Shadows in the Boardroom

Michael Sparks

Michael Sparks

22 min read
Shadows in the Boardroom

The New Assignment

It was my first night at Arcadia Tech, and the city outside was drowning in a cold, misty rain. I stood by the floor-to-ceiling window of the 20th-story corner office they’d given me, looking down at neon reflections on slick pavement. I’m a corporate counterintelligence specialist – the kind companies call when they start finding ghosts in their machines or leaks in their ship. This time the call came from the CEO of Arcadia Tech, a high-value tech firm with secrets to protect. They brought me in to set up a counterintelligence program from scratch. I lit an unfiltered cigarette, a vice from my old life in the service, and let the smoke curl toward the dimmed sensor lights. Officially, the building was non-smoking, but at this late hour only the cleaning crew would know, and they didn’t care. I exhaled and watched the wisps fade into the dark. Another day, another battlefield, only now the trenches were cubicles and server rooms.

When I met the CEO earlier that day, he looked like a man haunted by whispers. “We’re leaking IP. I don’t know how, but we are,” he said, sliding a thin dossier across the table. The contents read like a ransom note of lost ideas and suspicious coincidences. He needed it stopped. Quietly. That’s where I come in, I thought. Counterintelligence (CI) in a corporate context is about as glamorous as a stakeout in a rainstorm, and just as necessary. I gave him a firm nod and a promise: I’d build a CI program to plug the leaks and catch the rats. Now, in the quiet of my new office, I could still hear his parting words: “Whatever you need, you have it. Just keep our secrets safe.” Gritting my teeth, I stubbed out the cigarette. Time to get to work.

Locking Down Secrets

The first order of business was to figure out exactly what crown jewels we were guarding. Arcadia Tech’s lifeblood was its proprietary information (cutting-edge AI algorithms, prototype quantum encryption chips, product roadmaps, and client data). The kind of stuff foreign spies and competitors would pay a king’s ransom to obtain. I spent the next few days identifying every piece of sensitive information the company held. It felt like I was a detective casing a bank vault, cataloging every gem inside. Every project got a code name, every file a classification. I created a list of “critical assets,” from design documents to source code repositories. In a way, it was like marking the spots on a treasure map that pirates would lust after.

Just as important, I mapped out who had access to each treasure. A secret is only as safe as the people who keep it. I combed through org charts and access control lists, noting every engineer, scientist, and executive who held the keys to sensitive data. Cataloging personnel with access became an exercise in trust and suspicion, a need-to-know roll call. In my line of work, everyone is a suspect until proven otherwise. I kept my observations close to the vest, noting any odd patterns: an engineer who had access to far more repositories than his role required, a researcher who frequently stayed late in the lab with no one around. Most of it was probably innocent, but I’d learned long ago that coincidence and espionage often dance hand in hand in the shadows.

I wasn’t just playing librarian of secrets; I was also laying tripwires. I worked with IT to ensure access logs were enabled and retained. Every door swipe, database query, and file download in Arcadia Tech now left a trail. If someone tried to dig where they shouldn’t, I wanted to know. It was tedious, turning a freewheeling startup into a fortress, and I got plenty of side-eye from some old-timers in the company. But I wasn’t here to make friends. I was here to catch the friend who’d sell you out.

New Rules of Engagement

With the valuables identified and the vault inventoried, I shifted to writing the internal CI policies. The new rules of engagement for everyone in the company. I tapped out the first draft in a late-night haze of coffee and stale doughnuts, the glow of my laptop the only light in the office. As I wrote, I imagined how these policies would read to the average employee: probably like a paranoid manifesto. That was fine by me. Paranoia is just another tool in a counterintelligence toolbox.

