529,672 active members*
3,572 visitors online*
Register for free
Login Register
WIBU-SYSTEMS Blog

Perfection in Protection, Licensing, and Security

The hidden cost of IP theft

July 2020
22
Author: Wibu-Systems
Company: WIBU-SYSTEMS AG
The hidden cost of IP theft

Compared with more familiar cyber crimes such as the theft of credit card, consumer health, and other personally identifiable information (PII), IP cyber theft has largely remained in the shadows. That‘s a conclusion that surfaced in an article by Deloitte, entitled The hidden costs of an IP breach.  

According to Deloitte, most corporate cybercrimes receive little attention, perhaps because the impact on the public is less visible, and considering the potential brand and reputational damage, companies have little incentive to report or publicize such incidents. Unlike PII breaches, IP theft has ramifications that are more difficult to quantify: fewer upfront, direct costs but potential impacts that might fester unnoticed in the background over months and years. Beyond financial loss, IP theft could result in loss of competitive market advantage or even entire lines of business to competitors or counterfeiters, or worse.  

In the past, IP theft was typically perpetrated by inside thieves who gained unauthorized access to documents, computers, prototypes, and other physical things that might be considered or contain proprietary trade secrets. In the digital world, however, IP thieves can operate from anywhere via the Internet, dramatically enlarging the attack surface and numbers of malicious actors – current or former employees, competitors, criminal and recreational hackers, and even foreign saboteurs. According to the report, of most value to digital criminals are trade secrets and proprietary business information that can be monetized quickly. Trade secrets can include drug trial data, a paint formula, a manufacturing process, or a 3D print design; proprietary business information might include a geological survey of shale oil deposits, merger plans, or information about business negotiations and strategies. Copyrighted data, such as software code for data analytics, is also now a popular target. With such a broad scope of information of interest to would-be thieves, IP theft is an issue across nearly every industry and market sector.

What is the true cost of an IP breach and how can it be calculated as many of those costs are “hidden” or indirect and therefore difficult to identify and quantify? Deloitte points out that those costs can include not only well-understood cyber incident costs – such as expenses associated with regulatory compliance, public relations, attorneys’ fees, and cybersecurity improvements – but also less visible and often intangible costs that stretch out over months or even years, including the devaluation of a trade name, revoked contracts, and lost future opportunities. 

As challenging as it may be for executives to assess these longer-term and indirect costs, identifying and quantifying the full gamut of potential IP losses is essential to a company’s ability to prioritize its cyber defense efforts. In the report, Deloitte asserted the importance of developing well-defined cyber risk models that align with the specific nature of the given business. Those models can be broken into 3 specific phases:

  • Incident triage – in the immediate days or weeks following the discovery of the attack, the company analyzes the extent of the breach, plugs any evident gaps in security, implements emergency business continuity measures, and responds to legal and public relations needs.
  • Impact management – the company takes reactive steps to reduce and address the direct consequence of the incident, including the activities required to repair relationships, IT infrastructure, or growing legal challenges.
  • Business recovery – in the subsequent months and years, the company proactively repairs damage to the business, aims to countermeasures by competitors looking to profit from stolen information, and shores up their cyber defenses with a focus on longer-term plans.

The report provides many more models and details on how companies can assess the true costs of an IP breach and offers advice on how they can beef up their cybersecurity defenses to protect against such breaches.

When it comes to IP protection, our major concern here at Wibu-Systems is the protection of the IP that resides in our customer’s proprietary software and digital assets, which are typically the lifeblood of their companies and representative of countless man-years of development. Today, software is a key technology enabler for most every industry – from healthcare, medical devices, and life sciences to financial, automotive, and multimedia. Software is also a key attack point for theft, counterfeiting, and reverse engineering. In the industrial world, software is driving the PLCs, sensors, and connected embedded systems behind the Industrial Internet of Things. And here again, software must be protected against those who would attack the integrity of these connected systems for malicious and harmful purposes. 

You can read how our customers are protecting their IP with our CodeMeter licensing and security technologies in case studies across many industries.

0 comments

Blog Archiv

October 2020
September 2020
August 2020
July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
October 2016
September 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016