5How to Catch a Corporate Spy

Troy Batterberry is the founder & CEO of EchoMark, an AI-powered watermarking solution designed to combat internal information theft.

The cutthroat world of financial technology has a corporate espionage problem.

In recent months, Silicon Valley’s fintech industry has been rattled by a series of lawsuits (subscription required) detailing corporate spying between various competitors, including allegations of theft of innovations, financial information and more. Perhaps the most well-known imbroglio concerns HR software companies Deel and Rippling, which saw the latter ensnare an alleged spy in its Dublin office back in March. With many fintech companies fighting to stay competitive in a saturated market, the incentive to steal has never been more pronounced.

Spying in Silicon Valley isn’t new, but what has changed is the ease with which a motivated employee can quickly pilfer sensitive data. A single Slack message, screenshot or file download can leak millions of dollars' worth of intellectual property, customer lists or product roadmaps.

According to the 2025 Ponemon Cost of Insider Risks Report, the cost of insider risk only continues to rise, with the annual average expenditures rising from $16.2 million in 2023 to $17.4 million this year. As pressure mounts, those numbers are only expected to grow.

So, how can companies defend themselves against internal threats? Here are four strategies every modern company should adopt to defend against insider threats.

1. Watch for behavioral anomalies.

Catching a corporate spy starts with establishing what “normal” looks like in your organization so you can quickly detect what isn’t. Security teams have long relied on static rules: file downloads over a certain size, access to systems outside business hours and logins from unusual locations. But these rules often miss the subtle behavior that precedes a real breach.

Modern insider threat detection must focus on contextual behavior. If a marketing associate suddenly accesses engineering documentation they’ve never touched before, that’s a signal worth investigating. Indeed, Rippling purportedly flushed out its alleged spy by surveilling how many times a target employee peeked in on certain Slack channels.

Today’s behavioral analytics tools use artificial intelligence to baseline employee activity and detect anomalies without constant human supervision. More advanced tools can correlate seemingly benign actions (like, say, accessing a file) into risk profiles that help security teams prioritize real threats over false alarms. These tools can be privacy-aware, targeting risky behavior rather than personal data.

2. Watermark everything.

In an age where screenshots can leak company secrets in seconds, prevention isn’t enough. You need traceability.

That’s where forensic watermarking comes in. By embedding invisible, individualized identifiers into emails, documents, and communications, a company or individual can create a unique chain of custody for sensitive information, even if it’s screenshotted or photographed. These watermarks don’t interfere with content and can’t be removed or detected by the recipient; if a leak does occur, a company can trace it back to the exact individual who mishandled the data in the first place, whether accidentally or maliciously.

But perhaps the greatest value of ubiquitous watermarking is psychological. When employees know sensitive data is traceable to them personally, they behave more carefully. That accountability serves as a real, palpable deterrent to unauthorized disclosures.

3. Eliminate shared files.

Here’s a hard truth that too many corporations have yet to realize: If you’re still circulating files through email attachments or shared drives, you’ve already lost control. The traditional file-based model of sharing is inherently insecure. Once a file leaves your secure environment, you have no visibility, no access control and no way to revoke or audit its use. That’s a dangerous game in a competitive, IP-driven world.

Modern organizations are shifting toward a zero-copy collaboration model, where content never leaves that secure environment in the first place. Instead of sending a spreadsheet, you provide someone with view-only access to a live dashboard. Instead of emailing a file like a PDF, you share a link to an experience to access the document. Hosted tools like Notion, Google Workspace, Figma and Airtable are designed to share controlled experiences and eliminate risky file sharing.

Where files are still necessary (in, say, legal or sales workflows, for example), pair them with embedded watermarks and expiring links. Every document your company produces, internal and external, should be marked, monitored and, if possible, retractable.

4. Build a security-first culture.

Catching a corporate spy is not just a technical problem but a cultural one as well. If your employees don’t feel accountable for maintaining confidentiality, they’ll find ways to circumvent controls. The situation rapidly deteriorates as information leaks go unchecked. More employees are likely to leak, and the organization can enter the “leak doom loop,” a vicious cycle of unauthorized disclosures. Conversely, if they feel trusted, informed and accountable, they’ll become allies in your security posture.

The goal is to build a culture where accountability is expected and even embraced. That starts with transparency. Frequently remind employees why confidentiality matters and why security measures like watermarking or behavioral monitoring are used. Show how they protect everyone’s work and the integrity of the company. Offer regular training, not just on phishing emails and password hygiene, but on the real-world consequences of data leaks. Make clear that data responsibility is part of the job, whether you’re in engineering, HR, marketing or the C-suite.

In my experience, the strongest companies treat security not as a burden but as a shared value. They trust their people—and, more importantly, they show it by giving them the tools to act responsibly.

Conclusion

The specter of corporate espionage looms large over the business world beyond fintech, and insider threats, in particular, have, in recent years, evolved from theoretical risk to statistical certainty. But by investing in behavioral monitoring, embedding traceability into data, eliminating uncontrolled file-sharing and cultivating a culture of shared responsibility, companies can protect themselves without undermining the very trust that makes teams effective.

The right response to the rise of insider threats isn’t paranoia but preparation, being able to say with confidence: "If something goes wrong, we’ll know exactly what happened, and we’ll know what to do next." And in today’s hypercompetitive market, that knowledge isn’t just power—it’s survival.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?