Improve Your Ability to Detect Cyber-Attacks



Final in a Series from Former DuPont CISO on Trade Secret Protection for Manufacturers

Protecting your manufacturing trade secrets is a journey not a destination. It requires a holistic approach beyond purely information technology controls, which are still necessary but insufficient without user education and awareness.

Improve your organization’s threat detection by taking these four actions:

  1. Make your systems more intelligent to match threat intelligence.

    To match your improved knowledge and understanding, make your IT systems more intelligent as well. Security information and event management (SIEM) solutions provide real-time analysis of activity logs and high risk alerts generated on the network. Start by pointing these intelligent systems at your highest value assets or highly privileged users such as plant operations or R&D labs.

  2. Improve IP egress controls as your capabilities mature.

    Evolve your organizational mentality from keeping the bad guys out to keeping the crown jewels from leaving. Data access and egress controls on your information flows can also benefit from greater intelligence. Your enterprise may want to control outbound Internet access to unsecured sites, restrict use of outbound protocols (e.g. FTP, SSH, Telnet), limit public sharing and email services for unencrypted data, or provide virtual server access where data can’t be downloaded. Intelligent monitoring of web and email content can flag and block prohibited activity before your IP is gone.

  3. Constantly improve your IP protection based on what you learn.

    Protecting your critical IP is an ongoing process of detection and response that’s continuously measured and improved over time. Even the most seasoned IT professional has more to learn, as the tools and techniques of cyber attackers are constantly evolving. Ongoing threat intelligence will help you understand the current indicators of compromise and stay a step ahead of the bad guys.

  4. No manufacturer is an island - collaborate on common goals.

    We must collaborate to protect our common interests against those who would do us harm. Consider forming a small information sharing group with other trusted security professionals in your industry. Learn to benchmark your organization’s approach against IP protection leaders with a more mature program.

The best IP Protection programs are based on solid governance, risk and compliance principles. They have the active support and participation of senior leadership. In summary, follow this checklist to establish a truly holistic IP Protection Program:
□ Establish clear policies and procedures.
□ Assign senior leadership with high level ownership of the program.
□ Create a culture where all are committed to IP protection.
□ Effectively educate everyone on both outsider and insider threats.
□ Monitor, enforce, and report IP security violations.
□ Audit the program's effectiveness annually.
□ Improve the program over time as needed.

You might want to download the complete e-book covering 5 IP protection tips with lots of current industry statistics on the common threats we face.

Read the full series:

  1. The Threats to Your Trade Secrets are Real
  2. Why Offshoring Complicates IP Protection
  3. Calculating the True Cost of IP Theft
  4. Make the Case for Investment in Ongoing IP Protection
  5. How to Form an IP Risk Committee
  6. 7 Elements of a Holistic IP Protection Plan
  7. Defining Intellectual Property
  8. Lock up your IP and Control Access to it
  9. Discover the Weaknesses in Your IP Security
  10. Improve Your Ability to Detect Cyber-Attacks

 

Larry Brock

Customer Spotlight: Deploying a Data Protection Program in Less Than 120 Days

Michael Ring, IT Security Architect at Jabil Circuit shares how they deployed Digital Guardian to over 40,000 users in less than 120 days. Watch the webinar on demand now.

Watch Now

Related Articles
Digital Guardian Keeps your CAD in the Cradle (Video Demo)

Intellectual property takes serious work to create and requires a smart solution for protection. Watch this video demo to learn how Digital Guardian secures IP in a variety of forms.

You Can’t Protect What You Can’t See

Protecting Data in a Global Manufacturing Environment

Emerson Owes BladeRoom $30M in IP Theft Case

A jury ruled that Emerson Electric stole proprietary data center designs from BladeRoom, putting a close to a long running trade secrets lawsuit. The ruling comes a month after Facebook settled with the British manufacturing firm over similar charges.

Larry Brock

Larry Brock (CISM) is the former global CISO at DuPont, a post he held for 11 years. He also served as CIO of DuPont’s Nylon Flooring business unit, as Information Security Officer in the U.S. Air Force and at the National Security Agency (NSA) for four years. Mr. Brock currently consults to companies helping them to improve their IP protection capabilities.

Please post your comments here