If the in-house CICM efforts can gain access to certain pieces of information - from the outside - and form accurate assessments of the critical element(s) needful of protection, then so can the competition. Armed with these insights about the company's or project's vulnerabilities, the CICM effort can be turned to the next phase in the cycle.

Countermeasures Development

Building on the preceding steps, countermeasures can be developed that are appropriate to the level of vulnerability measured against the competitors' ability to collect items of critical information. Once these steps have been completed, cost-efficiencies can be built into the development of countermeasures.

Unfortunately, countermeasures planning begins to follow the classical patterns of risk avoidance or risk containment. This "one-size-fits-all" kind of an approach tends to emphasize bigger fences and more access controls. More cost-effective risk management strategies prioritize the vulnerabilities based on an assessment of their value to the firm and potential for compromise measured against their costs.

In developing risk management validated countermeasures, the CICM effort begins simply with such questions as:

  • What standard security practices - already in place - can satisfy the need to protect your critical information?
  • What critical information cannot be protected by such standard security practices?
  • What will be appropriate additional measures, and what will each cost?

Business issues arise at this point with questions such as:

  • What is the potential value of our anticipated market share?
  • How likely is that they will correctly interpret available data about:
    • dates, times and places of critical tests and evaluations?
    • dates, times and places of critical production elements?
    • dates, times and places critical to product introduction?
    • your marketing plans, strategies, pricing, segmentation?
    • your test marketing results?
    • your production capabilities?
    • your technical competencies?
    • your planning and overall effectiveness?
    • your leadership's professional histories?

Implementation of Countermeasures

Countermeasures run the gamut from the management of perceptions (in the Johnson Controls case cited above) to developing information about how your own competitive intelligence element operates. In this area, it is helpful for the CICM effort to be knowledgeable about what your own CI element is attempting to collect against your competition, their products, activities, reactions to your firm's initiatives, et cetera.

Some of the more aggressive firms undertake countermeasures that are not definitely not intended for the faint-of-heart. For example, if you have decided to use certain diversionary techniques, a committee should help devise the ground rules. One firm, tired of patent infringements by two competitors, walked the line with their corporate counsel when they started filing patent applications for processes they knew did not work. The competitors, who had been successfully leapfrogging the company for years were confronted with huge costs for wasted efforts that were doomed from the start.

In another, one of our aerospace industry clients had a CI unit that was so successful in helping win large government proposals that they became the target of a competitor's CICM effort. In essence, it involved a reasonably sophisticated and determined project to discredit and destabilize them within their own company. The reasoning was obvious and simple, although the solution set for the client was rather complex.

Other countermeasures are somewhat less demanding and complex. They can run the gamut from enhanced awareness training about the nature, type, extent and successes of CI efforts in today's marketplace to special techniques to deal with the elicitation strategies employed by CI professionals. Some of our CICM practice's clients have found it helpful to change the rules under which their firms continue relationships with outside organizations. This is especially true of those who have to submit information to government agencies.

Indeed, CI professionals typically begin significant projects by making requests under the Freedom of Information Act to government agencies that are the repositories of important information. If part of your present information security process does not include some form of monitoring FOIA requests to government agencies about your company, you are not getting the minimum "sight picture" on who is trying to collect information about your firm.

Countermeasures Analysis

There is considerable strategic value to an analysis of that the competition's reactions are to your countermeasures program. Not only does it help to protect your critical information but it also assesses the value of the CICM process itself. When an analysis of a firm's countermeasures is combined with the competitive analysis, the combination adds considerable value to both products. Additionally, it provides senior leadership with the complete picture of the marketplace in the same way that a military commander is presented with a complete intelligence picture of the battlefield. The clear result is an improved management ability to reach decisions based on the best and most comprehensive information available.

Competitive Insights to Competitive Advantage

It's clear that more and more companies appreciate the value of competitive intelligence. They see how it helps to sharpen a company's competitive edge. Critical to maintaining your company's competitive edge is knowing what the competition knows about you and how they got it.

Once you are really able to protect yourself, your firm's strategists and decision-makers can gain competitive insights. Insights that translate into competitive actions. Actions that translate into competitive advantage.

And, when you still have a competitive advantage to protect, the circle is complete.

 




 

 

 

 

 

 
©2009 DynCorp International, all rights reserved.
Home Home