You’ve made sure that all of your key patents, copyrights, and trademarks are properly registered. You have iron-clad employment agreements protecting your company’s trade secrets and confidentiality agreements rivaling those signed by the staff of the British Royal Family. But now more than ever, it is not your employees and business partners who are betraying you; it is technology. Data breaches are becoming a common threat to the safety of the most sensitive intellectual property a company holds – often the types of intellectual property that are not subject to the protections offered by registration, like trade secrets, proprietary information, and customer information. In addition to thinking about the traditional intellectual property protection methods, now you must also think about your cybersecurity policies and procedures to fully develop a plan for the safekeeping of your intellectual property portfolio. Typical cybersecurity policies and procedures include some form of the following:
- Determine the Company’s Security Chain – identify who is responsible for establishing, implementing, and monitoring cybersecurity policies and procedures
- Develop a Compliance Work Plan – monitor and prioritize risks for potential cyber attacks; outline cyber attack procedures
- Develop Required Legal Disclosures
- Implement and Maintain a Coordinated Data Management Program – coordinate with the IT, human resources and other appropriate departments to mitigate risk and assure security of company and customer data by restricting employee access to information related only to their job functions.
- Invest in Computer Security Equipment and Procedures – maintain up-to-date hardware and software to deter or prevent cyber attacks
- Adopt a Cyber Incident Response Plan and Employee Reporting Mechanisms
Investing the time and resources in protecting your company’s information can feel overwhelming. But, the price you pay for not being diligent about it is often much more. Just ask Target, who is on the hook for more than $250 Million for its 2013 data breach.