The U.S. Department of Justice (DOJ) has again postponed the sentencing of the former DuPont scientist who admitted he stole $400 million in intellectual property from the company.
The former employee, Gary Min, who worked as a research chemist for DuPont for 10 years before accepting a job with competitor Victrex in October 2005, pleaded guilty on Nov. 13, 2006, to stealing trade secrets. His sentencing, already delayed once, is now scheduled for Oct. 18.
Min, also known as Yonggang Min, faces a maximum prison sentence of 10 years, a fine of up to $250,000 and restitution. He admitted downloading 22,000 sensitive documents and viewing 16,706 more in DuPont's electronic library.
That made him the database’s most active user, according to prosecutors. After months of accessing the intellectual property unimpeded, Min informed DuPont that he was leaving the company in 2005. DuPont noticed his unusually high data-access rate within the library after he gave notice and contacted the DOJ .
After Min left DuPont, he transferred 180 DuPont documents to a Victrex-owned laptop after switching jobs.
According to figures from the U.S. Secret Service, 75 percent of intellectual property thefts are perpetrated by employees.
While it's likely that DuPont had policies in place specifying who could access what types of information, policies only go so far, Phil Neray, vice president of marketing at Guardium, told SCMagazine.com, saying, "Policies are important, but you have to have [automated] tools in place to enforce those policies."
Wain Kellum, president and CEO of Trusted Network Technologies, told SCMagazine.com today that this case is a prime example of a company underestimating the value of its information assets.
"Information assets have become the third category of a company's valuable assets," he said. "[DuPont may have forgotten that] information assets are every bit as valuable as its physical and financial assets."
Corporate managers are only now beginning to realize this, he added. In any case, until recently, automated tools to monitor this kind of internal activity weren't available.
Putting automated monitoring systems on a corporate network gives enterprises two key tools in combating insider threats, added Neray.
"They allow identifying the unlawful activity with real-time alerts, and they create a body of forensics-quality evidence the enterprise can use [to prosecute]."
Click here to email West Coast Bureau Chief Jim Carr .
