What is intellectual property?
Intellectual property (IP) can be defined as property, such as an idea, invention, or process that derives from the work of the mind or intellect1. IP can be patents, copyrights, trademarks, trade secrets, or specific work product. Each company has its own definition of IP. A company specializing in software development may consider source code to be IP, a company specializing in marketing may consider their contact lists to be IP, whereas a company specializing in consulting services may consider templates for various tasks to be IP.
Key triggers present in intellectual property theft
Human factors (e.g., entitlement, disgruntlement, etc.) combined with environmental factors (e.g., layoffs, job opportunities) can trigger pillars of the key fraud theories, the Fraud Triangle and the Fraud Diamond. The Fraud Triangle 2 Theory is based on the idea that when pressure, rationalization, and opportunity are present, a person is more likely to commit fraud. The Fraud Diamond expanded that theory by incorporating human capability. Capability refers to someone having the necessary traits, skills and abilities to commit theft or fraud. It’s how the fraudster not only recognizes a particular fraud opportunity but turns it into reality3 . In recent news, companies in the tech space are laying off large numbers of employees which can trigger an environment where IP theft can occur.
Theft of intellectual property
IP theft may be intentional (e.g., malicious insider or threat actor) or accidental (e.g., human error). An example of intentional theft could be an employee copying source code or taking a company client list or pricing sheet to leverage at a competitor. An example of accidental theft could stem from an employee uploading a sensitive file to an unauthorized public cloud storage website.
Many companies have intellectual property policies that consider employee work product property of the company and not the creator(s). However, there are many examples where adherence to the policy does not happen, or the employee simply chose to ignore the policy. Below are five leading practices to minimize IP theft.
Leading Practices
- Properly classify IP so that appropriate steps are taken to identify and protect said intellectual property.
- Develop and refine employee policies to make sure they outline acceptable (and unacceptable) uses of company data, as well as define company IP and other data classifications.
- Provide annual training to all employees that covers data classifications, acceptable/unacceptable use, and disciplinary actions should policies not be followed.
- Leverage DLP and other logging solutions to capture, monitor, log, review, and respond to suspicious activities. Determine that all the relevant data (e.g., logs, emails, etc.) are captured and properly retained to assist in defensible investigations.
- Develop a robust HR employee departure procedure that triggers additional preventative and detective use cases and preservation/logging upon employee departure notices. This will help confirm that all of the user’s assigned assets were returned, and that the physical and system access permissions are revoked. In some situations, terminated employees should have access revoked directly before the termination meeting and be escorted out of the building to best safeguard company data.