Hackers have caught on to the significant economic and competitive value of intangible assets. Their newest target? Intellectual property rights (IPRs). Wildgen’s Emmanuelle Ragot, an expert in cybersecurity, data breaches & IP, gives us the scoop.
How can companies protect themselves from cyberattacks & prevent the risk of industrial espionage?
Although the number of cyberattacks is skyrocketing, many companies are still convinced that these attacks will never happen to them. However, we have seen a significant change of mindset in the market and among our clients. It is becoming clear that all companies will one day experience a cyberattack. The question remains not if it will happen but when. Will the company be ready to manage the detection process and respond? We are able to organize awareness trainings, crisis management trainings, a communication strategy, legal actions and relations with authorities. This is definitely a matter of governance, with its urgency underscored by the arrival of GDPR on May 25, 2018.
Are there tools or best practices to protect IP data that is stored on IT tools?
There is no 100% “magic tool” to identify intrusions or defend against them, and if there were it would be immediately outdated. Nevertheless, data governance best practices related to information security need to be implemented to manage and reduce risk. This is an ongoing topic and should be managed together with the GDPR’s implementation. Both are to be dealt with by a company’s board. Since May 25, 2018 and the entry into force of the GDPR, it is generally concomitantly managed by the companies that we are assisting.
When should companies put these best practices in place?
Better yesterday than tomorrow.
“As significant economic and competitive intangible assets, hackers target IPRs for obvious financial reasons.”
What are the legal remedies for a violation of my IP rights?
IPR infringement is too broad to be answered in the context of cybersecurity. On one hand, it is a question of reactivity and of the ability for the internal legal department and external attorney to immediately take actions to minimize legal risks for the company, e.g. safeguard evidence and identify the attack’s origin (internal vs. external). On the other hand, it is important to start a legal assessment of the consequences related to the type of attack, e.g. data disclosed. There are different legal actions to be taken against identified third parties or unidentified third parties. Should an infringement of IPRs derive from a cyberattack, the company is entitled to additional legal actions depending on the damages, e.g. counterfeiting, disclosure of business information or patentable R&D, or unauthorized use of copyrights, trademarks, etc.
Why are IP assets specifically targeted by hackers?
IPRs portfolios represent a huge investment for a company, especially if one thinks of the related patents, trademark filings and registrations. IPRs also provide information revealing confidential business plans and a company’s growth strategy for given territories.
As significant economic and competitive intangible assets, hackers target IPRs for obvious financial reasons.
Their motivations are varied: financial reward, activism, government spying, etc. Cyber terrorists are generally motivated by religious or political beliefs, attempting to instill fear and chaos by disrupting critical infrastructures.
Simply put, the effective protection of IPRs is absolutely essential.