Sloane Logo Inline

Day 3 of The Case Study Series – Insider Risk and Undercover Operations

Our client was the CEO of a software development firm, he suspected a case of insider risk and asked for our assistance. Our initial consultation established that a competitor had released information which our client had strong grounds to believe had been stolen from his company. We recommended a multi-stage operation, aiming to detect the insider, ascertain why and how they were implicated, present evidence of our findings and prevent further theft of intellectual property.

The Deployment 

We positioned an undercover operator within the company to slowly establish who had a motivation or could be coerced into providing the information. Common reasons for someone becoming a threat to an organisation include disenchantment, an offer from another company, financial difficulty or even blackmail.

After investigating employee working patterns, establishing who was planning to leave the organisation, and whose attitude or demeanour had changed over the previous months, one employee stood out. There had been times when he had remained at work unusually late, had been noted as asking questions about projects he was not part of and had become moody, disassociating himself from other employees.

After several weeks, our undercover operator discovered that he was in the process of a divorce and was a frequent gambler, indicating that he could potentially have financial difficulty and therefore a motive to sell information.

Once we had enough evidence for reasonable suspicion, we mounted an operation of false information dissemination. We then monitored his activity and were able to establish that he was accessing documents relating to our campaign. Our monitoring then detected that he had printed the documents, and we had enough evidence to set up a surveillance operation against him.


One afternoon he left work and instead of his normal routine of travelling home via underground, he walked for several minutes before hailing a taxi and travelling some distance to a bar. He was acting suspiciously, frequently turning around to look behind him, and making random stops which we surmised was a crude attempt at anti-surveillance. We followed him and sent two surveillance operators inside. They were able to gain a table close by and watched as he met an unknown female and handed her an A4 sized envelope. She then passed him something under the table which our camera footage later showed to be a smaller envelope.

The female left shortly afterwards. She was followed to an address and was later identified as associated with our client’s competitor. Our evidence was compiled accordingly and presented to our client.

Further Information

To learn more about our investigation, surveillance, counter surveillance, physical penetration testing and security awareness services, contact us:

Sloane Risk Group Ltd


P- 0203 633 0672


A- 71-75 Shelton St, Covent Garden, London, WC2H 9JQ

You might also like to read

This website uses cookies. This data helps us provide the best experience for you, keeps your account secure, helps us provide social media features and allows us to personalise advert and service message content. Please select 'Accept all' to consent to us collecting your data in this way.