As a special feature of our blog—special guest postings by experts, clients, and other professionals—please enjoy this blog entry from Stroz Friedberg, a global leader of cybersecurity, investigations and risk management. The firm recently launched Strategic Intellectual Property Protection Services (SIPPS), an offering Stroz Friedberg designed to help companies best handle intellectual property throughout its lifecycle.

-Robert Milligan, Editor of Trading Secrets

Across industries ranging from pharma to entertainment to electronics, the success of an organization is often directly tied to its intellectual property. However, many companies don’t effectively determine whether their products or internally developed solutions constitute protected intellectual property until there is a need for enforcement action.

It’s better (and easier) for a company to identify its intellectual property and trade secrets at the outset than it is for a company to retrofit its intellectual property and trade secrets to a bad event. Waiting until intellectual property is misappropriated delays enforcement, and is generally less successful overall than defining intellectual property early on. After identification, it is also important for an organization continually to evaluate how it safeguards its intellectual property. If a company proactively identifies and protects its trade secrets, enforcement efforts, if necessary, will prove much easier—even more so when a detailed response plan is already in place.

Stroz Friedberg has been called upon to help clients at distinct points in the IP lifecycle, and helps its clients and counsel think strategically and mitigate risks such as insiders, hackers and even simple negligence. This posting is designed to give the reader a quick overview of Strategic Intellectual Property Protection Services—from identification, to prevention, to enforcement. SIPPS is a complete misappropriation readiness solution.

Identification

If you are a regular reader of this blog, you know that a company’s intellectual property is vulnerable while it is still being developed: “The idea must be kept secret in order to enjoy the later protection,” writes Bartosz Sujecki in a previous Trading Secrets post about proposed new trade secrets in Europe, http://www.tradesecretslaw.com/2014/12/articles/trade-secrets/new-rules-on-trade-secrets-in-the-eu-the-european-commission-proposal-on-the-protection-of-know-how-in-the-eu. The relatively unstructured way in which some ideas come to life does not obviate the need to take reasonable steps proactively to identify and protect trade secrets. See, e.g., http://www.tradesecretslaw.com/2015/07/articles/trade-secrets/trade-secret-protection-what-are-reasonable-steps/. Without early and robust identification, trade secret enforcement down the road often proves far more difficult.

Understanding early on the way in which the law protects intellectual property is not always an easy task. The identification process should not be kept so secret that outside experts are not called in to help. Leveraging outside experts at the early stages—with the same physical and technical controls in place that safeguard early development intellectual property from insider and outsider threats alike—will best position the company to evaluate whether secrets should remain confidential, be prosecuted as patents, or otherwise be afforded  special protection. Meanwhile, critical development employees are left to focus on the creative production and refinement of the intellectual property itself.

When an organization can identify its trade secrets early, the organization will be better prepared to safeguard those secrets. Such early identification of trade secrets helps ensure that the company is taking reasonable steps to protect its intellectual property, which in turn demonstrates the history of diligence necessary to successfully pursue legal remedies down the road.

Protection

After the arduous process an organization undergoes to define its intellectual property, it needs to apply the same diligence and focus to protecting it. Protecting intellectual property involves a combination of people, process, and technology. How is it segregated within the company’s environment? Who has access to it? How are permissions and access controlled? What technologies exist within the environment to monitor unauthorized access? How well do the organization’s existing policies and procedures protect it?

This may also be the ideal time for a security risk assessment to ensure that no physical or technical vulnerabilities exist at the end user or enterprise level that would make data exfiltration possible. No one wants to see a competing product come to market two weeks after theirs—but it does happen.

Enforcement

Having a well-developed enforcement plan of action around identified and protected intellectual property before a misappropriation event occurs makes all the difference in the world. Seeking inchoate relief to immediately block a perpetrator from misusing valuable intellectual property involves stringent timing and other requirements. Organizations that have invested time and energy in working with experts to tailor a readiness position are better equipped to meet those requirements—especially when necessary business stakeholders, outside counsel, forensic experts, and even source code specialists are lined up and at the ready to react, engage, and pursue relief.

Assistance with Trade Secret Strategy throughout the IP Lifecycle

Intellectual property is always vulnerable to some degree, but the more proactive a company is, the better it can harness the value of its assets. With a thorough understanding of your intellectual property—where it is located, how it is protected both legally and digitally, and how you will respond in the event of theft—you will be best positioned for whatever challenges come your way. Leverage outside expertise throughout the process, and use the same experts who are familiar with your intellectual property lifecycle to help enforce your rights.

As experts who have helped organizations deal with the aftermath of data breaches and computer crimes, we have witnessed firsthand how crucial it is to be prepared—but even in the aftermath of a breach or theft, we focus on more than just dealing with the aftermath, and work on developing new solutions that could be used to help organizations in the future. For example, while helping a video game engine developer win a trade secret case (see: https://www.elys.com/case-studies/an-epic-battle-of-game-giants), we wrote proprietary software tools that could compare source code versions across repositories.