WPF Risk Summit

Countering cyber threats

Institutional investors need to be conscious of cyber threats, especially from the Chinese, who are interested in macroeconomic changes that may result in large amounts of money moving around, according to James Mulvenon, vice president of the defense group at the Center for Intelligence Research Analysis.

Mulvenon says the risks to companies of their intellectual capital being stolen is a real threat, and that the disappearance of companies such as Nortel and the recent Cisco Systems court battle were examples of the Chinese stealing data.

“We don’t know the scale of the problem, but we know it is getting worse because of us moving to the cloud and the general use of technology.”

According to Mulvenon the risk mitigation techniques should not be about keeping Chinese hackers out, but about managing them when they are in.

“I no longer spend money on defense networks to keep them out, but on monitoring networks on what is going on within the network.”

Mulvenon, a Mandarin speaker, says the Chinese are motivated to steal data in a bid to deepen their economy.

“For 25 years their economy has been shallow. We send them our components, they assemble them and then send them back. There are few global Chinese brands.”

In 2006 the Chinese government set out a plan to 2020 that had indigenous innovation at its core, and this included getting technology out of Western companies.

The good news is that most sophisticated companies in the US are running their own counter-intelligence operations with fake servers and information.

In addition, Mulvenon says he is not convinced that the Chinese would get “full utility from the information they are stealing in this cyber espionage”.

He advises institutional investors to look at their own organisations and those they invest in, and ask what is being done to protect data.

Mulvenon was a keynote speaker at the Risk Summit, convened by World Pension Forum and Conexus Financial, publisher of