Trade Secrets and How to Manage the Enemy Within.
Trade secrets are the most valuable, coveted yet risky assets within your business.
Your people pose the greatest threat to your trade secrets but also offer the best defence!
Most information security and trade secret programmes tend to focus their efforts in the wrong areas:
The Corporate Response is to Focus in The Wrong Areas
Good People Doing Bad Things
The biggest trade secret and information security risk to any business is ‘good people doing bad things.’ That is a) your people over-sharing in error, b) being manipulated to over-share, c) 72% of employees take material with them when they leave because they think it’s theirs, There is a final category and that is d) good people being pushed to the edge by over work or other stresses and kicking back against their employer who they blame as the source of their issues. These threats are very real in any business today.
So, What are the Jobs to be Done?
Training.
The goal is to have your people understanding IP and trade secrets, actively capturing more and defending what you have.
‘Train people well enough so that can leave. Treat them well enough so they don’t want to’ Richard Branson
Happy People.
This is the tricky one, how do reduce the likelihood of people ‘going bad’ and acting against the best interests of your business?
72% of ‘let go’ employees leave unhappy!
59% of employees think their work is theirs to take with them!
The Baseline IP Understanding is Low
Let’s be honest the general level of understanding about intellectual property (IP) is pretty low, for example I often hear people using all the terms in the wrong places like copyrighting a patent. If the level of understanding of IP is poor then the level of understanding of trade secrets is even worse. What this means is that people are not sure what to do and hence do nothing.
How does this compare to your business?
If people know the red zones and keep out of those red zones then your information and trade secrets are going to be safer for longer. Remember most people like to help and be valued, sharing information is a quick way to achieve both of these.
At Siemens all staff have IP training at least once a year.
Unbelievable? Then it is Happening to You
Awareness about manipulation techniques like flattery and stress timing is key. Yes, corporate spies are targeting your staff in all sorts of ways. LinkedIn for conference speeches. What about their weak spot when they let their guard down (bubbles) on international travel? Late Friday phone calls sounding very much like your boss asking for ‘that document’, (you want to get to your friend’s party, and they know – they have tracked it on social media). Etc. etc.
How About the Coder who is Sleep Deprived and ‘Close To The Edge’?
Are your R&D managers also good people managers or are there problems brewing? Burned out, tired, distracted, employees pulled in too many directions might just strike back!
“Our CTO wants $10 million by tomorrow or he’ll wipe the code, repos and post all internal conversations online.”
Key man risk: our CTO gave us an unexpected ultimatum — and it was every tech CEO’s worst nightmare
‘Later our CTO appeared on the call rather acquiescent. He explained how he was at the end of his tether and wanted an exit. A fair ask I thought, given how hard he had toiled. What bothered me was the finality of his decision. His threats weren’t just a flash in the pan. The reasons behind them had incubated over the years.’
Can you spot the signs? Are certain people more vulnerable than others?
Your people pose the greatest threat to your trade secrets but also offer the best defence!
I hope this helps explain why I believe information and trade secrets security starts and ends with people management.
Happy to share more just get in touch.
John
P: +44 7587 885 131
https://www.linkedin.com/in/john-pryor-gb
Leave a Reply