In the morning, I rolled out the policies with the backing of the CEO. The memo went company-wide. It wasn’t long, just a few key mandates, but it hit like a hammer. The policies covered all the essentials of data protection and insider threat prevention:

  • Protect the Data: All sensitive files must be encrypted and labeled. Personal devices were now forbidden for work use. Transferring company data to USB drives or personal cloud storage? Not without approval. I wanted every bit and byte locked down behind two layers of security.
  • Foreign Travel Reporting: Planning a trip abroad, even for vacation? You now had to report foreign travel to my team well before departure. Especially if the destination was high-risk. We’d arrange a briefing to prep you on local threats. No more sneaking off to Shanghai or Tel Aviv with a laptop full of trade secrets without us knowing.
  • Foreign Contacts Disclosure: Got a new friend or romantic interest from overseas? Doing business with foreign partners outside normal channels? Report foreign contacts. In our world, a simple LinkedIn request from a foreign “consultant” could be the first nibble of a fishing line cast by an enemy agent. We made it policy that such contacts be disclosed and vetted.
  • Report Suspicious Behavior: We set up an anonymous reporting system and told employees to report any suspicious behavior in the ranks. Unusual working hours, questions about projects outside one’s purview, unexplained affluence, or side-channel communications – if you see something, say something. No judgment for false alarms; I’d rather chase ten dead ends than miss the one real threat.

Not everyone was thrilled. At a Q&A session I held to explain the new rules, a software developer in a Nirvana T-shirt raised his hand. “So you want us to tattle on our coworkers now, Detective?” he smirked. I fixed him with a level stare. “I prefer you call it protecting your livelihood. Because if our secrets walk out that door, you might not have a job to complain about. And neither will the person sitting next to you.” The room went quiet except for a nervous cough or two. Gritty, but effective, I thought. I didn’t need them to like the policies; I needed them to follow them.

Behind the scenes, I also implemented a new case management system to keep our intel organized. We adopted a platform called 351X, a purpose-built CI and insider threat case management tool. In the frankly dull interface of 351X, I saw my future weeks: forms, incident reports, risk ratings, and case files all neatly indexed. It wasn’t glamorous, but it was effective. Every report of a suspicious incident, every travel notification, every tip from an employee would get logged in 351X, cross-referenced and analyzed. This system was my digital partner, SOC 2 compliant and secure, ready to link the dots if things ever went south. I sent the link to employees to feed it initial data, baseline profiles of employees, and uploaded policies, training, and known threat indicators. The database purred as it absorbed the information, a sleeping watchdog waiting for a reason to bark.

By the time I was done laying the groundwork, Arcadia Tech had a fledgling counterintelligence program. Policies, training, monitoring, and a trusty case file system. The whole nine yards. I knew from experience that the real test would come when theory met practice. Little did I know, that test was looming just around the corner.

A Trip to Hong Kong

A few months passed, mercifully quiet. Morale had stabilized; folks got used to the new normal of keycard checkpoints and odd looks from the new CI guy lurking in the halls. Then one crisp morning, I got a ping in the 351X system. A foreign travel report submission. Three of Arcadia’s top software engineers had an upcoming trip. Destination: Hong Kong. They were scheduled to attend an international tech expo and meet with a potential client. Hong Kong. I leaned back in my chair and sighed at the ceiling. The city of neon and shadows, sitting at the crossroads of global finance, and in the crosshairs of multiple intelligence services. If our company’s secrets had an appetite for risk, this trip was a buffet.

 

According to our new protocol, any travel to a high-threat locale triggers a tailored threat briefing. I assembled the three travelers that afternoon in a small conference room. The room was dark except for the pale glow of a projector casting slides on the wall: pictures of gleaming Hong Kong skyscrapers beside boldface warnings about espionage. I stood at the front, tie a little loose around my neck, the sleeves of my shirt rolled up. Time to play the noir prophet of doom.

“Hong Kong might look like just another business hub,” I began, my voice low and steady, “but make no mistake, it’s a spy’s paradise. Keep your wits about you at all times.” I clicked the slide: a photo of a crowded street market came up. “The person bumping into you on the MTR train? He might be after the prototype on your laptop. The friendly consultant offering to buy you a drink at the hotel bar? She could be gathering intel.” The engineers exchanged glances. One gave a nervous chuckle, but I didn’t smile.

