InfoDNA built our Topla Intensify product to encapsulate a consistent and complete way for organizations to uncover and consolidate their unstructured information. But between:
- Technology advances
- Mergers-and acquisitions
- People moving on
- Shadow IT
- and so much more…
Most organizations have a ‘data swamp’ where you cannot find, not sure if you have the right version and do not believe you find everything when it is needed. But intellectual capital (IC) protection far outstrips them all in terms of how difficult and how critical it is to address.
This might cause some IM professionals to <pause>. But with the increasing number of high profile breaches, the growing pressure to manage consumer and employee data better, and the rapid growth of content sprawl, it’s time for IM professionals to <un-pause>.Any other IM challenge they can imagine pales in comparison to what they’ll face when they try to manage IC better. And the risk of failure isn’t simply a fine or bad PR. It’s going out of business — or worse, the loss of critical US technology to nation states or other global actors.
Protecting Intellectual Capital isn’t Easy
IC is difficult to protect for a number of reasons:
- IC is not a hard and fast category like protected health information, payment card information or personally identifiable information. What constitutes IC will vary by industry, product, process or function within an organization. Sure, some IC is clearly IC (e.g., a design for a cutting-edge product, patent information before it’s been approved, strategic planning documents), but a lot is less clear cut. Is a price list IC? Maybe — if you’re in a business where your ability to tailor pricing is a competitive advantage. But it might not be, for example, if you’re in a business where your product is a commodity and pricing is set for you (think oil), or where your product is so in demand that pricing isn’t an issue (Apple iPhone). The situation is similar with process documentation, customer lists, research, operational data, etc. All of these could potentially be IC, but also might not be depending on industry and organizational context.
- There isn’t a single technology that can protect IC across its life-cycle in all the locations and formats it can exist. Documents, drawings and the like. Each format needs different kinds of protections, enabled by varying (and often overlapping) technologies.
- Protecting 100% of IC is not an option – it would put an organization out of business since all organizations need to collaborate with external parties to operate, and even to collaborate on IC. Completely locking IC down would make working with suppliers, contractors and joint venture partners impossible.
- No amount of technology and controls can completely remove the human element. Well-meaning employees who make mistakes as well as bad actors will always be able to thwart your best efforts to some degree, no matter how much you try to prevent it.
As scary as the difficulties in protecting IC can be, the costs of failing to do so are far scarier. For an organization, IC leakage can mean losing things like:
- A product design to a competitor who gets it patented first or who is able to produce knock-offs.
- Merger-and-acquisition documentation – whether it is from the past-and-dormant or currently-in-flight.
- Operational data that provides insights into a business’s costs, margins and revenue.
The negative impact of all of these scenarios is significant and could even lead to an organization going out of business. For society, however, IC leakage from organizations can have even more significant costs. If it ends up in:
- Hands of foreign companies. The revenue they generate and the market share they take from US companies would erode US GDP, weaken the US economy and lead to loss of jobs (as the companies that lost IC may contract and shed jobs).
- Hands of nation states hostile to the US. Their ability to strengthen technology or other capabilities would make them stronger and increase the threat they pose to our security.
- Hands of non-state actors hostile to the US. It could enable them to more effectively attack US military and citizens as well as critical infrastructure in the US and abroad.
We see too many organizations waiting to address IC protection until something bad happens, such as when an employee steals IC or IC is lost due to a breach. But IC loss is often invisible to an organization because those who steal it aren’t usually going to let you know they did. You have to wonder whether copycat products, eroding margins or increased competition is due to IC loss or other factors. So it’s better to begin taking IC protection seriously today. Given the high cost of doing nothing, inaction isn’t an option.