 |  | Member Login |
 | | | | | |
| U.S. Companies Lost Up to $59 Billion in Proprietary Information and Intellectual Property
FOR IMMEDIATE RELEASE
Press Contact: Vicki Contavespi
PricewaterhouseCoopers
U.S. Chamber of Commerce New York, N.Y. (Sept. 30, 2002) - - U.S. companies lost up to $59 billion in proprietary information and intellectual property according to survey results released today by ASIS International, through its Council on Safeguarding Proprietary Information and aided by the sponsorship of PricewaterhouseCoopers, the U.S. Chamber of Commerce and the ASIS Foundation. The 10th Trends in Proprietary Information Loss Survey was conducted among CEOs of Fortune 1,000 companies and of 600 small and mid-sized companies that belong to the U.S. Chamber of Commerce. The report found that responding firms experienced proprietary information and intellectual property (IP) losses of between $53 billion and $59 billion from July 1, 2000 to June 30, 2001. Of the companies responding to this study, 40% reported incidents of known or suspected losses of proprietary information. Companies with such losses experienced two incidents in the reporting period. Research & development (R&D) and financial departments suffered the greatest dollar value of loss per incident--$404,000 and $356,000, respectively. Many companies don't value intellectual property until litigation. Since these assets are not typically tracked in corporate accounting systems, they often are not well protected. The greatest risks for companies reporting a loss of proprietary information and intellectual property were former employees, foreign competitors, on-site contractors, and domestic competitors. Hackers are also considered a major problem, and this is an area that should be earmarked for heightened scrutiny by businesses and in upcoming sequels to this survey. Companies that had made IP protection a high priority indicated no loss incidents. "While the risk of cyberterrorism is increasing, the theft of intellectual property is where companies are incurring the most losses to date," said Jay Ehrenreich, Senior Manager at PricewaterhouseCoopers' Cybercrime Prevention and Response group. The most common areas of infiltration were R&D (49%), customer lists and related data (36%), and financial data (27%); however, the number of reported incidents, in order of magnitude, were customer data, strategic plans, financial data, and R&D. The greatest impact of these losses, companies reported, came through increased legal fees and the loss of revenues. For large businesses of more than $15 billion in sales, as well as for high-tech firms, loss of competitive advantage was the most serious problem. For financial institutions, embarrassment was the biggest concern. A troubling managerial attitude also came to the attention of researchers: around three quarters of respondents indicated that information about new products and services were the life's blood of their companies, but only 55% said their management was concerned about information loss and were taking necessary precautions. Researchers also found that proper labeling and handling of classified information is not the norm among companies, nor are employees typically trained to safeguard proprietary information in the office or while traveling. In addition, although most companies agree that the Internet represents a new threat, most do not require that information sent over the Internet be encrypted. Surprisingly, information security was given a lower priority at companies where loss had occurred. Stephen Jordan, Executive Director for the U.S. Chamber of Commerce Center for Corporate Citizenship, warns against this attitude. "Electronic thieves are hurting businesses. We applaud the steps many companies are taking to protect themselves, but it's clear this is a big problem, and businesses that haven't invested in cyber security are paying the price." The report concludes that several issues need urgent attention: Companies must overcome their reluctance to share, even anonymously, information about losses in order to determine the full extent and nature of the problem. Companies need to centralize their loss reporting systems to ensure that comprehensive data is gathered and can be reported. Businesses must make information protection a higher priority and must institute sound protection procedures. Corporations must set up a system for valuing intellectual property assets as they are created because over the long-term the loss in competitive advantage and market share could far outweigh legal fees. "It is absolutely critical we protect our assets," said William Boni, Chief Information Security Officer at Motorola. "This report provides further evidence that the current best practices among companies do not provide sufficient protection." The entire report can be found at: http://www.asisonline.org/newsroom/surveys/spi2.pdf . About PricewaterhouseCoopers' Security and Privacy Practice The Security and Privacy Practice (www.pwcglobal.com/security) is devoted exclusively to the critical business issues of security, privacy, and compliance. With more highly trained professionals in the field than any other organization, our multi-disciplinary teams help clients effectively identify, assess, implement and manage security and privacy solutions. Through proven methodologies, best of breed tools, and best practice services, the Security and Privacy Practice helps organizations assess, design, implement, and maintain a secure and high performance business infrastructure. About PricewaterhouseCoopers PricewaterhouseCoopers (www.pwcglobal.com) is the world's largest professional services organization. Drawing on the knowledge and skills of more than 150,000 people in 150 countries, the organization helps clients solve complex business problems and measurably enhance their ability to build value, manage risk and improve performance in an internet-enabled world. PricewaterhouseCoopers refers to the US firm of PricewaterhouseCoopers LLP and other members of the worldwide PricewaterhouseCoopers organization. About the U.S. Chamber of Commerce The U.S. Chamber of Commerce is the world's largest business federation representing more than three million businesses and organizations of every size, sector and region. About ASIS International The American Society for Industrial Security (ASIS) is the preeminent organization for professionals responsible for security, with more than 33,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security by developing educational programs and materials that address broad security interests, such as the ASIS Annual Seminar and Exhibit, as well as specific security topic areas. By providing members and the business community with access to a full range of programs and services and publishing security's leading magazine - Security Management magazine - ASIS leads the way for advanced and improved security performance. For more information about ASIS, visit our Web site at http://www.asisonline.org. |