I laid out the rules of the road for their trip: take only sanitized devices (loaner laptops with no sensitive data, just what’s needed for the presentations). Use strong encryption on anything critical. No off-the-record meetings without clearing it. “If someone you don’t know invites you out alone or gives you a ‘gift’ like a USB drive or phone, be on guard,” I warned. “And absolutely no using hotel or cafe Wi-Fi for company business without a secure VPN. Assume someone’s always listening or watching, because in Hong Kong, they often are.”

One of the engineers, Alan, raised his hand with a cocky smile. “With all due respect, isn’t this overkill? We’re just going to show off some product demos. I doubt the Triads or Chinese spies care about our little app.” His tone was joking, but there was an edge to it, maybe nerves, maybe skepticism. I gave him a long look. Alan was newish, hired a year ago, glowing resume. I’d done a light background check on all three travelers as soon as the trip was announced; nothing flagrant came up. I filed away his comment and replied, “You’d be surprised who’s interested in what. It’s my job to worry about these things so you don’t have to. Humor me and follow protocol, and you can focus on the demos, not wondering if someone’s cloned your hard drive.” Alan shrugged and nodded. I couldn’t shake the faint feeling that he wasn’t taking it seriously.

I handed Alan, David (another engineer), and the third traveler, Maria, a slim packet, a one-page quick reference of do’s and don’ts, emergency numbers for the consulate, and the number of our company security hotline (which forwarded straight to my cell). “Call day or night if anything odd happens,” I said, looking each in the eye. “Lost phone, unexpected meeting, gut feeling of being followed, don’t brush it off. That’s what I’m here for.” They left my office armed with knowledge, if not entirely convinced they’d need it. As I watched them walk out, joking amongst themselves, I felt like a parent sending kids off to school in a bad neighborhood. I could only hope they remembered the lessons when it counted.

The Shadow of Suspicion

The week of the Hong Kong trip came and went. While they were abroad, I busied myself with routine work, reviewing automated security alerts, fine-tuning the DLP filters, catching up on a backlog of employee foreign contact reports (mostly benign). Each night I went home with a dull ache in my gut, a reflexive worry for my travelers. I’d given them the tools to stay safe, but would they use them? There’s a saying in my world: “You can lead a horse to water, but you can’t make him recognize the poison in it.” I hoped none of them drank anything they shouldn’t, metaphorically and literally.

When the trio returned to the office the following Monday, I called each of them in separately for a post-travel debrief, as per protocol. Normally these debriefs are uneventful. Jet-lagged employees humor the CI guy for ten minutes with a rundown of their trip and oddball questions like “Did you notice anyone paying unusual attention to you or your work?”

I debriefed Maria first. She seemed tired but nothing out of the ordinary. Nothing to report except a “weird vibe” at the expo where a couple of local businessmen had pressed her with technical questions beyond what was public. I noted it, thanked her, reminded her to change her passwords (standard post-travel advice), and sent her on her way. Next came Alan. Alan himself was chipper, maybe a little too much so, slapping his knee and joking about how many dumplings he’d eaten. Nothing to report. Nothing suspicious at all. I sensed something was off, made a mental note, then told him the same thing I had to Maria. Then came David. The moment he sat down, I could tell he was anxious. His eyes flickered to the door. “Close it if you want,” I offered gently. He nodded and shut the door behind him, then took a seat, fiddling with a pen.

“What’s on your mind?” I asked, keeping my tone calm. David took a breath. “Look, maybe it’s nothing, but I think I should tell you about something I saw in Hong Kong.” He glanced again at the frosted glass window of my office as if to ensure no silhouettes lurked outside. I leaned forward, heart rate picking up slightly. Here we go. “I’m listening,” I said.

David spoke in a hushed voice. He described how one evening during the trip, after a long day at the expo, the team went out for drinks near the hotel. Maria had turned in early, leaving David and Alan at the bar. A few drinks in, Alan excused himself, saying he was going to meet an old friend from a previous job who happened to be in town. David found it odd, Alan hadn’t mentioned any old friends in Hong Kong before, so he kept an eye out. “I saw him in the lobby later that night, around midnight,” David said. “He was with this man I’d never seen before. Asian guy, sharp suit. They were talking by the elevators. I was about to call out, but something stopped me.”

