Intellectual Property (IP) theft, including industrial trade secrets, is one of the costliest security breaches costing the U.S. economy, which is between US$225 billion and US$600 billion annually. Most IP forms are stored as IP-rich data via digital mediums, including cloud platforms, servers, and laptops. ABI Research, a global technology intelligence firm, forecasts that manufacturing Internet of Things (IoT) connections will increase by a CAGR of 53% globally, significantly expanding the vector of attack to obtain IP-rich data. While this is a potential opportunity for cybersecurity vendors, they must explicitly showcase that their usual IT/OT solutions can also help protect IP. Vendors that provide Identity and Access Management (IAM) or those providing encryption services contribute to IP security but need to emphasize that IP security is embedded in their solutions.
“In the manufacturing sector, IP breaches happen in three stages, namely during design, production, and post-manufacturing when a product is in the market and can be reverse-engineered, jailbroken, or copied. Most breaches happen via access to compromised data. Companies with higher R&D spending should especially be vigilant. A few clicks can neutralize many years of costly research to benefit from the first mover advantage. With the embrace of Industry 4.0 comes opportunities and threats, including an expansion of cyberattacks. Manufacturing IoT connections increase exposure to IP theft by contributing to more points of entry and expanding the attack surface. In such an environment, cybersecurity providers act as IP gatekeepers by securing sensitive data,” says Michael Amiri, Senior Industrial Cybersecurity Analyst at ABI Research.
Protecting sensitive data is a primary strategy for protecting IP. Protecting data can be achieved by identifying, managing access, and encrypting sensitive data. Vendors like Spirion discover and classify sensitive data, while others like Utimaco or Thales encrypt critical data. “Encryption is a very effective tool to protect IP, especially when IP is on the cloud and shared between a host of users. But encrypting all data and servers could impede workflows. More importantly, encryption does not work against insider threats, as we saw in the Edward Snowden case. All he needed was the required credentials to access the encrypted files. Case in point to why access management is so important for securing sensitive data,” Amiri stresses. Data protection providers, such as Fasoo, secure sensitive data by applying document rights policies to control data in use. “The best way to protect sensitive data is to limit the data to those who need the data the most, and even then, to deploy zero-trust strategies,” he adds.
After the production phase, other measures need to be adopted to secure IP. This is especially important because when counterfeit products enter a product line, they cause subpar final production, resulting in serious financial and reputational loss. An array of anti-counterfeiting technologies such as DNA and glue coding, laser engraving of parts, security threads, anti-alteration devices, and Radio-frequency identification (RFID) will help avoid this. In digital products, confidential computing technology protects data by leveraging a Trusted Execution Environment (TEE) in a Protected Central Processing unit (CPU), thus protecting business logics, algorithms, and analytics functions. Confidential computing is especially useful in protecting proprietary software and can be used to secure IP in gaming and software technologies. Authentication Integrated Circuits (IC) are another form of verification typically used in printers, where an embedded IC allows only authentic ink cartridges to work with the machine. Rambus’ CryptoFirewall Anti-Counterfeiting System provides another layer of security by delivering chip anti-tamper protection that secures printing machines against counterfeit ink cartridges. Authentication ICs are increasingly used in other products, such as smart home devices and charging stations, to authenticate car batteries.
“Securing IP in industrial settings is increasingly related to cybersecurity, data management, and securing chips design. Counterfeiters will still try to reverse engineer molds and steal industrial equipment designs, but the shift toward Industry 4.0 means data is the main driver of IP theft. Molds can be made in the United States or Europe instead of China to secure them, but internet connections can’t be shut down and brought back to the United States,” Amiri concludes.
These findings are from ABI Research’s Industrial Data Security: Protecting Intellectual Property application analysis report. This report is part of the company’s Industrial Cybersecurity research service, which includes research, data, and analyst insights. Based on extensive primary interviews, Application Analysis reports present an in-depth analysis of key market trends and factors for a specific technology.
About ABI Research
ABI Research is a global technology intelligence firm uniquely positioned at the intersection of technology solution providers and end-market companies. We serve as the bridge that seamlessly connects these two segments by providing exclusive research and expert guidance to drive successful technology implementations and deliver strategies proven to attract and retain customers.
ABI Research 是一家全球性的技术情报公司，拥有得天独厚的优势，充当终端市场公司和技术解决方案提供商之间的桥梁，通过提供独家研究和专业性指导，推动成功的技术实施和提供经证明可吸引和留住客户的战略，无缝连接这两大主体。
For more information about ABI Research’s services, contact us at +1.516.624.2500 in the Americas, +44.203.326.0140 in Europe, +65.6592.0290 in Asia-Pacific, or visit www.abiresearch.com.
Asia: +65 6950.5670