CISOs of companies both small and large understand how intellectual property (IP) and company infrastructure may be targeted from one of four vectors: malevolent insiders, unscrupulous competitors, criminals, or nation states. While ransomware attacks emphasize how criminals monetize their ability to socially engineer individuals to click that link or attachment, nation states are quietly working to fleece the IP and gain foothold within targets of interest. \u00a0The U.S. National Counterintelligence and Security Center (NCSC\u2014an entity within the Office of the Director of National Intelligence) recently published a ten-page primer on the targeting of emerging U.S. technologies by these foreign threats. The primer cites artificial intelligence, the bioeconomy, autonomous systems, quantum information science and technology, and semiconductors as key sectors being targeted by foreign adversaries. But by no means are those the only sectors being targeted.The NCSC first points their finger at both China and Russia, who view these sectors as a national security priority. China\u2019s desire to globally dominate these sectors by 2030 is not a secret. Russia is focused on access to the technologies for its military industrial complex.China IP theft focuses on academia and commerceCentral Intelligence Agency (CIA) Director William Burns recently announced the formation of the China Mission Center. Previous centers have been created in the past for counterterrorism and counterproliferation. Burns\u2019s creation of the center focused on China is designed to have components of the CIA coordinate their work on China, who Burns describes as \u201cthe principal U.S. competitor.\u201d The creation of the center also signals to industry how serious the U.S. intelligence community is taking its role to garner information on the capabilities, plans, and intentions of China, whose President Xi Jinping is driving to be the dominate global force.At a recent cyber conference hosted by The Cipher Brief, Anna Puglisi, director of biotechnology programs at Georgetown University\u2019s Center for Security and Emerging Technologies, noted how China\u2019s focus on academia and commerce requires a pivot by the U.S. as \u201cit's a very, very different threat than we had in the past."Russia a threat to all entitiesRussia may not be top-of-mind in the context of the IP theft discussion, yet it continues to be the focus of the U.S. government in what is being described as a \u201cwhole of government\u201d approach to cybersecurity. CISA\u2019s continued issuance of tutorials, playbooks, and advisories on the forms of malware (including ransomware) emerging from Russia should be mandatory reading by infosec teams. Similarly, the multilateral engagement to counter Russia\u2019s unwillingness to clean its own house, signals to all entities how cybercrime is a global issue to address, and companies don\u2019t get to opt out. They must be prepared for that day they fall into the target-sights of the foreign threat.Burns recently visited Moscow and one of the issues raised was cyberattacks. He came with evidence, which he presented to high-ranking Russian security officials, that were intended to spur Russia into collaborative action.China and Russia methodologiesThe two nations may differ in technique and ultimate goals, but they are in full agreement that much of the information they desire sits within foreign public and private entities. The NSCS highlights the methods used by both China and Russia to acquire technology. The four vectors previously mentioned play host to these methods which NCSC categorizes as \u201clegal, quasi-legal, and illegal methods.\u201dChina and Russia\u2019s quiver of arrows being used in their acquisition efforts include:Intelligence servicesScience and technology investments (China)International scientific collaboration (Russia)Academic collaborationJoint ventures\/business partnershipsMergers and acquisitionsForeign investmentNon-traditional collectors (including co-opted insiders)Talent recruitment programsResearch partnershipsFront companiesLegal and regulatory actionsGovernment-to-government agreementsThe annual counterintelligence and worldwide threat brief provided to Congress in April provided the backdrop for FBI Director Christopher Wray to comment how the FBI had over 2,000 investigations with a Chinese nexus open and was opening a new investigation \u201cevery ten hours.\u201d While, Avril Haines, director of national intelligence, commented how the Chinese had substantial cyber capabilities and \u201cif deployed, at a minimum can cause localized, temporary disruptions to critical infrastructure inside the United States."CISOs\u2019 hands are not tied CISOs will be well served to assimilate the basic advice proffered by the NCSC on mitigating the foreign threat risks.Be mindful of \u201cforeign government-sponsored talent requirement plans.\u201dTake basic cyber-hygiene seriously.Reign in social network usage, oversharing, and connecting with unknown persons.Have in place a travel program based on the predicate that privacy does not exist and devices left unattended will be compromised.