David went on to describe how he hung back in the shadows of the dim hotel lobby, watching. Alan handed the man something, “looked like a USB drive,” David whispered. The exchange was quick. They spoke a few more minutes, then parted ways, the stranger disappearing into a taxi outside. Alan didn’t see David, and David didn’t confront him; he wasn’t sure what he had witnessed. “Maybe it was nothing,” he said, voice full of doubt. “Maybe it really was an old friend and he was giving him, I don’t know, some photos from home on a thumb drive. But, Alan was just acting weird the rest of the trip. He was on his phone a lot, guarding the screen. And one time I caught him quickly closing his laptop when I walked by in the hotel. I didn’t see what it was, but, it just didn’t sit right with me. I remembered your training, about reporting anything that doesn’t feel right.” He managed a thin, apologetic smile. “So here I am, reporting it.”

By the time David finished, I realized I was gripping my coffee mug so hard my knuckles were white. I forced myself to relax and gave him a reassuring nod. “You did the right thing,” I said quietly. I asked a few more questions: Did he recognize the man? (No.) Could he be sure it was a USB drive? (Pretty sure, small, rectangular, metallic.) Did Alan mention anything unusual afterwards? (No, Alan was mostly normal except those secretive moments.) I thanked David for coming forward and asked him to keep this conversation strictly between us. He agreed readily. Before he left, he hesitated and added, “Alan’s a friend, I hope I’m wrong about him.” I met his eyes. “I hope so too,” I said. But hope is not a strategy, I thought as David walked out. I locked the door after him, my mind already moving to next steps.

Alone in my office, I allowed myself a brief moment of disappointment. I had a bad feeling about Alan from the briefing, but I brushed it aside. If Alan was betraying us, I’d personally hand him over to the feds. But I needed proof. Suspicion is one thing; evidence is another. I opened 351X on my computer and started a new case file: CI-51: Hong Kong Trip Incident. In the case notes, I logged David’s report in detail, timestamped and with David’s signature on the formal suspicious activity report form he’d filled out. The case management system gave it a priority tag, potential insider threat.

Now the real investigation began. I locked the door, loosened my tie, and got comfortable. It was going to be a long night. Outside, the rain had started again, tapping on the glass like a thousand tiny typewriters. Fitting. I had some writing of my own to do, writing the story of what Alan had been up to.

Following the Digital Trail

In the world of corporate espionage, people lie, but logs don’t. I started by pulling access logs for Alan’s accounts. The company’s servers dutifully record who accesses what and when. With a few commands, I had a list of Alan’s activities around the trip dates. Something immediately jumped out: the night before the team departed for Hong Kong, around 11:00 PM, Alan’s account accessed a repository of files unrelated to his project. Specifically, design documents for our confidential Project Sapphire (one of those crown jewels on my treasure map). The access was out of the ordinary; Alan’s role didn’t require him to view those files, and certainly not outside business hours. Unauthorized access to sensitive data. There it was, in plain text on my screen. My gut tightened. That was the first breadcrumb.

Next, I tapped into our Security Information and Event Management (SIEM) dashboard, which aggregates system logs and alerts from all over the network. If Alan had plugged in a foreign USB or downloaded large chunks of data, the SIEM might have a record. Sure enough, an alert was logged the same night of that repository access: Alan’s workstation had an unusual data transfer flag. The volume wasn’t massive, a few dozen megabytes, but the SIEM noted it as a spike compared to his normal usage at that hour. The target was listed as an external USB device. So he had copied something to a USB drive just hours before flying out. My jaw clenched as I remembered David’s words: “looked like a USB drive.” It wasn’t paranoia; it was likely a handoff of stolen data.

