press conference room,IP, cyber security

Press releases

Intellectual property cyber theft expected to rise

Deloitte poll indicates insider threats are a top concern

NEW YORK, Oct. 25, 2016—The number of intellectual property (IP) cyber theft incidents in the next 12 months is expected to increase, according to 58 percent of respondents to a recent Deloitte poll. When asked which category of potential adversary they believe is most likely to attempt theft of their organizations’ IP, the prevailing percentage of respondents (20.1 percent) answered “employees or other insiders.” Yet, only 16.7 percent of respondents said access to IP is very limited, on a need-to-know basis only.

“While many of us know—or have experienced firsthand—how a cyberattack can severely disrupt business, loss of an asset as critical as IP can be crippling for most organizations,” said Don Fancher, principal, Deloitte Financial Advisory Services LLP, national leader, Deloitte Forensics & Investigations, and Deloitte Forensic leader, Deloitte Global. “Managing risks to trade secrets, drawings, plans, or proprietary know-how that drive your organization’s revenue and competitive advantage often includes quantifying how loss of that IP would impact the business, preparing to identify and pursue adversaries, and building a defensible chain of data custody to counter future IP cyber theft threats.”

As cited in the Deloitte Review article, “The hidden costs of an IP breach: Cyber theft and the loss of intellectual property,” IP can constitute more than 80 percent of a single company’s value today. And yet, 44.1 percent of respondents to the Deloitte poll collectively feel that assessing the impact of IP loss and managing relationships would be the largest challenges faced by their organization. Sectors expecting a higher than average increase in IP cyber theft in the next year included: Power and utilities (68.8 percent); telecom (68.8 percent); industrial products & services (64.7 percent); and automotive (63.9 percent). Those sectors expecting higher than average insider IP theft attempts included: Automotive (32.2 percent); oil & gas (27.2 percent); and real estate services (26.2 percent).

Tips for assessing the potential impact and protecting against intellectual property loss include:

  • Define the critical assets (e.g., facilities, source code, IP and R&D, customer information) that must be protected and the organization’s tolerance for loss or damage in those areas.
  • Validate that any partners or suppliers involved in IP creation or utilization collaborate with the cyber risk program.
  • Evaluate whether exposing some IP in the public domain may make the organization more subject to attack.
  • Consider whether the competitive landscape points to new cyber threats to IP protection.
  • Improve cyber resilience to manage brand impact and market position in the event of IP theft.

Taking a holistic approach toward cybersecurity isn’t just about balancing technical expertise with information technology investments, or about contingency planning. Organizations need to define their cyber risk, up front, in conjunction with their strategic priorities when making decisions on protecting their most critical assets because they recognize what the adverse consequences would be otherwise.

Adnan Amjad, Cyber Threat Risk Management practice leader for Deloitte Advisory Cyber Risk Services and partner at Deloitte & Touche LLP added, “Predicting IP data theft is tough, as adversaries don’t fit one specific mold. A robust insider threat mitigation program leverages a broad set of stakeholders to define potential insider threats and risk appetite, establish appropriate policies, procedures, controls, and training and utilizes the combination of business knowledge, virtual and non-virtual data, and technology to more effectively safeguard vital information.”

Here are key considerations for building an insider threat mitigation program:

  1. Define your insider threats: Don’t be surprised if your organization hasn’t defined what an insider threat is.
  2. Trust but verify: Establish routine and random auditing of privileged functions, which are commonly used to identify insider threats across a broad spectrum of threats in a variety of industries.
  3. Connect the dots: By correlating precursors or potential risk indicators captured in virtual and non-virtual arenas, your organization can gain insights into micro and macro trends regarding the high risk behaviors exhibited across the organization.
  4. Stay a step ahead: Insiders’ methods, tactics, and attempts to cover their tracks will constantly evolve, which means that the insider threat program and the precursors that it analyzes should continuously evolve as well.
  5. Set behavioral expectations: Define the behavioral expectations of your workforce through clear and consistently enforced policies.

“As the cybersecurity conversation begins to shift from a focus on technology to a broader discussion involving all essential business functions, an organization’s insider threat program should evolve in a similar way,” concluded Amjad.

About the online poll
More than 2,500 professionals participated in a Deloitte Dbriefs webcast, titled “Cyberattackers and your intellectual property: Valuing and guarding prized business assets,” held on September 28, 2016. Poll respondents were from sectors including banking and securities (13.5 percent); technology (8.4 percent); investment management (6.1 percent); travel, hospitality and services (5.4 percent); insurance (5.1 percent) and retail, wholesale and distribution (5.0 percent).

About Deloitte Advisory Cyber Risk Services
Deloitte Advisory's Cyber Risk Services help complex organizations more confidently leverage advanced technologies to achieve their strategic growth, innovation, and performance objectives through proactive management of the associated cyber risks. With deep experience across a broad range of industries, Deloitte Advisory's more than 3,000 cyber risk services practitioners provide advisory and implementation services, spanning executive and technical functions, to help transform legacy IT security programs into proactive, secure, vigilant, and resilient cyber risk programs. Deloitte Advisory cyber risk services works with our clients worldwide to better align cybersecurity investments with strategic business priorities, establish improved threat awareness and visibility, and strengthen the ability of organizations to thrive in the face of cyber incidents.

About Deloitte Advisory
Deloitte Advisory helps organizations turn critical and complex business issues into opportunities for growth, resilience, and long-term advantage. Our market-leading teams help our clients manage strategic, financial, operational, technological, and regulatory risk to enhance enterprise value, while our experience in mergers and acquisitions, fraud, litigation, and reorganizations helps clients emerge stronger and more resilient.

As used in this document, “Deloitte” and “Deloitte Advisory” means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. These entities are separate subsidiaries of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

Media contact:

Lauren Hallman
Public Relations
Deloitte Services LP
+1 215 282 1213

Did you find this useful?