The recent Google vs. Uber self-driving car litigation has brought trade secret theft into the news again. I have blogged on this topic before. In this post and the next three I will take a deeper dive into trade secret theft and how you can reduce the chance you will be the next victim.Trade secret theft is one of the major cybersecurity risks of our time. Organizations now lose nearly $300 billion per year due to theft or misappropriation of intellectual property. Compare this with the total 2013 US exports to the EU of $241 billion.\u00a0 Organizations being attacked and making news recently, besides Google and Uber, include Best Buy, Sony Pictures, America\u2019s Home Kitchen, Nortel, Goldman Sachs, RSA, Lockheed, AMSC, Coca-Cola, QinetiQ, NSA and many other commercial and government agencies.Last year's Tata software theft from Epic made news after a $940 million judgement against Tata. Intellectual property theft incidents are often cyber-enabled. It is simply much easier to take a 1TB drive of data, rather than 100,000,000 sheets of paper. It can be even easier to remotely download this data from across town or the world.To protect your trade secrets, your organization must engage in diligent security practices to prevent improper disclosure of your confidential information and proprietary technology. These security practices must be tailored to the nature of trade secret theft. But that will not be enough. Diligent application of legal controls and procedures must accompany information security controls. Together these can combine to prevent a loss of trade secrets or, worst case, give your organization a better chance of winning a trade secret law suit.In this post, I will define trade secrets and the risks of trade secret theft. In the next post, I will provide a brief primer of trade secret law, for non-lawyers. Next, I analyze the root cause of recent trade secret thefts. Finally, in Part 4, I will outline some of the legal controls and technology controls your organizations should adopt, if your organization has trade secrets to protect.\u00a0\u00a0So, what is a trade secret? A trade secret is a form of intellectual property (IP), with three characteristics:It is information that has commercial valueIt is not easily ascertainable by others through proper meansIt is subject to reasonable efforts to maintain that information in confidence or secrecyThe other forms of IP include patents, copyrights and trademarks. All trade secrets fall into the category of \u201ccompany confidential information\u201d. However, not all confidential information represents a trade secret. If company A has a contract with a cloud service provider, that contract may well be confidential, but not rise to the level of a trade secret. Each firm must define what it considers to be a trade secret and then protect that information accordingly. A trade secret must receive a higher level of protection than general confidential information.Examples of trade secrets include: recipes, software source code, software architecture, engineering piping diagrams, sales playbooks and all manner of engineering drawings. Trade secret recipes include Famous Amos cookies (owned by Kellogg\u2019s) and many others. In a recent trade secret issue, Hemlock Semiconductor claimed that a consultant it had hired, visiting its Tennessee polysilicon factory, took improper photos and stole manufacturing related trade secrets. Donald Trump claimed that his Trump University marketing playbooks were trade secrets, but, because a playbook had already been posted on the internet, he did not prevail in this dispute.Trade secrets fall into a class of assets known as \u201cintangible assets\u201d. One major goal of information security is to defend these assets. Businesses often are more familiar with physical assets such as plants and machinery. However, looking at corporate investments in aggregate, intangible assets are acquiring astronomical valuations.\u00a0 Software rules and not just in unicorns. According to advisory firm Ocean Tomo, 87 percent of the market value of the S&P 500 is now in the form of intangible assets.Upcoming:\u00a0 In the next post, I will review what you need to know about trade secret law.