I felt a flash of anger, cold and sharp. I’ve seen betrayal before, but it never gets easier. I quelled the emotion and kept digging. I needed more. After the team returned, Alan would have been cautious, but insiders always leave trails. I turned to our Data Loss Prevention (DLP) system, a tool we’d installed to monitor and prevent unauthorized sharing of sensitive information, especially via email or web. I pulled DLP logs for Alan’s account for the past week. Bingo. The day after they returned from Hong Kong, the DLP system quietly flagged an incident: an outgoing email from Alan’s corporate email to a personal Gmail address. The email had two attachments. The DLP’s content scanner identified the attachments as containing strings of code and keywords matching our sensitive projects. The system hadn’t blocked the email (policy at the time was just to alert, not prevent, to avoid tipping off insiders prematurely), but it recorded it. Timestamp: 3:47 AM, the night after Alan got home. Who sends project files to their personal Gmail at 3:47 AM? Someone trying not to get caught, that’s who.

I opened the incident details. The recipient’s address was a generic-looking string of letters and numbers, probably a throwaway account. We later traced it and found it had been accessed from an IP in Hong Kong, likely an anonymous drop box for whoever Alan was working with. My blood simmered, but I kept my detective cool. I saved copies of the email and attachments as evidence and added the DLP report to the case file in 351X.

To round out the investigation, I checked a few other sources. Endpoint protection logs showed that Alan’s laptop had an unauthorized encryption program running the night of that email, likely to zip and password-protect the files he sent. Network logs indicated he also accessed his personal cloud storage briefly two days after the trip. It was like assembling a puzzle: each piece by itself might be innocent enough, but together they formed a damning picture. Alan had accessed data he shouldn’t have, copied it to a USB (probably the one he handed off in Hong Kong), and then, as if that weren’t enough, he tried emailing more data to an external account after returning. Classic insider exfiltration, with both physical and electronic drop methods.

By the time I was done, the wall clock showed 2:00 AM. The city lights below had thinned out; only a few sleepless windows glowed against the darkness. My desk was strewn with printouts, log excerpts, DLP screenshots, access records, each page a testimony of betrayal written in the language of ones and zeroes. I rubbed my eyes, poured a finger of bourbon from the bottle I kept locked in my bottom drawer (for nights exactly like this), and let the liquor burn away the fatigue in my throat. The hard part was over. The evidence was there. The next part, confronting Alan, was something I’d do in a few hours, after a quick nap on the office couch and a shower.

Before I caught some shut-eye, I made two phone calls. The first was to Arcadia’s legal counsel to brief them on the situation. They’d need to be in the loop for what came next, and to prepare for possible law enforcement involvement. The second was to my contact at the local FBI field office. In corporate CI work, if you suspect economic espionage (especially if it involves foreign agents), you loop in the feds. My contact answered on the second ring despite the late hour. “We may have a live one,” I said quietly. “Internal spy, data exfil, possible foreign nexus (Hong Kong). I’ll send you a summary in a few hours. Might need support on this.” The agent assured me they’d be ready to assist. I hung up, feeling the weight of what tomorrow would bring. In this line of work, today’s colleague can be tomorrow’s traitor, a sad truth I was about to deliver to Arcadia Tech come morning.

The Mole Exposed

Morning came quickly. By 9:00 AM, I was sitting in a small, windowless conference room down the hall. Neutral territory, away from prying eyes. The air was tense with that stale office-coffee smell. Beside me was the HR director, looking grave, and a security guard in a suit who stood by the door, arms folded. We were the welcoming committee for one guest of honor. I had deliberately scheduled Alan’s “follow-up debrief” for last, making sure David and Maria were far from the vicinity. Alan walked in, oblivious to the ambush, and gave us a puzzled smile. “Morning. You wanted to see me, again?” he asked, glancing at the HR director. Perhaps he thought this was some administrative formality. Poor bastard didn’t realize the trap he’d walked into.

I nodded to the guard, who closed the door and positioned himself calmly behind Alan. I motioned for Alan to take a seat across from me at the small table. “Have a seat, Alan. We need to clarify a few things about the trip.” My tone was as neutral as I could keep it. Inside, I felt a steely focus, the kind a detective has when he’s about to get a confession or a fight. Alan sat, still looking only mildly concerned. “Sure. What’s this about?” he said, trying for a casual chuckle that fell flat.

