TL;DR: Budweiser’s parent company Anheuser-Busch claims that an insider stole valuable IP about its recipes and provided it to rival Molson Coors. This case points to the importance of employing user and data activity monitoring to quickly identify and investigate potential Insider Threat incidents.
What do beer and Insider Threats have in common? Much more than you’d think, based on the latest case between Budweiser’s parent company, Anheuser-Busch and Molson Coors, the maker of Miller Lite. According to The Wall Street Journal, the Bud Light brewer is accusing Molson Coors of obtaining secret recipes through an Anheuser-Busch employee. This insider IP theft case points to the importance of quickly identifying and investigating a potential incident in progress.
Here’s what we know about the case, and how organisations can mitigate similar risks, regardless of their industry.
Is an Insider IP Theft Incident Brewing?
According to the court filing, a MillerCoors employee allegedly asked an Anheuser-Busch employee for information about recipes for Anheuser-Busch beers. The Anheuser-Busch employee is accused of printing out screen shots of Bud Light and Michelob Ultra recipes and sending them to the MillerCoors employee. The filing also says MillerCoors had offered this Anheuser-Busch employee a job twice.
The case is the latest in a string of legal disputes between the two companies, which started with Budweiser’s 2019 Super Bowl Ads claiming that Coors Light and Miller Lite contained corn syrup. Although the new insider case is still being actively investigated, these types of corporate espionage claims are something to be taken extremely seriously, regardless of your industry.
Mitigating Data Loss from Insiders
You don’t have to be one of America’s largest brewing companies to experience data loss from insider IP theft. It can happen to any organisation with valuable data, including business or manufacturing secrets, customer data, financial information, health records, and more. Insider Threat motives can range from employee dissatisfaction, to financial stress, to revenge. Knowing these motivations is only one piece of the puzzle, but having a solid understanding of employee job satisfaction and wellness is a critical aspect of Insider Threat prevention.
Beyond prevention alone, organisations who have dedicated Insider Threat management defenses in place are at a distinct advantage over teams who choose to deploy a patchwork of externally focused, legacy security tools. Looking at the Anheuser-Busch case as an example, organisations can avoid data exfiltration through screen shots and printouts by using technology that combines user and data activity monitoring. That way, if an employee suspiciously attempts to move sensitive files, the security team would immediately get an alert about a potential incident in progress.
Investigating Insider Threat Incidents Faster
What’s more, incidents shouldn’t take months to investigate. Instead, Insider Threat management solutions like Proofpoint ITM can speed the time to investigate by 10x, by helping security teams identify valuable context into who did what, when, where, and why. Instead of sifting through endless security logs, analysts can quickly identify the exact moment a suspicious user activity took place, paired with information on the files that were moved off of a machine, and the method of exfiltration (e.g. screen shot, USB, printout, etc.)
Wondering if your cybersecurity defenses are up to snuff for an insider IP theft incident? Check out our white paper, “Which Security Tools Really Address Insider Threats?”