Intellectual property cyber theft trends and protective strategies
- Published: Wednesday, 26 October 2016 08:36
The number of intellectual property (IP) cyber theft incidents in the next 12 months is expected to increase, according to 58 percent of respondents to a recent Deloitte poll. When asked which category of potential adversary they believe is most likely to attempt theft of their organizations' IP, the prevailing percentage of respondents (20.1 percent) answered "employees or other insiders." Yet, only 16.7 percent of respondents said access to IP is very limited, on a need-to-know basis only.
"While many of us know — or have experienced firsthand — how a cyberattack can severely disrupt business, loss of an asset as critical as IP can be crippling for most organizations," said Don Fancher, principal, Deloitte Financial Advisory Services LLP, national leader, Deloitte Forensics & Investigations and Deloitte Forensic leader, Deloitte Global. "Managing risks to trade secrets, drawings, plans or proprietary know-how that drive your organization's revenue and competitive advantage often includes quantifying how loss of that IP would impact the business, preparing to identify and pursue adversaries, and building a defensible chain of data custody to counter future IP cyber theft threats."
IP can constitute more than 80 percent of a single company's value today; and yet, 44.1 percent of respondents to the Deloitte poll collectively feel that assessing the impact of IP loss and managing relationships would be the largest challenges faced by their organization.
Sectors expecting a higher than average increase in IP cyber theft in the next year included: power and utilities (68.8 percent); telecom (68.8 percent); industrial products & services (64.7 percent); and automotive (63.9 percent). Those sectors expecting higher than average insider IP theft attempts included: automotive (32.2 percent); oil & gas (27.2 percent); and real estate services (26.2 percent).
Deloitte tips for assessing the potential impact and protecting against intellectual property loss include:
- Define the critical assets (e.g., facilities, source code, IP and R&D, customer information) that must be protected and the organization's tolerance for loss or damage in those areas.
- Validate that any partners or suppliers involved in IP creation or utilization collaborate with the cyber risk program.
- Evaluate whether exposing some IP in the public domain may make the organization more subject to attack.
- Consider whether the competitive landscape points to new cyber threats to IP protection.
- Improve cyber resilience to manage brand impact and market position in the event of IP theft.
Taking a holistic approach toward cybersecurity isn't just about balancing technical expertise with information technology investments, or about contingency planning. Organizations need to define their cyber risk, up front, in conjunction with their strategic priorities when making decisions on protecting their most critical assets because they recognize what the adverse consequences would be otherwise.
Key considerations for building an insider threat mitigation program:
Define your insider threats: don't be surprised if your organization hasn't defined what an insider threat is.
Trust but verify: establish routine and random auditing of privileged functions, which are commonly used to identify insider threats across a broad spectrum of threats in a variety of industries.
Connect the dots: by correlating precursors or potential risk indicators captured in virtual and non-virtual arenas, your organization can gain insights into micro and macro trends regarding the high risk behaviors exhibited across the organization.
Stay a step ahead: insiders' methods, tactics and attempts to cover their tracks will constantly evolve, which means that the insider threat program and the precursors that it analyzes should continuously evolve as well.
Set behavioral expectations: Define the behavioral expectations of your workforce through clear and consistently enforced policies.