I placed a printed copy of the access log on the table. “Can you explain why you accessed the Project Sapphire files on the night before you left for Hong Kong?” I asked. Alan’s eyes flicked to the paper; I saw a flash of recognition, and panic, before he quickly masked it. “I, uh, I wasn’t aware that I did,” he stammered. “If I did, it might’ve been an accident. I sometimes open things without realizing, you know, multiple windows.” His voice trailed off. I said nothing, letting the silence and my unblinking stare do the work. He cleared his throat. “Is this a disciplinary meeting? Should I have a rep here or something?”

The HR director spoke up softly, “Alan, this is a serious matter. Please just answer the questions truthfully.” Her voice was icy. She had seen the evidence too.

I slid forward another sheet, the SIEM alert showing the USB event. “Did you copy any files to a USB drive that night?” I asked. Alan looked at it, then up at me. The facade was cracking; a bead of sweat formed on his temple. “I often back up my work to a USB,” he tried. “Standard practice, in case the laptop dies while traveling.”

“We issue company-encrypted USBs for travel if needed,” I countered. “You didn’t request one. And Project Sapphire isn’t your work, is it?” My questions were razor-sharp, each one peeling back a layer of his story. Alan’s lips pressed into a thin line. He was realizing this wasn’t a friendly chat.

I decided to go for the jugular. I pulled out the final piece, the DLP report of his 3:47 AM email to his Gmail. I watched him read it. His face went pale. For a long moment, he just stared at the paper, caught. The only sound was the hum of the air vent. When he finally spoke, his voice had lost its smoothness. “I, I can explain that,” he whispered.

“By all means, explain,” I said, leaning back. I folded my arms, acutely aware of the guard behind him, ready for any sudden moves. Alan didn’t look like he’d bolt; he looked deflated, like a balloon with a pinprick.

He licked his lips, trying to gather some narrative that could save him. “I was just, trying to work from home. I sent some files to my personal email so I could review them later, off VPN. The network was slow that night.” Even he didn’t sound convinced by that.

I tilted my head, calling his bluff. “Cut the crap, Alan.” The sudden harshness in my voice made him flinch. “We’ve got everything. Logs of you taking data you weren’t supposed to, evidence of you handing a USB to an unvetted contact in Hong Kong, and an email you sent with confidential files to an outside address. Did you think our systems wouldn’t catch any of it?”

Alan’s eyes darted to the door, to the guard, then back to me. His composure shattered. “I had no choice,” he blurted, desperation creeping into his voice. “You don’t understand. They approached me months ago. Knew things about me, personal things. They offered a lot of money and, and implied if I didn’t cooperate, it’d get ugly.” He ran a hand through his hair. His forehead was shiny with sweat now.

“Who are they?” I asked quietly, though I had some idea. Arcadia Tech’s tech was valuable; a foreign intelligence service or a hungry competitor could be behind it. Alan hesitated, then shook his head. “I never got a name. Communicated mostly through encrypted emails, then they said someone would meet me on the trip. A middleman, I guess. Some local fixer in Hong Kong. He gave me a flash drive with malware to plug in and copy files, and I gave him the data. After I got back, they wanted more, so I sent it. That’s all I know, I swear.” He was practically pleading now. “I’m not a bad person, they just, they had leverage. And the money, I have debts, you know? Medical bills for my dad.”

I’d heard it all before. The money, the coercion, the justification. Maybe some of it was true. Maybe they did exploit him. In another life, I might even feel a pang of pity. But right now my duty was as clear as the evidence on the table. “Alan, you’ve put this entire company at risk,” I said, my voice flat. “You’ve put your colleagues at risk. This isn’t just a policy violation. This is espionage. Theft of proprietary information. You know the consequences.”

Tears welled in his eyes. “Please, maybe we can keep this internal? I’ll cooperate, I’ll tell you everything, just, please. My life will be over.” For a second, it was human to human. His fear was real. In my mind flashed an image of a cornered suspect I once caught years ago in another job, who said almost the same words. Life over. Well, we all make our choices.

