With the recent upsurge in data breaches dominating the news, a cyber incident or data breach seems to have become an unavoidable risk – almost a rite of passage – for many companies. Yet, often overlooked are intellectual property (IP) cyberthefts that the public rarely hears about. IP thefts generally only affect the robbed, who has neither the business incentive nor the legal duty to report, and there is no direct impact to the larger public (e.g. customer's personal data leak). Despite the relative noiselessness, cyberattacks stealing IP assets can mean life or death to those affected, for IP is often one of the most valuable assets of a company.

Even under the legal regimes intended to protect a company's proprietary interests in innovation and competitiveness, IP can still be vulnerable to cyberattacks by the sole fact that much of these critical non-public IP's (e.g. knowhows, trade secrets, pre-patent prototypes, unregistered copyrights) are stored electronically today. While rights under IP law provide some legal means to recover damages from infringement or misappropriation, protecting IP from theft or compromise in the first place is the most effective – perhaps the only – means to maximizing the value of your IP and maintaining your competitive edge.

To help guard against the risk of IP cybertheft, businesses with critical IP assets to protect should:

  • Understand where sensitive assets are located and the weak links in internal security systems
  • Educate employees about the importance of your IP and the security procedures to be followed to avoid mishandling of sensitive information
  • Limit access to sensitive data on a strictly need-to-know basis
  • Utilize information governance tools, such as electronic document security technologies, to manage information and prevent loss through end-to-end encryption.
  • Consult your lawyers for a comprehensive overview of your privacy terms and non-disclosure agreements before any business transaction to avoid any legal vulnerability
  • Be prepared to take legal action advised by lawyers experienced in IP protection as soon as a cybertheft risk or incident is detected

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.