December 08, 2011, 12:20 PM — Early last week I posted a blog warning that any company trying to prevent theft of its intellectual property by employees should keep an eye on 37-ish caucasian males with jobs focused on technology.
The headline was accurate as far as it went; it just didn't go very far because most of the results of the study hadn't been released yet and I was trying to emphasize the point that demographic profiles are a dangerously unreliable tool to help track down data thieves. The study was sponsored by Symantec and is available under the title Behavioral Risk Indicators of Malicious Insider Theft of Intellectual Property: Misreading the Writing on the Wall” (PDF, free registration required).
It does profile middle-aged white males as the primary suspects, however, which is enough of a novelty for those of us who fit the profile to be more funny than threatening, partly because it's obviously wrong.
"I kind of wish we hadn't included that [profile] as part of the report, at least not so prominently," said Ph.D. forensic psychologist Harley V. Stock of Incident Management Group on the phone yesterday after I asked whether my picture and those of half the IT workers in America were included on the cover or in a Wanted: section of the report.
White males are overrepresented in technical jobs – especially in corporate IT – and 37 is a kind of general average of the ages of people working in corporations below the executive level, which is primarily where the study focused.
It's not that the profile itself is wrong, Stock said. It's just that the demographics are the weakest indicator the two researchers identified and the least interesting one at that, Stock said.
The important and most original finding in the research isn't what insider data thieves look like or how old they are, according to Eric Shaw, a Ph.D. clinical psychologist who co-authored the study, and who works as a clinical psychologist and security consultant in the Washington, D.C. area.
"Most people have abandoned static profiles as a useful diagnostic or investigatory tool," Stock said.
Reuters: Jim Young