I slid my chair back and stood. “Life as you know it, maybe. But you’re still breathing. That’s more than some spies get.” I nodded to the security guard. “Alan, stand up.” The guard stepped forward and firmly took Alan by the arm. Alan’s face crumpled. He didn’t resist as the guard pulled him to his feet and patted him down, relieving him of his phone and badge. The HR director gathered the evidence papers into a folder, her hands trembling just a bit – despite her professionalism, this was harrowing for her too.

“This is how it’s going to go,” I said evenly to Alan. “You’re going to be escorted off-site. You are terminated effective immediately. Law enforcement will be in touch soon. I suggest that when the FBI comes knocking, you cooperate fully. It might help your case, and it’s your only shot at leniency.” Alan opened his mouth as if to protest, but no words came. There was nothing left to say. The guard produced a pair of plastic restraint cuffs. Alan hung his head, defeated, as the zip-tie tightened around his wrists.

We walked him out a side door, avoiding the open-plan cubicles. A few employees saw us and did double-takes, but no one said a thing. Gossip would fly later, but for now a heavy silence accompanied our little procession. The sky was overcast, a steely gray that matched the mood. At the exit, two FBI agents in dark suits were already waiting (I had arranged the timing). They took custody of a now-weepy Alan and led him to a black sedan. One agent gave me a curt nod of thanks. I stood there under the awning as the rain began to drizzle, watching them drive off. I felt no triumph, only a dull ache. In the war of corporate espionage, there are rarely winners. You just cut your losses and shore up the defenses for next time.

Epilogue

Back in my office that evening, I sat again by the big window, city lights blinking through the rain. The adrenaline had long faded, leaving exhaustion and a bittersweet taste. Another insider threat neutralized, another company secret safe. For now. I opened 351X and finalized the case file: notes from Alan’s interrogation, copies of evidence, recommendations for preventing similar breaches. I noted that our policies and systems had worked: the travel briefing alerted an honest employee, the reporting structure empowered him to come forward, and our monitoring tools caught the perp in the act. It was a small win for the good guys, if you could call it that.

I gazed out at the dark metropolis beyond the glass. In the reflection, I saw a tired man in a wrinkled shirt, tie loosened, a quiet guardian in the high tower of a corporate castle. This wasn’t the glamorous spy game of Hollywood, but it was the frontline of corporate counterintelligence – gritty, meticulous, unforgiving. There would be paperwork, legal proceedings, maybe headlines if the press sniffed it out. But those were battles for another day, to be fought by lawyers and PR. My part in this saga was nearly done.

I allowed myself one last cigarette for the night. As I took a slow drag, I pondered the duality of my job. By day, I’m just another suit in a plush office; by night, I’m a detective prowling through digital alleyways. The criminals I chase don’t wear fedoras or flash guns, but their crimes can be just as dangerous. They hide behind keycards and smiles, betraying trust for money or favors. And me? I live in the same shadows they do, only I fight for the light.

The nicotine hit my lungs and I exhaled a cloud of smoke that drifted across the window, mingling with the night. Just another case, I told myself. But the truth is, every case leaves a mark. In this line of work, the victories are quiet, the scars invisible, and the war never really ends. Outside, the city glimmered with a million secrets. I crushed the cigarette into the ashtray and stood up, straightening my coat. The rain had stopped. It was time to head home and catch some real sleep, because tomorrow, the sun would rise on new challenges, and the shadows of corporate espionage would still be there, waiting for me to step back into the fray.

Read more

Adapting U.S. Counterintelligence to Combat AI-Enabled Adversarial Influence Operations

Adapting U.S. Counterintelligence to Combat AI-Enabled Adversarial Influence Operations

1.    Introduction       a. The rise of AI-generated disinformation poses a complex challenge for U.S. counterintelligence (CI). Adversarial states are increasingly leveraging artificial intelligence (AI) tools (from deepfake video and audio to algorithmically generated social media posts) to conduct covert influence campaigns at scale. The U.S. National Counterintelligence and

By Michael Sparks