Category Archives: Intellectual Property

Immediate Vault Immediate Access

Aon’s Top Cyber Threats for 2019 Revealed

Posted on by

Companies’ cyber risk profiles should be updated in tandem with each new digital technology that it embraces, according to Aon in its 2019 Cyber Security Risk Report. The scale of attacks and their impact on organizations is intensifying, and as recently reported, are becoming less predictable. Ransomware attacks may have peaked in 2018, as industry experts have noted, which sent malicious actors reverting to good old fashioned digital extortion, albeit with a slight twist.

Adopting a proactive outlook is the best way for companies to respond to the complex and changing set of cyberrisks, said Jason J. Hogg, CEO of Aon Cyber Solutions.

“To better prepare against attack, organizations should continually assess their overall cyber risk profile, remediate where recommended and proactively manage their defense,” Hogg said.

The report discusses eight prominent areas where organizations are expected to face cybersecurity threats this year.

  1. Technology
  2. Supply Chain

  3. IoT
  4. Business Operations
  5. Employees


  6. Mergers & Acquisitions
  7. Regulatory
  8. Board of Directors

Q&A With New National Cyber Security Alliance Executive Director Kelvin Coleman

Posted on by

The National Cyber Security Alliance (NCSA) announced that its new executive director is Kelvin Coleman, who has held high-level positions in the United States Department of Homeland Security, and the National Security Council.

Coleman’s appointment puts him in charge of the country’s leading cybersecurity and privacy protection education and awareness organization, responsible for leading organizational growth; facilitating strategic partnerships and alliances with government, industry and non-profits; and acting as NCSA’s primary spokesperson.

He discussed with Risk Management Monitor the types of cyberrisks he follows, preventative measures and upcoming NCSA events and services.

What are the biggest cyberrisks facing businesses today? How do you plan to advise or collaborate with business leaders to combat them?

buy azithromycin online metabolicleader.com/p7pmm/img/jpg/azithromycin.html no prescription pharmacy

Some of the biggest cyberrisks facing businesses today include email threats, employee activity and vendor security. When it comes down to addressing cyberrisks targeting businesses of varying sizes, everyone needs to start with the basics. It is imperative to get leadership on board with recognizing that cyber resilience is more than just taking technology-focused measures, but also modifying processes and behaviors at all levels in the organization.

What are the attacks that are easiest or most difficult to prevent?

The answer to both is phishing. Attacks come in through three different ways – people, products, and processes. A great product can hold attackers at bay. Similarly, great processes can mitigate a threat. Human beings are the wild cards. People are both the easiest to control and the most difficult, especially when it comes to phishing attacks. One of the NCSA’s tips is “when in doubt, throw it out.” We try to make sure folks understand that if they are not familiar with a link or a website, they need to delete it or ignore it.

At NCSA, our focus is on the human side of cyberattacks, and we work to get people to change their behaviors as well as understand the processes for keeping their devices and online accounts safe, particularly as phishing attacks become more sophisticated.

Speaking of the human side, which professionals are most exposed to cyberrisk?

All of them. Cybersecurity needs to be embedded into the company culture from the most entry-level positions to the most senior, because hackers can access information at any level. We’re all vulnerable, from the break room to the boardroom. We often tell small business owners that they must also train their employees to recognize malicious links and emails, as employees can often be the weakest link when it comes to cybersecurity at the office.

What is your reaction when you learn that the information of 500 million Marriott guests may have been exposed?

Marriott is a great example of a company doing as much as it can to prevent an attack but still being targeted. They were not laissez-faire about their security. So, I see it as a warning for everyone to remain extremely vigilant in the face of increasing numbers of cyber attacks. If it happens to Marriott, we’re all vulnerable to an attack of this nature.

Small businesses seem just as susceptible to cyberrisk as large ones. How would you advise small businesses to protect themselves?

buy diflucan online metabolicleader.com/p7pmm/img/jpg/diflucan.html no prescription pharmacy

Small businesses are more at risk and they often have information, such as customer data, that’s just as valuable to hackers as that of the customer data from large corporations. Small businesses often don’t have the resources to invest in a prevention plan, nor do they have the capital or leadership or knowledge about cybersecurity. This is why they’re often targets for hackers.

