A Breach on the Charles River

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

12 Ways to Protect Your Intellectual Property Against Cyber Attacks [part II]

WRITTEN BY MICHAEL JOSEPH (PRESIDENT & CO-FOUNDER) & MICHAEL FORD (DIRECTOR OF STRATEGIC INITIATIVES)

Don’t Attempt Everything at Once. Take A Metered Approach. 

In Part I of this list, we covered various ways to protect your Intellectual Property (IP); all of which will take time. Security projects are often initiated in response to an incident and under a deadline. You may be tempted to implement all of these recommendations at once; however, these recommendations will each involve different people or departments across the organization.

As you work through the lists from Part I and Part II (below), it may be better to break them into individual projects. You may also consider working with an IT security consultant who is familiar with your industry, so they can guide you on the best practices to apply and the pitfalls to avoid.

Here are six more measures you can take to help
protect the Intellectual Property of your Biotech:

7. If partners, vendors, customers, or other third parties share or need to have access to your IP, make sure that they are contractually obligated to protect your IP, and utilize an expert IT security consultant to vet their security posture; the smart ones will likely ask you to do the same, as this should be a standard protocol for business relationships where IP is shared. Additionally, implement a strategy for proactively detecting loss of your company’s IP by these third parties. You certainly don’t want to be the last to know that something has gone wrong.

8. Require employees to acknowledge IP agreements upon hire and then on an annual basis; also have them re-sign the agreements when leaving the company. Provide periodic training to help employees identify signs of IP theft risk—from external attacks such as phishing, social engineering, and ransomware, as well as from fellow employees.

9. Make sure that all IP is backed up on a regular basis, and that data restoration is regularly tested. Also, assure that IP is available to the business through any interruption of IT services by having a well thought out (and tested) Disaster Recovery and Business Continuity Plan.

10. Implement controls to prevent and detect IP leakage. Monitor your IT infrastructure for indications that IP theft is taking place—especially with respect to file transfers, emails, and online collaboration platforms. This may be by regularly monitoring of system logs, disabling the use of USB drives on workstations, and/or enabling Data Loss Prevention features on your email system.

11. Assess the correct strategy for protecting IP stored or processed in the Cloud. Depending on the type of cloud service, this may be similar to protecting IP at a third party and/or it may involve implementing the same controls you implement for your on-premises infrastructure. Collaborate closely with your cloud provider to understand what they will and will not do when it comes to helping you protect your IP; document who is responsible for what.

12. Work with your HR department to integrate IT processes into their off-boarding procedures. Properly off-board employees so that IT network access and building access are revoked promptly. Most insider attacks occur near the time that employees are leaving or within a few weeks afterward.

9 Tips To Decrease Your Security Risk

When you make changes within your organization, remember that you’ll need to make changes to your cyber security program too. Review these tips to be sure you’re doing all you can to decrease your risk.

Read More »

Security is a Team Sport

When IT professionals are faced with safeguarding their business’ digital infrastructure they are flooded with options leaving most people overwhelmed and in more of a quandary of when then started. So how is one to choose?

Read More »
MDR_Technium

The Intricacies of MDR

MDR sounds simple; it is only three letters, so how complicated can it be? The answer to this may surprise you. Managed Detection and Response (MDR) is more than just overseeing what’s happening in your environment.

Read More »

Penetration Testing 101

Penetration testing (or pen testing) is a process by which software is utilized to probe a network and its elements for security risks. The job of security is always to focus on reducing the attack surface. Pen testing is what allows you to do this.

Read More »

9 Tips To Decrease Your Security Risk

When you make changes within your organization, remember that you’ll need to make changes to your cyber security program too. Review these tips to be sure you’re doing all you can to decrease your risk.

Read More »

Security is a Team Sport

When IT professionals are faced with safeguarding their business’ digital infrastructure they are flooded with options leaving most people overwhelmed and in more of a quandary of when then started. So how is one to choose?

Read More »
MDR_Technium

The Intricacies of MDR

MDR sounds simple; it is only three letters, so how complicated can it be? The answer to this may surprise you. Managed Detection and Response (MDR) is more than just overseeing what’s happening in your environment.

Read More »

Penetration Testing 101

Penetration testing (or pen testing) is a process by which software is utilized to probe a network and its elements for security risks. The job of security is always to focus on reducing the attack surface. Pen testing is what allows you to do this.

Read More »