Blog Entries

The New England Patriots won three Super Bowl titles in four years, building an NFL “Super Power” in what many believe to be an era of unmatched competitive poise.

However, did this team—long considered a model of success and effectiveness—cheat to do it? Did the Patriots use means described by many as “spying” to gain that competitive edge? That is the pressing question as details emerge about the Patriots breaking NFL rules by secretly videotaping the defensive signals of the rival New York Jets this past Sunday.

In the NFL, information is relayed to players on the football field from coaches on the sideline in much the same way a baseball runner receives signs from the third base coach. As in baseball, most football teams use accepted methods (such as the naked eye from across the field) to attempt to “break” the signal code and decipher the opponent’s signs, thus gaining a competitive edge. Obviously, by knowing what play the opponent intends to use, a team can better prepare to counter it.

What allegedly happened with the Patriots—and presumably occurs with other NFL teams—is no different from what goes on every day in the business world. Companies of all sizes use various means, from legal and ethical competitive intelligence analysis to covert espionage and stealing of proprietary secrets, to proactively understand their competitors’ next moves. By identifying a competitor’s next move—whether it is new sales & marketing tactics, pricing strategies, product roadmap, or M&A plans—companies can blunt the competitor’s efforts, potentially reducing the loss of their own customers along with the associated revenue and market share.

In the business world, companies use various means of acquiring this information. I basically categorize competitive analysis into one of three categories:

1) Legal and ethical: This is the use of 100% legal and ethical means of gathering and analyzing competitive information. Examples include research involving both primary sources (first person collection of information from one-on-one interviews, surveys, and focus groups) and secondary sources (utilizing existing public information).

2) Legal but unethical: There definitely is a grey line in the world of competitive research. The legal system has not caught up with (or has ignored) current competitive research trends that utilize less than honest means. Remember, just because it is legal does not necessarily mean it is ethical. While billions of dollars are spent on IT and network security to prevent hackers from stealing digital information, experts in the art of “social engineering” are going right through a company’s front door and gathering confidential and proprietary information from unsuspecting employees. Social engineering involves the manipulation of people (rather than technology) to successfully breach an enterprise’s security. Social engineering remains the single greatest security risk, despite our advances in technology, and many of the most damaging security penetrations are the result of social engineering—not electronic “hacking” or “cracking.”

3) Illegal and unethical: Examples in this category include utilizing electronic eavesdropping devices, posing as someone you are not to gain non-public information (including some types of social engineering, such as “pretexting” and “phishing”), and hiring individuals to steal confidential information.

Also in the second category above (legal but unethical) is the issue of “human error.” Employees often do dumb things, like leaving behind confidential documents at a Kinko’s. In various media circles, former Patriots staffers allege that they were paid (or that they were instructed to pay others) to search meeting rooms of the visiting football teams’ hotels for strategic game-time documents. For example, it is fairly typical for a football team to script its first 10 to 15 offensive plays, and then distribute that list to players the night before a game. Often, extra copies of these and other documents get left behind in meeting rooms that anyone can pick up. This is equivalent of a competitor in the business world searching through the hotel meeting room just used by the board of the target company.

In Pittsburgh, wide receiver Hines Ward told a news reporter this week that he suspected New England had deciphered the Steelers’ offensive plans during the January 2002 AFC championship game.

“They knew a lot of our calls,” Ward said. “There’s no question some of their players were calling out some of our stuff.”

Whether your employer is a NFL football team or a top producing enterprise, you can limit the loss of strategy and confidential information by educating employees on information loss. Making employees aware that they can’t leave confidential information lying around—whether it is in a hotel conference room or online in an industry chat forum—is 90% of the battle.

By focusing on what is immediately controllable to reduce information loss, organizations can than move to the more complex task of limiting information that is lost through illegal and potentially criminal means.Until next time,

-Tim