In Depth

Don't Lose Your Head

By Simone Kaplan

April 01, 2003CSO — Pity the CSO. His worth is often measured by what doesn't happen on his watch. And he's often asked to protect things you can't see.

If you think it's tough to secure a building or a network, try protecting an idea. Ideas are invisible; they have a habit of working their way into conversationsand not always with the people who should be hearing them. They can get lost or stolen without anyone knowing they're even gone until your competitor beats you to market with an innovation you thought was yours alone.

Yet ideas are much more valuable than many of the tangible assets a CSO is sworn to protect. Intellectual property can be anything from a particular manufacturing process, plans for a product launch, a chemical formula or the names of the countries in which your patents are registered. In short, this kind of intangible proprietary information can amount to nothing less than your company's competitive future.

More and more, protecting such assets falls within the job description of the CSO. However, sometimes intellectual property ranks lower on a CSO's priority list than other security concerns, not because it is any less important but because it's just so hard to wrap your brain around. Intellectual property also varies from company to company and industry to industry. A CSO in the entertainment industry, for example, is not necessarily going to look at IP loss and theft in the same way as a CSO at a chemical companyso CSOs will approach protection of their companies' assets differently.

The upside is that IP loss, and how it happens, is predictable. Which means you can act preemptively. But IP protection requires patience and tenacity. Like everything else in life, it's not easy. Understand What to ProtectThink of intellectual property as the lifeblood of an organization. "If a company loses its assets, it could die," says James Chandler, president of the National Intellectual Property Law Institute. Intellectual property comprises the principal assets by which a company is able to create its products or services. If those assets are lost or stolen, the company could lose its foothold in the marketplace. In fact, intellectual property theft costs U.S. companies about $300 billion per year, according to Richard Isaacs, senior vice president at The Lubrinco Group, a risk management company.

The best way CSOs can protect proprietary information is by educating themselves and their employees about what their organizations hold valuable. If all employees understand what needs to be protected, they can better understand howand from whomto protect it. To do that, CSOs must communicate on an ongoing basis with the executives who oversee intellectual capital. Meet with the CEO, COO and representatives from HR, marketing, sales, legal services, production and R&D at least once a quarter, if not more often, says John Pontrelli, director of security at W.L. Gore & Associates. "You must work in concert as a group to adequately protect IP," he says, emphasizing that such communication is an ongoing process, not a onetime event.

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WEBCAST
IT productivity challenges: Google survey results

GoogleIn this webcast, Google reveals results from a survey of message security and compliance priorities and concerns. Download a free copy of the survey report after registering.

» Watch the Webcast

Featured Sponsors
Sponsored Links

Secure your virtual and physical environments with the same software.

Can Google help you save time and money in your fight against spam?

An Executive Guide to Understanding Hosted Messaging Systems

ITCi White Paper: Challenges and Opportunities of PCI

The PCI Data Security Standard

Hardware-based security. That's IT as it should be.

A Guide to Providing Proactive Protection to Consumer Online Transactions

Webcast: Best practices in application security: How do you stack up?

White Paper: Use DAM technology when there is a need for granular monitoring.

This white paper presents document security strategies and best practices

IT Service Management: Metrics That Matter

White Paper: Learn more about how you can use compliance as a means of competitive differentiation.

Simple, Economical Server Virtualization For Any Size Company

Global Companies' Best Practices for Security and Compliance

Diebold: Frost & Sullivan Global Physical Security Systems Integrator of the Year

Tripwire PCI DSS Solutions: Automated, Continuous Compliance

Gene Kim's Practical Steps to Mitigate Virtualization Security Risks

Eliminate network threats and downtime with Juniper Networks. View demo

Configuration Audit and Control for Virtualized Environments

Webcast: learn results from an annual Google message security survey of 575 global IT professionals

This whitepaper describes how you can test your Web applications with virtualization

Read The Evolution of Application Security in Online Banking White Paper

White Paper: Learn how to use Adaptec(R) Snap Server(TM) with MOBOTIX IP Network Cameras

Compliance: Moving From Mandate to Differentiator White Paper