“The threat is incredibly serious,” the FBI warned in a report this past May on cyber crime. “Intrusions are becoming more commonplace, more dangerous, and more sophisticated... [as] companies are targeted for trade secrets and other sensitive corporate data.”
Strong stuff, but hardly a surprise amid widespread charges nowadays of commercial larceny by nations and companies alike.
And, as a new scholarly study explained, “Trade secrets are one of the primary means through which firms create and maintain value. A firm’s ability to prevent [them] from being stolen, copied, or eroded is one of the key factors ensuring its longevity...Even so, trade-secret theft has become a serious threat to the U.S. economy [causing damage] in the range of one to three percent of its GDP.”
With the principal means of trade-secret thievery shifting from betrayals by former employees to cyber-attacks, the new research, presented at the annual meeting of the American Accounting Association last August, offered what seems a disarmingly simple option for reducing theft: Desist from disclosing the existence of trade secrets in the company 10-K, the financial report that public companies are required to submit annually to the SEC and that they disseminate widely to investors.
Drawing on data from about 7,500 companies over a span of nine years, the study found that about one third of their 10-Ks mentioned that the firms possessed trade secrets. Even though essential information about the secrets is customarily withheld, simply revealing their existence increases the chances of a cyberbreach by an average of about 30%, according to the paper by Michael Ettredge and Yijun Li of the University of Kansas and Feng Guo of Iowa State University.
The likelihood of subsequent breaches, the authors added, is “most pronounced among younger firms, firms with fewer employees, and firms operating in more competitive industries… consistent with the notion that firms’ trade secrets are more likely to be hacked when the trade secrets are more valuable or when alternative ways to obtain firms’ trade secrets, such as hiring away firms’ employees are not available.”
The authors concede that a decision not to mention trade secrets may be difficult for many companies. As they explain, mere acknowledgement of trade secrets “does not impose any direct proprietary costs on the firm. Furthermore, firms…could signal greater value of their stocks by discussing the existence of trade secrets…and how [they] take the appropriate steps to protect [them] from misappropriations.” A further advantage, the authors add, is that allusions to trade secrets in 10-Ks can provide evidence in case of subsequent litigation alleging misappropriation.
Stories You May Also Be Interested In
- CFO Awards 2018 Nominees: CEO Watch - Cyber Security Remains Real Threat, Especially For Small-to Mid-Size Firms
- CFO Awards 2018 Nominees: Three Things Every Middle Market CFO Needs to Do About Cyber Risk
- 100 Fastest Growing Private Companies 2017: Four Ways to Manage Cybersecurity Risks
- CUSTOM CONTENT: California’s Sweeping Consumer Privacy Law - What companies need to know to mitigate their risk.
- Hackers Steal Client Data From Line 204 Studios
- Leaders in Law 2017 Nominees: How Safe Is Our Water Infrastructure from a Cyberattack?
- www.computer.crime: E-Crime and What To Do About It
- CUSTOM CONTENT: Preventing, Managing and Resolving Potentially Devastating Cyberattacks