Our advice for small businesses doesn’t vary much from what we advise to all people: Keep a clean machine by keeping software updated, use stronger authentication and passwords, recognize and avoid phishing links, etc. If [a small business] decides to hire a third-party vendor for cybersecurity, we advise them to do their research and hire a reputable vendor. We also encourage them to attend our regional CyberSecure My Business events in their local community, or take part in a CyberSecure My Business webinar.

What new initiatives or campaigns will you be overseeing for in 2019?

In 2019, our overarching goal is to empower individuals and – at the same time– focus on educating businesses to respect privacy, safeguard data and enable trust. This means that consumers need to know how organizations collect and use personal information and companies of all sizes need to be transparent and communicate in an accurate and consumer-friendly language to their customer base.

buy keflex online metabolicleader.com/p7pmm/img/jpg/keflex.html no prescription pharmacy

We will share key messaging and provide actionable tips to help protect privacy. NCSA and our highly engaged partners will host numerous events that will shine a spotlight on the rapidly changing technology landscape and forging ahead toward the future of privacy. We plan to engage industry leaders with diverse perspectives to address opportunities and challenges. In addition, we will soon be launching our Champions program which is a way for both individuals and businesses to officially show support. We expect to launch the Champions portal – along with additional Data Privacy Day information – in mid-December 2018.

What changes or improvements are in store for National Cyber Security Awareness Month (NCSAM)?

I don’t believe NCSAM needs a shiny new toy each year. Our plan is to engage a much larger audience. NCSAM continues to reach more and more people every year, but there are still significant numbers of Americans who need to hear our message – not just during October but throughout the year. We want to connect these folks more with our proven tips for staying safe and secure online. Our goal at NCSA is reinforcing our cybersecurity best practices among a broader audience to better impact online behavior.

Businesses Ignore Significant Cybersecurity Risks to Proprietary Data

Posted on by

Knowledge assets are critical to any business remaining functional and competitive, yet this data is routinely exposed to the risk of theft and overlooked in cybersecurity risk management. According to a new report from the Ponemon Institute and law firm Kilpatrick Townsend & Stockton, the organizations are increasingly ineffective at safeguarding data like trade secrets, product design, development or pricing, and other proprietary information.

As breach notification laws, regulatory requirements, and reputation considerations draw more focus to cybersecurity surrounding personal data of customers or personnel, businesses are leaving more risk on the table regarding their most valuable assets, and that risk has a notable price tag.

In the past year, the average cost of remediating these attacks was about $5.4 million, and half of respondents estimated the maximum cost would range over $250 million, with seven out of ten placing it over $100 million. What’s more, on average, respondents believe only 35% of the losses resulting from knowledge asset theft would be covered by their current insurance policies.

The primary drivers of these costs, respondents said, were (out of 100 points):

knowledge asset theft costs

Why are so many businesses failing to take action against the risks to knowledge assets?

knowledge asset data theft risk

Among the findings, the report noted:

  • Theft is rampant. Seventy-four percent of respondents say it is likely that their company failed to detect a data breach involving the loss or theft of knowledge assets, and 60% state it is likely one or more pieces of their company’s knowledge assets are now in the hands of a competitor.
  • Companies don’t know what they need to protect, or how to protect it. Only 31% of respondents say their company has a classification system that segments information assets based on value or priority to the organization. Merely 28% rate the ability of their companies to mitigate the loss or theft of knowledge assets by insiders and external attackers as effective. The great majority who rate their programs as not effective cite as the primary reasons a lack of in-house expertise (67%), lack of clear leadership (59%), and lack of collaboration between different job functions (56%).
  • Executives and boards aren’t focused on the issue and its resolution. A data breach involving knowledge assets would impact a company’s ability to continue as a going concern according to 59% of respondents, but 53% replied that senior management is more concerned about a data breach involving credit card information or Social Security numbers than the leakage of knowledge assets. Only 32% of respondents say their companies’ senior management understands the risk caused by unprotected knowledge assets, and 69% believe that senior management does not make the protection of knowledge assets a priority. The board of directors is often even more in the dark. Merely 23% of respondents say the board is made aware of all breaches involving the loss or theft of knowledge assets, and only 37% state that the board requires assurances that knowledge assets are managed and safeguarded appropriately.
  • Careless employees and unchecked cloud providers are key risk areas. The most likely root cause of a data breach involving knowledge assets is the careless employee, but employee access to knowledge assets is not often adequately controlled. Fifty percent of respondents replied that both privileged and ordinary users have access to the company’s knowledge assets. Likewise, 63% of respondents state that their company stores knowledge assets in the cloud, but only 33% say their companies carefully vet the cloud providers storing those assets.

