Cybersecurity Scary Story: Source Code Theft

Despite the maturing of Cybersecurity, inevitably there are organizations, large and small, that still aren’t getting the message. Protecting critical information seems basic, but if the entire revenue stream of your company depended upon the security of one or more critical products, wouldn’t you deploy the strictest measures possible to protect the underlying data, processes, source code, formulas, etc. upon which those products and thus revenue stream is based?

Here’s an Actual Very Scary Story

 A cybersecurity specialist on our team was engaged by a company with annual revenues of approximately $2 billion. The product was entertainment software that cost many $millions to develop, test, market, and deploy. Yet, by not paying attention to how this critical information was stored and handled, within a just a few weeks of release the source code was obtained, and bogus copies of this company’s product(s) were being offered at steep discounts on the black market.

What Caused this Catastrophic Breach?

Had this company engaged us before the horse got out of the barn, a comprehensive cybersecurity gap assessment would have told the whole story: there was a lack of secure software development (SecDevOps) practices and the absence of a secure software repository with strict access control.

Secure software development is just one of dozens of current cybersecurity framework best practices against which we can test your organization’s defenses.

If your organization doesn’t have the internal bandwidth to perform a thorough analysis, consider employing the services of an experienced Cybersecurity Compliance Consultant who can obtain the desired results with minimal impact to your staff and operations.


Fill out the form below to get in touch with us for additional information.

Published on September 7th, 2021


by Steve Wantola

Steve Wantola has had a long-standing professional relationship with i3 and has the highest respect for the company’s management, its operational integrity, and dedication to its clients. Mr. Wantola holds a Certified Information Security Manager (CISM) certification from the ISACA, is a Registered Practitioner (RP) for the Cybersecurity Maturity Model Accreditation Board (CMMC-AB) and has served on the Cybersecurity Advisory Board of Rutgers University.