As Digital Transformation Accelerates, The Risk of Theft of IP Grows
By: Mohie Ahmed
Over the past two decades, with the rise of the Internet and the growth of cloud services, enterprises, and organizations, including government agencies, have transformed the way they do business and serve their constituents. Nearly everything can be found online today, and content being shared on the most secure private networks has been compromised through cyberattacks, including those initiated by insiders.
While identity theft and ransomware attacks continue to challenge organizations given the financial gains bad actors can benefit from, the cost of the theft of Intellectual Property (IP) has huge consequences when it comes to everything from business strategies, transactions underway at publicly traded companies, formulas including most recently vaccinations against the COVID-19 virus, and more.
Businesses and government agencies spend billions of dollars developing their plans, products, and platforms and do their best to protect them by filing patents while also marking documents confidential, sensitive, and top secret. Their employees are trained to handle sensitive information carefully, to share only on a “need to know” basis and to make sure their devices and applications are secured at every endpoint.
With all these measures in place, including strict policies and training, the theft of IP is on the rise, driving demand for tracking and control, especially in highly regulated fields.
Given the reality of globalization and the determination of nations to compete for economic advantages and financial strength, the management of IP is more important and necessary than ever. Given our technological and information revolution, especially with emerging technologies including artificial intelligence, IP protection needs to be raised to a higher level, including the growing threats to national security.
Government agencies around the world are issuing guidance on these threats – with recommendations regarding the use of software to detect attacks and protect IP by applying access privileges and tracking how the storage and sharing of IP documents and databases are being accessed – by whom, from where, on which device, at what time of day, and more.
Last year, the risks grew exponentially. The sudden shift to remote work in response to the COVID-19 pandemic only worsened the IP theft trend, from reports of state actors attempting to steal pharmaceutical secrets associated with the development of vaccines and therapeutics to organized cybercriminal rings quickly identifying the gaps in security, enabling them to attack directly or lure insiders with credentials to cooperate with them in the chaos.
A Bitglass research study, covering thousands of companies worldwide, found the following late last year:
- While 73% of enterprises believe that cloud applications are as secure or more secure than on-premises apps, 63% are concerned with data privacy and confidentiality in the cloud—an indication that while the public cloud is considered safe, organizations struggle with using it securely.
- 73% of security budgets are decreasing or staying flat over the next year, while organizations are being tasked to do more with less, demonstrating the necessity to implement cost-effective security that can secure the immeasurable number of cloud interactions.
- 50% of organizations lack visibility into messaging and file-sharing apps, providing a prime opportunity for data leakage, and 30% of organizations have no visibility or control for mobile enterprise messaging, while only 9% have security tools in place for detecting malware.
- 72% of organizations cite malware as a top concern with employees working from home, while 59% believe unauthorized or excessive access privileges are the most concerning threat vector.
How can organizations address these growing threats and attack vectors? Foundational is the implementation of Privileged Access Management technology, which addresses the increasingly complex risks in a multi-cloud world, where data is being shared at unprecedented rates, and where the physical security perimeter associated with “on-premise” working is blurring, and employees, customers, and partners are using unsecured collaboration and document sharing platforms.
In an organization, privileged users have access to IT and network infrastructure for operation and administration purposes or have access to sensitive information or assets, including customer records, employees’ payroll financial records, and company strategies, plans, and IP documents and data.
Privileged users include:
- System, database, and application administrators who have continuous and unrestricted access to a broad range of assets
- Help desk agents who have restricted access to a broad range of assets
- Business Application (e.g., ERM, Salesforce) users or users of an organization’s social media (e.g., LinkedIn, Twitter) accounts
- Nonemployees, such as vendor support, consultants, contractors
It is impossible to govern these teams and all employees who deal with confidential and sensitive information without software automation, which is why we built and continue to develop the Ironsphere platform.
Our approach is modern, flexible, and straightforward to implement and scale.
Instead of limiting the use of specific remote access applications, Ironsphere’s platform allows users to continue using their favorite apps, such as MSTSC, secureCRT, Toad, or FileZilla, from their own computers, without having to adjust their daily routines.
Single source of truth
Most solutions create an internal shadow copy of users and assets and attempt to keep them in sync with the enterprise directory services and asset inventory applications. Ironsphere’s solution continuously discovers assets and user updates through the enterprise’s applications, therefore eliminating synchronization errors.
Most solutions display all the system and infrastructure information to users, sometimes storing it on the user’s computer. Ironsphere selectively displays the information the users are authorized to access and does not store any enterprise infrastructure data on the user’s computer.
Widest support range for protocols
Ironsphere not only manages who can access which system, under what restrictions, but also tracks in-session activities and stops attacks and misuse, including DB and web sessions.
The theft of IP not only benefits competitors and adversaries but can even destroy businesses and agencies if not managed carefully, if not fully protected, and if not fully auditable. As the world continues to address the many economic and health crises 2020 brought to the forefront, it has never been more important to protect all we connect, and software innovation makes it possible to continue “digital transformation” while avoiding the risks through comprehensive security programs, policies and software-driven governance.
As Attacks on Infrastructure Continue to Intensify, Cyber Security Leaders Call for Further Investment
This past week Colonial Pipeline company, which operates a pipeline that carries gasoline, diesel fuel, and natural gas along a 5,500-mile path from Texas to New Jersey, was forced to take itself offline after being attacked by a criminal cyber gang. The Colonial Pipeline, which carries 2.5 million barrels a day, nearly 50% of the East Coast supply of diesel, gasoline, and jet fuel, is still working to restore service and gain access to its systems after the malicious cyberattack while its four mainlines remain offline.
As Infrastructure Week Begins in the US, A Massive Ransomware Attack Drives the US Government to Enact Emergency Legislation
The US government issued emergency legislation earlier this week after the largest fuel pipeline in the US was hit by a ransomware cyberattack.
Buy it Wholesale, Sell it Retail: How MSPs and MSSPs can Benefit from Multitenancy Cyber Security Solutions
Managed Service Providers (MSPs) and Managed Security Service Provider (MSSPs) have a stressful job. They must provide cybersecurity solutions to their clients, protecting them from a broad and growing range of threats, and ensure their customers’ networks, equipment, data, systems, people, and reputations are insulated from malicious forces.