EXECUTIVE SUMMARY:

Intellectual property (IP) resides at the heart of every business’s operations. By offering a form of absolute protection and complete rights to the social value of an idea, product or service, governing bodies offer creators greater incentive to continue innovating. According to the World Intellectual Property Organization, intellectual property rights are central to economic growth.

However, in many nations, intellectual property (trade secrets) are prized among hackers for this very reason. Stolen intellectual property can yield unfairly achieved economic growth. A 2015 research paper produced by the Federal Reserve Bank of Minneapolis indicates that more than 50% of all technologies owned by certain firms originate elsewhere. 

The Commission on the Theft of American Intellectual Property asserts that US organizations loose between $225 and $600 billion annually due to IP theft. This type of infringement can damage your potential to sustainably generate revenue. In contrast with other losses, IP theft-related losses cannot be replaced through insurance. Nonetheless, insurance covering IP-related lawsuits is available.

How to protect intellectual property

1. The first line of defense consists of assessing what constitutes your organization’s intellectual property. Knowledge of what needs to be protected can help you develop effective frameworks for security.
2. If your organization owns and uses unique source code, formulations or relies on other valuable “secret sauce” type information, check to ensure that the IP retains a patent, registered trademark, or copyright, depending on the nature of the resources. Also, ensure that your organization renews certain kinds of protections periodically. Registered trademarks, for example, can expire.
3. Depending on the nature of a given employee’s work, consider requiring employees to sign non-disclosure or IP agreements. NDAs are common among start-ups, but established organizations may not have them in-place. If employees regularly use IP to carry out job duties, remind them of how to safeguard IP and the potential consequences of intellectual property loss.
4. From a strictly cyber security standpoint, organizations can identify and prevent shadow IT in order to reduce risk. Microsoft reports that 80% of workers use non-sanctioned apps, which may compromise security. In addition, the 2020 migration to cloud computing may have led fast-moving IT professionals to add unauthorized software or cloud services to your systems. While the intention behind shadow IT is often good, shadow IT can lead to security risks.
5. With data encryption, the data is largely rendered unreadable to those who may steal it. Only 21% of organizations require encryption for externally shared data. Internally, just over a third of organizations mandate encryption. Media encryption: People often store sales presentations, product plan pitches and financial forecasts on USBs or other removable storage devices. When organizations use strong media encryption tools, administrators can observe device activity and log file movements. Further, email alerts can provide administrators with information about specific types of events.
6. Internal security policies must be of a high caliber. Could an employee walk out the doors unnoticed with duffle bags of documents? At least one major industry player experienced this debacle.
7. Third-party data sharing can complicate the picture. Your organization is liable to work with third-party vendors for a variety of purposes. Physical security, cyber security and legal safeguards must exist among these entities in order to fully protect your data and resources.
8. Think like an espionage agent. If you were interested in stealing your organization’s intellectual property, which security gaps would you attempt to exploit? Are there printers, phones, documents, online data management platforms, employee identification cards or other tools that might be unprotected or under-protected? Then, focus on securing those resources or processes.

In conclusion

While theft of IP information is a crime, those engaged in intellectual property theft often evade detection. On occasions when businesses, together with law enforcement, manage to catch and prosecute IP thieves, the harm may have already been inflicted. There’s no turning back time.

In the US, nearly 40% of GDP derives from intellectual property intensive industries. As many as 21% of American CFOs believe that their firm was a victim of intellectual property theft. For more information about how to protect intellectual property, and preventing intellectual property leaks, see this expert-authored article. To sign up for the Cyber Talk newsletter, click here.