Intellectual Property Security: Don't Lose Your Head

Intellectual property isn't always easy to identify. It's even harder to protect. Here's how CSOs can work with others to protect their companies' future.

1 2 Page 2
Page 2 of 2

Uslan's audits resemble an ambush by friendly guerrilla forces. He and his team bring in a group of tactical IT security experts specializing in whatever operating system or software program Uslan is auditing at the time. (The company's network and systems administrators are extremely competent, he emphasizes, but their job is to keep Sony's systems up and running, not to analyze security—hence, the specialists.) The group of experts descends on each Sony location and begins auditing at the macro level, analyzing the company's servers and operating systems, checking for known weaknesses, and patching where necessary. Then it moves a step down, looking at every software program and every network port, testing as it goes. Afterward, Uslan meets with the network and systems administrators to tell them about any new problems or vulnerabilities discovered during the audit. "It's not an antagonistic event," he says. "We tell them what we found, how we found it, the tools we used and how they can patch the systems to prevent more holes from occurring. By the end, we've got them excited. And we've helped make both the systems and the administrators stronger." As soon as the group completes one audit, it's on to the next location to begin the process again.

Uslan understands why he needs to keep more than his finger plugged in the proverbial dike. IP loss affects everyone at Sony and beyond. "IP theft means revenue that we can't pass down to the script writers, the prop masters, the costume designers, all the people who work hard on films," he explains. "When someone gets a movie for free on the Web, for instance, instead of going to a theater, it's a slap in the face." He's also seen what happens when people get complacent about IP security. "It's when you think you've got all the bases covered that something big goes wrong. You have to stay on top of the process."

It's easy for CSOs to place the protection of ideas a lot lower on the priority list than protecting buildings and employees. Like Uslan says, CSOs get comfortable protecting what they know. Still, "intellectual property is what keeps your company viable in the market," says the National Intellectual Property Law Institute's Chandler. "And CSOs must make protecting intellectual assets one of their highest priorities." Nothing less than the future of your company depends on it.

Copyright © 2003 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
The 10 most powerful cybersecurity companies