Cyber security management for intellectual property assets:
Malicious attacks of domain names are on the rise globally.
Remote access or télétravail as known in France, has drawn global attention to the world of Cyber Security.
Over the past 18 months due to Covid 19, the digital environment has changed dramatically with people working from home, or studying from home, all remotely.
There is now a dramatic increase in cyber activity which has resulted in an increase in risk of malicious attacks of domain names across the world. This incremental increase in cyber activity has been change embracing, however there are monumental shifts and challenges that are also costing companies thousands if not millions of dollars in the rise of criminal activity across the digital landscape.
Fundamentally, these shifts and challenges have propelled us into the hyper reality of a “digital fast forward” way of being. The spotlight has been thrown directly onto the Information Security playing field in the form of Cyber Security Management, and how we manage information, what the risks to ourselves and our organisations could be, and in this understanding of managing risk, will surely determine our success or our demise.
Cyber security risk is ominous and one of the highest-ranking risks facing companies today.
Domain Names are often victims of these latest digital breaches, being fraud, where criminals deceive the registrants which as a result can affect both consumers, and for companies, their employees. Breaches and such frauds are achieved by imitating the company’s name or its trademarks.
Watches and monitoring tools for both domain names and trademarks, are generally designed within the software development of a tool to allow for and include detection of such frauds at an early stage. However, preventative actions need to be considered and incorporated to strengthen the mitigation of such risks occurring. In other words, some examples could include:
Information Security Training
Ensuring staff in an organisation are trained in an up- to-date Information Security programme annually to be aware of the latest risks to an organisation in regard to managing critical and sensitive information
Customer Compliance & Communications
Ensuring clients are kept in the loop in regard to understanding and knowing for “how to fix or escalate” an issue or incident. In this way we can ensure they are advised in becoming aware of what to look out for on a regular basis. This could be achieved in regular communications or reminders of security risk awareness.
Unfortunately, these kinds of actions are rarely implemented. Therefore, the risk to the domain name and trademarks can create a cost in one or more of the five company critical value areas:
– Reputational damage or loss
– Financial damage or loss
– Customer damage or loss
– Contract or franchise damage or loss
– Regulatory damage or loss
This is especially the case when a domain name does not redirect to any actual website and where it seems never used.
Companies, service providers, suppliers, customers or employees can become subject to fraud through a domain name that may already exist. In such situations, the liability of the company and its managers could be engaged in serious lawsuits of damage, by consumers, employees, shareholders and/or ultimately by regulatory authorities.
Information security compliance
ISO27001 and ISO/IEC 27001/2 and NIST (National Institute of Standards & Technology – US guidance, now global risk methodology leverage 2020).
ISO27001 and ISO/IEC 27002 in line with the latest cyber security framework called NIST are the global codes of practice for information security controls. They provide guidance for organisations in managing critical and sensitive information to ensure three specific ingredients are maintained through the digital environment for an organisation’s customers and employees:
– Confidentiality
– Integrity and
– Availability
For more information please visit our website section here:
A major risk factor with respect to obligations
For more information please visit our website section here:
Here at Dreyfus we have lawyers and consultants specialising in Cyber Security Compliance available to help your organisation determine what the risks are and what actions you can take to protect your Intellectual Property, your company, your shareholders and your clients.
If you would like to know more about how we could strengthen your organisation to be more Cyber Security compliant with your Intellectual Property needs, please do not hesitate to contact us: contact@dreyfus.fr