Foreign State Threats to Company IP Trade Secrets

 

Operating facilities abroad in hostile regions where intellectual property rights are weak or non-existent should be viewed by the CISO as a major threat.  Organization’s should not be learning or building new security capabilities for the first time simply when a company decides to deploy company assets and capabilities abroad particularly in hostile regions.

It is very difficult protecting Intellectual Property and Trade Secrets.

Typically many Boards of Directors might take risks with intellectual property or trade secrets, particularly with increased potential revenue offered in emerging markets.  Corporate management, often do not think about the loss the potential loss of intellectual property heavily enough. 

 

Information Security practitioners should know the long established golden rule that Information Security is not just about technology.  Widespread deep Security Strategies are required to protect a company’s high value information assets from probable foreign adversaries.

Underestimating the risks of 3rd Parties, especially if they are based in a hostile area, will probably be the company's weakest IT Security link.

If a company has not considered and prepared for all of the potential risks including contractual expectations, information controls, and external monitoring capabilities etc., it may already be compromised. 

 

Information Security Managers have the great opportunity to implement measures to minimize corporate information risks by incorporating control expectations into their service provider contracts, or re-negotiating a service provider's contracts if they are already in place.

Information Security Managers, should accept that taking risks with Intellectual Property and Trade Secrets is often the cost of doing business.  However your senior managers may not officially agree.

Organizations should learn to be ready for these risks.

 

Aggressive third parties can always find security areas to exploit.

Companies should assume that they have already been breached

There is a need to identify corporate most valuable assets, where they are located, how they are used and what specific additional controls are necessary.

 

Industries that produce and rely on their original Patent Protected Intellectual Property or Trade Secrets,

Such as: Pharmaceutical, Chemical, Life Science, High-tech Manufacturing, Industrial Manufacturing, Ssupervisory Control and Data Acquisition, are already progressing.

Our intelligence capabilities are an important reason why Information Security practitioner’s strategies need to include People, Process, and Technologies.  Often employees just walk out the door with the company on USB devices etc.