Still, intellectual property and risk management consultants say companies may not be doing as much as they can to protect their IP assets, which can include everything from product formulas to customer lists.
“I wonder if inside the doors people are having enough robust conversations about what their intellectual property is and what needs to happen to manage the risk,” says Steve Snethkamp, a partner in the Columbus office of EY. His consulting practice covers a variety of industries with a focus on information technology.
The stakes are high, he says, pointing to incidents in which the technology behind a new product has been stolen and implemented by overseas competitors even before the IP owners can get that product to market. And it’s not easy to manage that risk, especially with all the data that can be shared—and exposed—through the ever-increasing use of mobile technology and interconnected devices.
“There is no silver bullet,” Snethkamp says, “but the first thing (for companies) is to create a cultural awareness that security is important and IP is the lifeblood of the organization. That needs to be the mantra of every person in the company from the janitor to the CEO.”
Then businesses need to clearly define their intellectual property, identify where it is located, make an inventory of it and put in place controls, processes and procedures to protect it appropriately.
“It’s hard stuff to do,” Snethkamp says.
But it’s also essential given the findings of a 2013 study by the independent Commission on the Theft of American Intellectual Property. It estimated that international thefts of intellectual property have an impact of more than $300 billion annually on the US economy, costing the country millions of jobs and dragging down economic growth and investments in research and development.
Risk managers historically were focused on hard assets—buildings, equipment and inventory—but that has shifted to intellectual property and intangible assets such as copyrights, patents, technical processes, trade secrets, customer lists and distribution networks, says Philip Renaud, executive director of the Risk Institute at Ohio State University’s Fisher College of Business. He has worked in the risk management field since the early 1980s, including stints with L Brands, Kmart, Exel and Deutsche Post.
“It’s much more difficult to value an intangible asset and protect it,” Renaud says. “I can’t put a sprinkler system and firewall around a copyright.”
In his opinion, IP risk management in many cases becomes a defense strategy in which companies must educate team members about the importance of protecting the brand. That is particularly the case of detailing the risks when employees are working online and sharing data.
Such preventative steps are especially important, Renaud says, because of the difficulty and expense of stopping an IP infringement after the fact.
“That’s the greatest challenge,” he says. “If the company that has infringed on you is exposed, the only way to get there is through legal proceedings. That costs a lot of money.”
There is also the thorny issue of taking legal action when an IP infringement occurs overseas. “How do you get enforcement in China?” Renaud asks.
His best advice for companies is to make sure they understand their intangible assets—how they are used, their value to the business and how they are being protected.
When looking to protect intellectual property, companies should consider registering their rights with patents, trademarks and copyright, says Susan Rector, an attorney at the Columbus office of Ice Miller LLP. She represents companies in all aspects of IP ownership and information technology transactions.
“Inherently, taking the steps to register the rights to your intellectual property gives you a leg up,” Rector says. “That’s important from a defensive standpoint. It can also be used offensively against people who come too close to your (IP) rights.”
She works with a lot of startup companies that are building their business model around a proprietary product that is far and away their most valuable asset.
“Often it’s two guys, a laptop and an idea,” Rector says. “A lot of them will get big valuations (from investors), but people will only back them if no one else has done it. … They need to think about an intellectual property strategy early. If they don’t, they can lose their ability to protect that product or device.”
Intellectual property presents some specific challenges for risk managers, says Nicholas Kaufman, head risk manager at Battelle in Columbus.
First, it can be difficult to place a value on IP assets because they can be hard to measure, especially compared to property risks or auto liability. Second, Kaufman says there really is no insurance market for intellectual property because mature insurers tend to organize around areas they understand and know the likelihood of payouts on policies. That’s not the case with IP because of the difficulties in placing a value on the assets and calculating the risks to them.
Despite those issues, companies still need to have a risk management program in place for their intellectual property assets because the stakes can be so high. Kaufman says Battelle’s program takes an enterprise-wide approach in managing the IP risks for its range of products, services and research it conducts.
“We look at it holistically,” he says. “It’s not just about defending our intellectual property but making it as easy as possible for our scientists to create IP.”
Kaufman says intellectual property best practices start with an understanding of your organization and how IP brings value. Then it becomes a matter of aligning resources to protect that value.
The sooner that companies think about protecting new intellectual property the better, says Ari Zytcer, a Vorys, Sater, Seymour and Pease LLP attorney who has worked in the IP field for more than 10 years. But he also recognizes that can be easier said than done.
“In identifying intellectual property,” he says, “you’re starting in the dark. Is this going to be a commercially successful product or an intermediary that leads to something down the road that you would like to protect and stake a claim? You don’t know what aspects you’d like to protect (with a patent) … so we see broad coverage at the beginning. As development continues, you home in on what is commercially viable and blocking other companies from getting into that space.”
Zytcer also says there is no one-size-fits-all approach for IP risk management.
Small companies, for instance, have to consider whether it is best to spend limited resources on patent procurement versus funding research and development and breaking into a market. Large companies generally take a more holistic view with IP committees drawn from the business side—risk management, legal, finance and marketing for example—and R&D side of the enterprise. They track new inventions and make the call on the allocation of resources for patents, trademarks and other IP safeguards.
“Having a cohesive policy for the company is crucial,” Zytcer says. “It’s almost like a marriage. The right hand needs to know what the left hand is doing.”
Jeff Bell is a freelance writer.