Category: Threats to small businesses

How to gain information on your competitor using the OODA Loop

Gaining information on a competitor is very easy with the use of technology. Gathering the information is the first step. I believe using Colonel John Boyd’s OODA loop is a great way to do this.

The OODA loop is the decision cycle of observe, orient, decide, and act, developed by military strategist and United States Air Force Colonel John Boyd. Boyd applied the concept to the combat operations process, often at the operational level during military campaigns. It is now also often applied to understand commercial operations and learning processes. The approach favors agility over raw power in dealing with human opponents in any endeavor.

The OODA in OODA Loop is an acronym that stands for:


The following OODA Loop is useful for small business owners:

  1. Observe: First thing you do is to observe what your competitors are doing. You do this by looking at their webpage, social media presence, ads they are running, and good ole spying by walking in their establishment (if a standard business) or watching what they do online (internet business). Then you take this information and analysis it.
  2. Orient: Secondly, you orient by reviewing what you are doing in business, understanding where you are financially and in the market. This phase is used to understand what your strengths, weaknesses, opportunities and threats are.
  3. Decide: Third, you decide how you will respond to your competitor’s advantages or disadvantages. You analyze and synthesize the information and come up with ideas on how you will copy (legally) or counter what your competitors are doing by understanding their tactics, techniques, and procedures.
  4. Act: the last option is to use the information and act on it. If you want to copy what your competitor is doing, go for it. If you want to counter and exploit a weakness your competitor has from what you have learned in the previous steps, go forth and conquer. The key to OODA loop is stay fluid and having a plan to flex when you need to. The resilient small businesses consistently find new innovations to succeed, and that starts with having an entrepreneurial mindset.

How Chip Kelly Revolutionized the NFL with the OODA Loop


Counterfeiting threat to small businesses

Many inventors face challenges by counterfeiters who try to destroy their business by copying a small businesses design and stealing their intellectual property. Small business owners and entrepreneurs must be aware of this modern day threat of bootlegging.

Cat Fight! How These Inventors Beat the Counterfeiters That Nearly Destroyed Their Company.

The Big Business of Fashion Counterfeits

Don’t Buy Fake: Help Us Combat Counterfeits

  • Know exactly what you are purchasing and who you are purchasing from.
  • Protect yourself and your family by buying only from reputable sources.
  • If a price for an item seems too good to be true, there is probably a reason. It very likely is a fake.
  • If a website seems suspicious, there is probably a reason for that, too. The operator may be selling counterfeit goods.

“The dangers of buying counterfeit products aren’t always obvious. There are economic impacts, legal implications, and health and safety risks that are important for you to know before you buy. When traveling, buy from reputable sources.


IPR health and safety infographic

Economic Impacts – Each year, CBP seizes all kinds of counterfeit products from all over the world. Counterfeiters look to make profits by making fake versions of the hottest products as soon they are available on the market. Each time you buy a counterfeit good, a legitimate company loses revenue. This translates to lost profits and U.S. jobs over time. Know who you buy from.


Health and Safety – Counterfeiters don’t care about your well-being. They just want to make a profit. Many counterfeit products are low-quality and can cause injuries. Last year, CBP seized more items that pose health and safety risks than ever before. The top three categories were personal care, pharmaceuticals, and consumer electronics. Protect yourself and your family by avoiding potentially risky items.


IPR products seized infographic


Legal Implications – It is illegal to purchase counterfeit goods.  Bringing them into the United States may result in civil or criminal penalties. Purchasing counterfeit goods supports criminal activities such as money laundering and trafficking in illegal guns and drugs. Remember, if it seems like a steal, it is.

