IP Wales is indebted to the UK Intellectual Property Office for this invitation, as an “industry expert from the world of IP”, to explain on its blog for its readers these important matters.
The introduction into UK law of the Trade Secrets (Enforcement etc.) Regulations 2018 has proved a useful reminder to all firms, whatever their size, that trade secrets can be a valuable business asset.
Questions addressed for businesses during the course of the article include:-
How do I recognise my trade secrets?
What constitutes the “reasonable steps” now demanded of business in order to protect their trade secrets?
How does a business legally preserve its trade secrets?
Why is it important to educate and train staff about trade secrets?
How does my business risk manage its cybersecurity?
The online threat to trade secrets during the current pandemic has never been greater, which is why IP Wales has developed free guidance to help SMEs better manage their IP cybersecurity.
IP crime is traditionally viewed as counterfeiting (false branding) and piracy (illegal copying) but cybercriminals (& some state players) are increasingly coming to recognise the value of confidential data held by businesses, be it sensitive information about the business operation (trade secrets) or customer information such as passwords and credit card details (made even more topical with the arrival of the EU General Data Protection Regulation 2016).
These attacks on confidential data are happening globally with increasing rapidity and ever more complexity. Zero-day vulnerabilities (where hackers have discovered and exploit a software security breach before a fix is available) are increasing exponentially.
In response our award-winning business support initiative IP Wales has launched a new Online Initiative 2017-2020, the aim of which is to help small/medium sized enterprises (SMEs) to protect their IP from online threats.
SMEs are particularly vulnerable to cyberattack, with our research (commissioned by the Welsh Government) showing that many take little or no precautions against cyber threats, in the mistaken belief that they are too small to attract the cybercriminal’s attention, or that they don’t possess any data worth stealing. Examples of cyberattacks on SMEs have included:-
• IP ‘Theft’ (i.e. trade secrets), the loss of which seriously undermines a company’s attractiveness to both investors and prospective buyers of the business.
• Ransoming of Data, where the business is coerced into paying off hackers in order to retrieve or access stolen or encrypted data.
.• ‘Theft’ of Customer Data (including payment details) which exposes the business to lawsuits, regulatory fines for improper handling of personal data, and reputational damage.