Burgeoning Intellectual Property Theft Often an Inside Job

Figures released by the Department of Justice and various private sector institutions show an increase in computer security incidents. Many incidents are not reported, out of concern for company reputations, so the true extent of the damage, especially as it impacts intellectual property, could be staggering. Typically, the authors note, the value of IP for U.S. companies surpasses the value of physical assets.

Nonetheless, more than a third of surveyed Fortune 2000 and middle-market companies have no formal program for safeguarding intellectual property, and they spend less than five percent of their budgets on security.

The fact that intellectual property is now commonly stored in the form of data that can be transmitted by way of the Internet has changed the fundamental requirements that underlie any attempt to secure intellectual property and prevent theft. Previously accepted best practices can no longer be relied on. Companies are now obliged to leverage an array of information security controls, at the same time they continue to adhere to proven principles of physical security.

Many companies fortify their networks against external attacks without realizing the more serious threat comes from employees, former employees and contractors. Statistics cited by the authors indicate more than three out of four cases of IP theft are perpetrated by insiders or contractors. The authors provide guidelines to minimize the risk of employee theft, and suggestions about how to marshal a response if and when IP theft occurs.