Espionage risk assessment for security of defense based research and technology

Governmental and industrial espionage in security and defense based research and technology (R&T) becomes a more and more economic and security problem for companies and governments where sensitive information is collected without permission of the information holder. We introduce a new methodology that investigates the information leakage risk of security and defense based R&T-projects concerning governmental or industrial espionage. The methodology extends the well-known risk assessment methodology. It consists of two steps. In the first step, the sensitivity of a project is estimated by human experts. A qualitative assignment of projects to different sensibility classes is done using an adapted risk assessment methodology. The second step supports this qualitative estimation by a new quantitative methodology. Text and web mining is used to extract relevant information from strategic documents and to crawl relevant technological information from the internet. Text classification is used to assign the provided information to different aspects that are identified as relevant for the qualitative estimation.