Discover the Weaknesses in Your IP Security
Ninth in a Series from Former DuPont CISO on Trade Secret Protection for Manufacturers
Even the most seasoned IT professional has more to learn, as the tools and techniques of cyber attackers are constantly evolving. Become a student of information security. Ongoing threat intelligence will help you understand the current indicators of compromise and stay a step ahead of the bad guys.
Cyber risk information is readily and publicly available from organizations such as CERT, SANS and antivirus vendors. Many have threat and vulnerability feeds to subscribe to. Collaborate with government and public institutions such as the Department of Defense DSIE, DHS Information Sharing, ISACs Council and FBI.
Form a small information sharing group with other trusted manufacturers. Learn to benchmark your organization’s approach against IP protection leaders with a mature program. Eventually, you may become a contributor of intelligence to aid our collective struggle!
The main lesson to learn from your pursuit of IP protection is that the business of IP protection is never finished. Continue to improve your capabilities as your organization matures in its understanding of the threats faced.
To get to the next level, relying on a little outside expertise is often a good thing. Skilled penetration testers are consultants that analyze your prevention, detection and response capabilities by mimicking the tactics of seasoned cyber attackers. These “white hat” hackers will target your system admins with benign phishing, drop “infected” USB drives and perform social engineering with key business users – among other ploys to gain privileged access. Sneaky.
To assess your program’s development, an overall security review by an unbiased third party should be considered. It will evaluate your overall security framework and architecture, outline major business risks and identify gaps in current controls, processes and resources.
Once these weaknesses have been identified, review the results with senior management to gain approval and funding of an improvement project to close the gaps. Prioritize fixes based on level of risk and difficulty to execute. Then wait a while and review the program again.
To summarize, follow this checklist to discover the weaknesses in your IP security:
□ Pursue ongoing threat intelligence to stay ahead of attacks.
□ Collaborate with external groups to share information.
□ Benchmark your performance against IP protection leaders.
□ Consider a security review to identify protection gaps.
□ Hire skilled penetration testers who mimic cyber attackers.
My e-book for download covers more IP protection recommendations based on the practical experience of Digital Guardian’s manufacturing industry customers.
Read the full series:
- The Threats to Your Trade Secrets are Real
- Why Offshoring Complicates IP Protection
- Calculating the True Cost of IP Theft
- Make the Case for Investment in Ongoing IP Protection
- How to Form an IP Risk Committee
- 7 Elements of a Holistic IP Protection Plan
- Defining Intellectual Property
- Lock up your IP and Control Access to it
- Discover the Weaknesses in Your IP Security
- Improve Your Ability to Detect Cyber-Attacks
The Definitive Guide to DLP
- The seven trends that have made DLP hot again
- How to determine the right approach for your organization
- Making the business case to executives
The Definitive Guide to Data Classification
- Why Data Classification is Foundational
- How to Classify Your Data
- Selling Data Classification to the Business