Most CEOs steal IP from previous employers

Emotionally-driven decisions put companies at risk, finds security report

Harvesting data from a laptop

Intellectual property (IP) is the most precious asset in a company, according to CEOs, with most of them admitting they take it with them when they leave a company.

Although company rules may state the complete reverse, 79% of CEOs believe their work and ideas belongs to them, with 72% admitting to taking IP with them from previous employers upon joining a new organisation, according to software company Code42's 2018 Data Exposure Report.

Advertisement - Article continues below

The main factors behind CEOs' sense of personal ownership over their work include a belief that their time, not the company's, goes into the end product - with 59% agreeing as much. Just under half feel they "impart a bit of myself" into ideas, while 39% say personal ownership matters because they spend time generating them. Otherwise, 18% don't believe a company can outright own ideas, while 8% suggest nobody can "own" work - something clearly contravened by IP and copyright law.

Cases like former Google engineer Anthony Levandowski allegedly stealing 14,000 documents comprising the firm's self-driving car project are not that unusual, the survey suggested.

"Human emotions and behaviour play a bigger role in data exposure than organisations realise," Code42's report read. "Even the strongest security policies can't stop people from making mistakes or poor choices that create vulnerabilities."

Surveying 1,634 senior company employees in the UK, US and Germany, including 600 CEOs as well as security and IT leaders, CSOs, CTOs, CISOs and CIOs, Code42 found that emotionally-driven decisionsat the highest level pose to a company's overall security.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"For years, organisations have spent billions on strategies to prevent data losses and breaches. Those strategies alone no longer work, and companies know it," the report said.

"In an increasingly complex digital landscape, breaches are happening, and prevention-only strategies are no longer effective to keep data safe. Breaches will happen, even when you have a strong prevention strategy."

While 77% of business leaders are fully aware that downloading software without knowing whether it is approved by corporate IT poses a big security risk to their organisation, 41% do it anyway.

In a similar vein, a majority of senior staff in organisations are keeping copies of their work on a personal device, or outside of official company storage, even though they are fully aware this practice may also pose a risk.

For instance, 93% of CEOs have admitted to keeping copies of their work beyond the remit of their company's security network - on a personal device or on personal cloud storage for example - despite 68% agreeing there is a risk to the company in doing so.

Advertisement - Article continues below

One glaring example of business leaders' "disconnect from reality", according to the report, lies in IT visibility - with 82% believing IT can protect information it cannot see, almost entirely contradicting the views of CISOs, 80% of whom agree "you cannot protect what you cannot see".

"It's clear that even the best-intentioned data security policies are no match for human nature," said Code42's chief information security officer, Jadee Hanson.

"Understanding how emotional forces drive risky behaviour is a step in the right direction, as is recognising 'disconnects' within the organisation that create data security vulnerabilities. In a threat landscape that is getting increasingly complex, prevention-only strategies are no longer enough."

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement

Recommended

Visit/security/cyber-security/355267/zoom-hires-ex-facebook-cso-to-boost-platform-security
cyber security

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

8 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/server-storage/servers/355254/a-critical-flaw-in-350000-microsoft-exchange-remains-unpatched
servers

A critical flaw in 350,000 Microsoft Exchange remains unpatched

7 Apr 2020
Visit/software/video-conferencing/355257/taiwan-first-country-to-ban-zoom-amid-security-concerns
video conferencing

Taiwan becomes first country to ban Zoom amid security concerns

8 Apr 2020