Risk of intellectual property (IP) theft, including of industrial trade secrets, is rising fast as manufacturing companies connect private equipment and processes. Analyst house ABI Research has put a figure on both the rate of IP risk and rate of IoT connectivity, forecasting that cyberattacks on IP-rich data in cloud and edge servers, as well as on staff computers, will double in the period to 2026 in line with 53 percent compound annual growth for industrial IoT connectivity.
Most IP is stored as IP-rich data on various cloud and edge platforms. Theft of corporate IP via cyberattacks on company networks costs the US economy alone between $225 billion and $600 billion annually, says ABI Research. A 53 percent CAGR rise in global IoT connectivity in the manufacturing sector clearly expands the volume and variety of attack vectors for cyber criminals. How the doubling-of-risk to IP secrets is calculated is not explained.
Michael Amiri, senior industrial cybersecurity analyst at ABI Research, with a new report on the subject, said: “Companies with higher R&D spending should be especially vigilant. A few clicks can neutralize many years of costly research to [achieve a] first-mover advantage… Industry 4.0 [brings] opportunities and threats… Manufacturing IoT connections increase exposure to IP theft by contributing to more points of entry and expanding the attack surface.”
Amiri noted the IoT surge in the manufacturing space invariably opens an opportunity for cybersecurity vendors to “act as IP gatekeepers”, as well. But he warned that vendors offering identity and access management (IAM) and encryption services “need to emphasize” that IP security is embedded in their solutions. He listed vendors that are making a good job of protecting enterprises from new attacks, notably Spirion, Utimaco, Thales, Fasoo, and Rambus.
Amiri said: “Encryption is a very effective tool to protect IP, especially when IP is on the cloud and shared between a host of users. But encrypting all data and servers could impede workflows. More importantly, encryption does not work against insider threats… Access management is so important… The best way to protect sensitive data is to limit the data to those who need the data the most, and even then, to deploy zero-trust strategies.”
A statement explained IP breaches happen in three stages: during design, production, and in-market, it said, when a product can be reverse-engineered, jailbroken, or copied. It said: “After the production phase, other measures need to be adopted to secure IP. This is especially important because when counterfeit products enter a product line, they cause subpar final production, resulting in serious financial and reputational loss.
“An array of anti-counterfeiting technologies such as DNA and glue coding, laser engraving of parts, security threads, anti-alteration devices, and radio-frequency identification (RFID) will help avoid this. In digital products, confidential computing technology protects data by leveraging a trusted execution environment (TEE) in a protected central processing unit (CPU), thus protecting business logics, algorithms, and analytics functions.”
Amiri said: “Securing IP in industrial settings is increasingly related to cybersecurity, data management, and securing chips design. Counterfeiters will still try to reverse engineer molds and steal industrial equipment designs, but the shift toward Industry 4.0 means data is the main driver of IP theft. Molds can be made in the US or Europe instead of China to secure them, but internet connections can’t be shut down and brought back to the US.”