E-Commerce – E-Commerce is a growing segment of the U.S. economy and has been increasing significantly for the past several years.  Consumer habits are changing as the internet allows individuals to make purchases online.  These advances in economic activity have led to increasing volumes of imports of small, just-in-time packages, creating inspection challenges for CBP.  E-Commerce shipments pose the same health, safety, and economic security risks as containerized shipments, but the volume is higher and continues to grow.  Additionally, transnational criminal organizations are shipping illicit goods to the United States via small packages due to a perceived lower interdiction risk and less severe consequences if the package is interdicted.” (Source: “Fake Goods, Real Dangers”)

Imitating property is theft

What’s Intellectual Property and Does China Steal It?: QuickTake

Record Number of IPR Seizures in FY17 for CBP, ICE

Release Date:
March 5, 2018

The agencies broke last year’s record by 8 percent

WASHINGTON — U.S. Customs and Border Protection (CBP) and U.S. Immigration and Customs Enforcement (ICE) seized a record number of 34,143 shipments of goods that violated Intellectual Property Rights (IPR) in FY2017. IPR seizures increased 8 percent over FY2016 and for the second year in a row, CBP and ICE seized more than 30,000 shipments of counterfeit and pirated products. The total estimated manufacturers’ suggested retail price (MSRP) would have been $1.2 billion had the products

IPR backpacks seized by CBP
CBP Charleston Intercepts Counterfeit
Bags Ahead of Back to School

been genuine.

“The theft of intellectual property and trade in counterfeit and pirated goods causes harm to an innovation-based economy by threatening the competitiveness of businesses and the livelihoods of workers,” said CBP Acting Commissioner Kevin McAleenan. “Another record-breaking year of IPR seizures highlights the vigilance of CBP and ICE personnel in preventing counterfeit goods from entering our stream of commerce and their dedication to protecting the American people.”

The Insider Threat

Every business has to deal with threats to their business, but an insider threat is something many take for granted. Sometimes the threat is really from inside…

The definition of an Insider Threat is

An insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization’s security practices, data and computer systems.

Oblivious Insider. This insider threat takes after its namesake, and it’s a top cause for data breaches in today’s world. These insiders have important access to company files, and they’ve been compromised from the outside without knowing. This most likely came to be when they clicked on a malicious phishing email that granted the criminal access.

Negligent Insider. These employees are most vulnerable to phishing emails. Due to lack of security education, or simply their interest in bypassing workplace protocol to meet efficiency, these individuals are a top threat to data loss.

Malicious Insider. This is where the insider crosses the line, and data loss becomes intentional. They seek to delete important company information, and inflict financial harm in some way. Luckily, there are several behavioral trends that fellow employees and managers can watch out for to ping these insiders.

In an article from May 2016, the Wall Street Journal referenced a Deloitte “Dbriefs” report in which they present some alarming numbers on corporate malicious activity by trusted insiders:
• 92 percent of insider threat cases were preceded by a negative work event, such as a termination, demotion or dispute with a supervisor.
• 97 percent of insider threat cases studied by Stanford University involved an employee whose behavior a supervisor had flagged, but that the organization had failed to follow up on.
• 25 percent of employees have used email to exfiltrate sensitive data from an organization.

How pervasive is the insider threat in your company?
The Dtex 2018 Threat Report serves to bring to the forefront those areas where companies, and that is every company, big or small, can invest their resources to bring down the threat posed by their trusted insiders.”

Clearly, visibility on the need to focus on basic cybersecurity 101 is required. Richard Stiennon, IT-Harvest Chief Research Analyst and Charles Stuart University Lecturer, tells us, “Business needs to get out of the cybersecurity denial phase it is stuck in. To do this, it must accept that it needs more visibility into what’s going on in its environment.”




FBI 5 Best Practices For Combatting The Insider Threat In Your Business

  1. Focus on deterrence, not detection. In other words, create a culture that deters any aberrant behavior so that those who continue to practice that behavior stand out from the “noise” of normal business and the limited investigative resources that you have can be focused on them.
  2. Know your people, know who your weak links are and who would be most likely to be a threat.
  3. Use your HR data to narrow down threats rather than looking for a needle in stack of needles.
  4. Identify information that is most likely to be valuable to someone else and protect it to a greater degree than the rest of your information.
  5. Monitor ingress and egress points for information (USB ports, printers, network boundaries).
    Baseline normal activity and look for anomalies.