Thanks in part to the lack of action currently, there is plenty businesses can easily do to improve.

“Companies face a serious challenge in the protection of their knowledge assets. The good news is there are steps to take to reduce the risk,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “First of all, understand the knowledge assets critical to your company and ensure they are secured. Make sure the protection of knowledge assets, especially when sharing with third parties, is an integral part of your security strategy, including incident response plans. To address the employee negligence problem, ensure training programs specifically address employee negligence when handling sensitive and high value data.”

Protect Your Company from Intellectual Property Risks

Posted on by

In intellectual property management, mistakes can be extremely costly, and are, unfortunately, easy for an IP manager to make.

buy ivermectin online meadfamilydental.com/wp-content/uploads/2023/10/jpg/ivermectin.html no prescription pharmacy

The stakes are high: these could cause your company to lose its intellectual property (IP) rights, or worse, may result in competitors obtaining those rights.

buy rogaine online meadfamilydental.com/wp-content/uploads/2023/10/jpg/rogaine.html no prescription pharmacy

Here are the Top 10 IP management slip-ups that can increase these threats to your company:

  • Failure to capture an invention  With the “America Invents Act,” the United States converted to “first to file” from “first to invent.” Unlike the olden days, the first one toCopyright file a new invention—not the first to invent it—gets the rights to the patent. If one of your inventors has a patentable idea and you don’t find out about it, you risk having a competitor file ahead of you.
    buy revia online meadfamilydental.com/wp-content/uploads/2023/10/jpg/revia.html no prescription pharmacy

    Your company can also be excluded from using the invention, which may be a major setback.

  • Failure to meet statutory deadlines  Once you begin the patent filing process, you must meet strict statutory deadlines to file abroad and respond to communications from the patent offices. These include conversion to non-provisional status, application filing deadlines and national filing deadlines. Miss these dates and your patent rights disappear.
  • Failure to Stay in the Loop  Are there IP related conversations and actions happening in your company that you are not aware of? While you may be diligently tracking your activities, your inventors, attorneys or outside counsel could be taking actions (or not taking actions) that you need to know about. Things can easily fall through the cracks if you are not tracking them or in the loop. This may result in expensive mistakes and potential loss of patent rights.
  • Failure to Accurately Project Costs  There are costs associated with building an IP portfolio, including outside counsel fees, filing fees and maintenance fees. Your IP program can be adversely affected if you cannot accurately project what these fees will be and budget accordingly.
  • Failure to respond to patent trademark office actions on time  During prosecution, your patent applications will receive communications from patent offices. Either you or your outside counsel must respond to these on time. Failure to take timely actions, can lead to expensive penalties and/or loss of rights.
  • Failure to properly disclose material information  In many countries, including the U.S., you are required to file information disclosure statements that include all relevant prior art. These statements need to be consistent across all of your related patent applications. Failure to make proper disclosures can result in the loss of your patent rights.
  • Failure to maintain your patent  In most countries, you must pay regular maintenance fees for issued patents or annuities for pending applications. If you miss making a payment, are delinquent, or if a payment is not properly processed, you can lose your patent rights or may have to pay significant penalties to restore your rights.
  • Failure to enforce license obligations  If you have licensed patents to others, you need to monitor the agreement and track the royalty payments. Failure to do so can result in significant loss of royalty revenue, and unlicensed use of your IP.
  • Failure to align patent portfolio to business needs  Over time, your patent portfolio will grow. At the same time, your company’s business strategy may change. You need to monitor your portfolio to make sure it is aligned with your business needs. Maintaining a portfolio of low-value patents that doesn’t support your business strategy is a bad investment.
  • Failure to account for your IP portfolio  For companies with SEC reporting obligations, it is mandatory to accurately disclose your patent assets. If you don’t have an accurate picture of your actual portfolio, you will encounter costly and embarrassing legal problems.

As the IP manager, you are responsible for seeing that these failures don’t happen. While this is a challenge, it is one that you can meet by working closely with your inventors and outside counsel. You must also be very careful to track events in an IP calendar.