As we now start off into 2024, Cybersecurity is still at the
front and center of just about everything today. But now there is a new fear that is coming
out: The threat of Corporate
Espionage. You may be wondering, what is
it? Well, here is a technical definition
of it:
“Corporate espionage is the act of stealing proprietary
information, trade secrets, or intellectual property from a business and giving
or selling it to another.”
(SOURCE: https://www.investopedia.com/financial-edge/0310/corporate-espionage-fact-and-fiction.aspx)
Simply put: It is not
just your digital and physical assets that are at grave risk, now your
Intellectual Property (IP) is also. What
can you do to help prevent this from happening?
Here are some tips:
1)
Always make use of Non-Disclosure Agreements:
These are also commonly referred to
as “NDAs”. The idea with this is that
you make any relevant party that you are having discussions with sign this
document. It simply means that any trade
secrets, or other proprietary information that is discussed cannot be spoken
outside of the venue of the conversation.
If the party that has issued the NDA finds out that you have revealed
some trade secrets, then by the letter of the NDA, they can technically sue
you. But in reality, these are really tough to enforce. Why?
Because it will be your word against the other party you have accused of
releasing this information. I have
signed a ton of these for my own business, and in the end, they don’t mean a
whole lot. But hey, some protection is
better than nothing at all.
2)
Know what your IP is:
You would think that a business
owner would know what their IP is, where it lies, and how it is used. But unbelievably, many of them do not know
this simple fact. It’s like acting as a
CISO if they know what is contained in their databases. More than likely, they will say “No, I do not
know”. This answer carries two distinct
pitfalls with it:
àIf
you don’t know where your IP is, how can you protect it?
àIf
you go to court to file a lawsuit against a third party for an IP breach, and
the judge asks you, “Where is it?”, and you can’t answer it, you will, for lack
of a better term, be laughed out of court.
3)
Do
your Due Diligence:
Before
you engage in a conversation with a third party, make sure you carefully vet
them first. In fact, if you have a procedure for doing this similar kind of
thing for vetting out a potential supplier,
follow the same procedures here as well.
If any red flags appear to you in this process, then you need to decide very carefully how you are going to
move forward, if at all. In this instance, explain the gravity of
what will be discussed, and the repercussions of what could happen if anything is leaked out,
whether intentional or not. But also
keep in mind that Corporate Espionage
attacks could also happen even to your own employees. For more information
on this, click on the link below:
4)
Have Security Awareness Training:
This is a theme that has been
beaten down who knows how many times during and even after the COVID-19
Pandemic. But at the risk of sounding
like a broken record, it is imperative that you train both your regular employees
and independent contractors in how to practice strong levels of Cyber
Hygiene. Also train them in what
Corporate Espionage is all about, and what the telltale signs of it are. Perhaps even launch mock exercises against
them to see how they react to it, in a manner very similar to how you would
launch a simulated Phishing attack. Also, more information about this can be
seen at the link below:
5)
Encourage Communications:
As much time and money you will be
investing in training your employees and contractors, you also need to invest
the same in establishing ways in which people can reach out to you if there is
anything suspicious happening. Of
course, this should all be done on an anonymous basis. You should have reporting venues that are
open and available on a 24 X 7 X 365 basis.
My Thoughts On This:
Protecting your IP is now more important than ever. Given the digital age that we live in today,
anything can happen, especially with AI and ML now taking a firm foothold in
our society. In fact, it might even be
wise to consider hiring some sort of virtually related C-Suite title to help
you to do all of this. Or, you can also
consult with your business attorney as well.
But the bottom line is that make you sure your employ a
multitude of defenses, and not just rely upon just one means.
No comments:
Post a Comment