How Safe Is Your Company's Intellectual Property From Cyber Attack? | Practical Law

How Safe Is Your Company's Intellectual Property From Cyber Attack? | Practical Law

Corporate cybersecurity has never been more important for protection against intellectual property cybertheft, particularly from foreign states, companies, and individuals. This Legal Update identifies the risks posed by hackers, the actions all companies should take to protect their intellectual property (IP) interests, and the Practical Law resources that can assist companies when taking those actions.

How Safe Is Your Company's Intellectual Property From Cyber Attack?

Practical Law Legal Update w-000-7122 (Approx. 4 pages)

How Safe Is Your Company's Intellectual Property From Cyber Attack?

by Practical Law Intellectual Property & Technology
Published on 27 Oct 2015USA (National/Federal)
Corporate cybersecurity has never been more important for protection against intellectual property cybertheft, particularly from foreign states, companies, and individuals. This Legal Update identifies the risks posed by hackers, the actions all companies should take to protect their intellectual property (IP) interests, and the Practical Law resources that can assist companies when taking those actions.
While data breaches that target personally identifiable information get a lot of headlines, cyber attacks that target corporate intellectual property (IP) are another significant threat to US businesses. Cyber attacks, which often originate from other countries, can have devastating consequences, including:
  • Undermining key competitive advantages, such as when trade secrets are stolen.
  • Causing substantial financial losses for rights holders, such as when international competitors exploit stolen IP.
  • Posing risks to consumer health and safety, such as when counterfeiters tamper with pharmaceutical supply chains or steal consumer health data.
International government cooperation is crucial to slowing down these attacks given the difficulty of identifying perpetrators and the challenges of cross-border prosecution. However, diplomacy has its limitations. For example, last month the US and China entered an agreement under which the parties pledged not to conduct or knowingly support cyber-enabled IP theft. The agreement appears to be having little effect, as Chinese hacking directed at US corporate IP assets has not subsided since the accord.
Corporate cybersecurity has never been more important to protect the IP of all companies, large or small, and regardless of industry. Cyber criminals are increasingly targeting law firms for their clients' IP and other confidential data. Given these ongoing threats, businesses should frequently assess their data security and work to mitigate risk to their IP "crown jewels." Key actions businesses should take include:
  • Conducting risk assessments.
  • Identifying their most important IP assets and where sensitive information relating to those assets may be stored.
  • Implementing appropriate technical and administrative safeguards to mitigate risks to IP, including, for example, implementing monitoring and auditing processes intended to identify a cyber attack.
  • Implementing robust vendor management programs that consider data security risk to IP assets.
  • Developing procedures that apply in the event of a cyber attack, including plans to restore normal operations.
In addition, businesses should consider whether they should obtain cyber insurance coverage that could mitigate the expense of responding to and recovering from a cyber attack. For more information on cyber attacks, developing an effective cybersecurity program, and related issues, see: