Australian companies are making it far too easy for cybercriminals to access their greatest assets by not understanding which assets within their organisations drive value and need protecting.
According to Michael Masterson, Managing Director of global intangible asset advisory EverEdge, “Many Australian companies are effectively opening the door to cybercriminals by focusing their network security efforts towards protecting the wrong assets.”
Today, cyber-crime is predominantly focused on targeting a company’s intangible assets, which include such things as data, content, intellectual property, confidential information, trade secrets, and products designs. These assets typically represent more than 87% of company value and by their very nature, tend to be digital making them ripe for the picking by sophisticated cybercriminals.
In fact, it is estimated by the US IP Commission [http://www.ipcommission.org/press/IPC_press_release_030818.pdf] that intellectual property or intangible asset theft costs the US economy alone between US$225 and US$600 billion annually, with China being pointed to as the main perpetrator. While globally, Cybersecurity Ventures [https://cybersecurityventures.com/top-5-cybersecurity-facts-figures-predictions-and-statistics-for-2019-to-2021/] estimates that “cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015… [and] represent the greatest transfer of economic wealth in history, risking the incentives for innovation and investment.”
Faced by such a significant threat, Australian companies are investing hundreds of thousands of dollars and person hours to create network security systems. However, the reality is that these systems are often rendered useless when faced with human error that creates a chink in the company’s armour, or targeted cyberespionage attacks.
Michael added, “When it comes to cybersecurity, one of the biggest issues is that companies aren’t starting in the right place. Today a companies ability to drive above market margins and/or market share are as a result of its intangible assets. These assets give a company its competitive edge and drive innovation, revenue, and growth yet very few organisations have a register of these assets often rendering them invisible when management are assessing risk.
“Yes, network security is crucial but before companies hook up the alarm, they need to better understand what they are trying to protect and proportionally weight their efforts towards those assets which are business critical and that give the company its competitive edge.”
To do this, companies and directors need to:
1. Identify and create a register of all the company’s intangible assets
2. Audit these assets to answer questions such as:
a. Which assets are business-critical?
b. How these assets drive the company’s competitive edge?
c. What these assets are worth (to the company and to someone else)?
d. Where these assets are stored?
e. Who has access to these assets?
f. Who else would want these assets and why?
3. Protect these assets including considering:
a. Whether the assets are being protected proportionally to their worth?
b. Where these assets are stored? (and whether they even need to be stored online or digitally?)
c. Internal policy and processes
d. Staff and key stakeholder education
e. Network security
Michael concluded “Cybercriminals and their attacks will only get more sophisticated and frequent. It is no longer a case of if a company will come under attack but when. People just won’t pay for what they can steal. What this means is that management teams and directors need to get smarter about how they approach cybersecurity and ensure that attention and effort is focused on protecting those assets that are truly business-critical.
“This requires companies to first understand what they are trying to protect. If this step in the process is missed, it is unlikely that a company will have the right measures in place to protect its assets, which is essentially like issuing an open invitation for cybercriminals to come and take what they want.”
– ends –
For further information please contact:
+61 418 448 570
Head of Marketing & Communications
+64 21 185 0123
EverEdge is a global advisory, valuation and transaction firm specialising in intangible assets. Intangible assets now account for over 87% of all company value and in the case of high growth companies, this is over 95%. Intangible assets include critical company assets such as data, brands, content, software, confidential information, regulatory approvals, products designs and customer and supplier relationships. EverEdge helps companies and investors unlock the value of these intangible assets and reduce intangible asset risk by helping to identify, value and monetise intangible assets.