Defending against trade secret theft

An excerpt from the Administration Strategy on Mitigating the Theft of U.S. Trade Secrets (Executive Office of the President of the United States, February 2013) states: “foreign competitors of U.S. corporations, some with ties to foreign governments, have increased their efforts to steal trade secret information through the recruitment of current or former employees”. This is undoubtedly an issue of importance impacting the competitiveness of American technology in the marketplace.

However, as is the case with many complex issues there exists significant gray area, and well-intended legislation could cause more damage than the actual problem it is intended to resolve.

There is a section in the report titled Promote Voluntary Best Practices by Private Industry to Protect Trade Secrets. I call this out as there should be no doubt about the technology industry’s motivation to protect ‘trade secrets’, which I will refer to herein as Intellectual Property (IP)

In my professional career in the ‘high technology’ industry spanning 30 years, and my involvement in IP licensing (and litigation), I have strong opinions concerning the substantive facts of this issue. I have learned how intellectual property is a crucial strategic element in countless technology firms; the best of whom shrewdly exploit their IP portfolios to gain competitive advantage.

My comments are not intended to create a sense of overconfidence, but the situation may not be as abysmal as it appears. There are several reasons I hold these opinions as follows:

  1. Production & manufacturing: this may not be true of all IP, but in sophisticated consumer / industrial ‘technology products’, even intimate knowledge of a design (e.g., functional specifications, schematics, prototype hardware) is no guarantee that one can actually produce it. Semiconductor-based product designs in particular are notoriously difficult to replicate; even by the owners of the IP who are tasked with scaling production. The manufacturing parameters and tolerances are mind-numbingly complex. This is magnified by the multi-discipline / multi-physics aspects of modern electronic devices. This includes embedded software, hardware, and more frequently MEMs (micro-electro mechanical); all of which must inter-operate perfectly. In point of fact, the verification of these designs is often more time-consuming, and intellectually challenging, that the functional designs
  2. Innovation Competency: there is ample historical precedent for ‘fast-followers’ who can ‘pick-off’ certain products, and offer variants that have alternative performance or cost benefits, but I do not believe that leads to sustainable success. Anyone who has worked on project-based product development knows the very culture is focused on faster, better, cheaper. It resembles an athletic contest, and is extraordinarily difficult to sustain. The very DNA of an organization must reflect this. I submit that an entity based on being a fast follower that relies on IP theft, can never develop, never mind sustain, the culture needed to succeed on the bleeding edge of technology.
  3. You know the IP thief’s product roadmap: a substantial amount of PD is based on ‘platforms’ where derivative products often represent the true competitive advantage in both margin and time-to-market, I questioned the CEO of a very successful technology firm why he was so forthcoming about details of his company strategy; I received a pearl-of-wisdom in the response, as follows: “our competitive advantage comes does not involve the details of our strategy; rather, it comes from our ability to execute our strategy.
  4. The Importance of ecosystem: increasingly, APIs and partnerships are differentiators in a product’s success. There exists unique value, in same; value that may be not possible to replicate. This also applies to ‘evolutionary’ products, where forward compatibility of versions is a key customer requirement.

An opportunity that colleagues and I are contemplating is the role of subterfuge as a weapon to defend against IP theft. What-if (and this is a big what-if) the IP embodied in an electronic system, for example, included logic that could render it inoperable, or produce inaccurate result (in the case of a computational device). And what-if, that ‘function’ could be triggered at a date in the future; sort-of like a Trojan horse, but wearing a white hat.

There is much to be done to protect American firms trade secrets from foreign competitors, and their state sponsors. The ‘problem, however has an element of opportunity, which requires more thought, and judicious governmental involvement.

About Don

Former C-Level Exec of NASDAQ company InfoSec Certifications: CISSP, CISO (Carnegie Mellon CIO Institute) / Founding member of several 'startups' / Georgetown University, Masters, Technology Management / InfoSec Certifications: CISSP, CISO (Carnegie Mellon CIO Institute)
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s