The Cybersecurity Law Report

Incisive intelligence on cybersecurity law and regulation

Articles By Topic

By Topic: Trade Secrets

  • From Vol. 4 No.14 (May 30, 2018)

    Understanding the Intersection of Law and Artificial Intelligence

    How can lawyers effectively use artificial intelligence and mitigate the myriad risks it poses? During a recent Strafford panel, Robert W. Kantner, a partner at Jones Day; Michael W. Kelly and Huu Nguyen, both partners at Squire Patton Boggs; and Dennis Garcia, an assistant general counsel at Microsoft, provided insight on how to make the most of AI. See “Using Big Data Legally and Ethically While Leveraging Its Value (Part One of Two)” (May 17, 2017) and Part Two (May 31, 2017).

    Read Full Article …
  • From Vol. 4 No.9 (Apr. 25, 2018)

    Eight Steps for Protecting Trade Secrets Across Global Enterprises

    Along with customer and employee information, companies must focus on protecting trade secrets and other company crown jewels. The overwhelming challenge of identifying those jewels and where they are located can prevent some companies from even starting this critical process, said Pamela Passman, president and CEO of the Center for Responsible Enterprise and Trade (, during a recent PLI program. She detailed eight steps companies should take to prevent trade secrets from falling into the wrong hands. For more from Passman, see “How to Protect Intellectual Property and Confidential Information in the Supply Chain” (Nov. 25, 2015).

    Read Full Article …
  • From Vol. 3 No.22 (Nov. 8, 2017)

    How to Mitigate the Risks of Open-Source Software (Part Two of Two)

    Companies may be unaware they are using open-source software in their operations. This can be significant because while OSS is inexpensive and reliable, it does carry with it significant cybersecurity and intellectual property risks that should be addressed. A recent Strafford program offered a comprehensive primer on OSS and insights on designing appropriate compliance controls for its use. The program featured James G. Gatto, a partner at Sheppard Mullin Richter & Hampton and Baker Botts attorneys Luke K. Pedersen and Andrew Wilson. Part two of our coverage discusses where attorneys encounter OSS challenges, how to identify whether a company is using OSS, best practices for OSS governance, and patent issues that OSS presents. Part one explained the key legal issues, common OSS license provisions, and cybersecurity and litigation risks. See also “Tech Meets Legal Spotlight: What to Do When IT and Legal Slow the Retention of a Third-Party Vendor” (Nov. 30, 2016).

    Read Full Article …
  • From Vol. 3 No.7 (Apr. 5, 2017)

    Proactive Steps to Prevent Legal Pitfalls in Bug Bounty Programs 

    Bug bounty programs that use crowdsourcing methods can help companies identify vulnerabilities that their internal teams may not catch. These programs, however, can also open companies up to a range of legal and business risks, such as publicly exposing user problems and other flaws identified by researchers before they are fixed. Michael Yaeger, special counsel at Schulte Roth & Zabel, spoke to The Cybersecurity Law Report about how companies can develop programs to minimize those risks, including setting clear terms covering issues such as confidentiality, payments, unauthorized actions and scope. We provide specific examples of program terms to illustrate Yaeger’s advice. See also “How to Establish and Manage a Successful Bug Bounty Program” (Mar. 22, 2017).

    Read Full Article …
  • From Vol. 2 No.16 (Aug. 3, 2016)

    Procedures for Hedge Fund Managers to Safeguard Trade Secrets From Rogue Employees 

    In an era when high-profile data theft cases have shaken some people’s faith in the security of personal information entrusted to fund managers, it is critically important for firms to take steps to detect, prevent and address such thefts by rogue employees. This is of particular urgency for hedge fund managers now that the SEC has stepped up its focus on cybersecurity. Data security and the measures that can help safeguard trade secrets and sensitive information were the focus of a recent Hedge Fund Association panel discussion featuring participants from the law firm Gibbons, the litigation consulting firm DOAR and the hedge fund Litespeed Partners. See also “How Financial Service Providers Can Address Common Cybersecurity Threats” (Mar. 16, 2016).

    Read Full Article …
  • From Vol. 1 No.17 (Nov. 25, 2015)

    How to Protect Intellectual Property and Confidential Information in the Supply Chain

    Sharing information, including intellectual property, with third parties such as suppliers, distributors and consultants is essential for the operations of many companies but exposes them to various points of cyber risk.  Pamela Passman, President and CEO at the Center for Responsible Enterprise and Trade (, spoke with The Cybersecurity Law Report about how to assess and mitigate third-party and supply chain risk., a global NGO, works with companies and third parties with whom they do business to help put processes in place to prevent corruption and protect intellectual property, trade secrets and other confidential information.  See also “Protecting and Enforcing Trade Secrets in a Digital World,” The Cybersecurity Law Report, Vol. 1, No. 13 (Sep. 30, 2015).

    Read Full Article …
  • From Vol. 1 No.13 (Sep. 30, 2015)

    Protecting and Enforcing Trade Secrets in a Digital World

    In addition to consumer data and employee data, trade secrets also need to be a focus of cybersecurity programs, given their importance to companies and their vulnerability to cyber theft.  In this interview with The Cybersecurity Law Report, Matthew Prewitt, a partner and chair of the cybersecurity and data privacy practice and co-chair of the trade secrets practice at Schiff Hardin, discusses how to structure a process to identify and protect trade secrets from cyber risk, how to litigate trade secrets in the wake of an insider breach, and the changes that may come with the proposed Defend Trade Secrets Act of 2015.  See also “Strategies for Preventing and Handling Cybersecurity Threats from Employees,” The Cybersecurity Law Report, Vol. 1, No. 1 (Apr. 8, 2015).

    Read Full Article …
  • From Vol. 1 No.13 (Sep. 30, 2015)

    Protecting the Crown Jewels Using People, Processes and Technology 

    Guarding against a cybersecurity breach is no longer just a technology issue – heightened encryption and firewall technology is not a panacea for all potential cyber threats.  Instead, adequate countermeasures against cybersecurity threats today require companies to also look to their people and their processes.  During a recent webinar, Pamela Passman and Allen N. Dixon, compliance and IP protection experts at, discussed the current cyber threat landscape, along with practical ways businesses deploy people, processes and technology to get ahead of cyber risks and successfully prevent or neutralize internal and external threats across their entire organization.  The panelists provided steps companies can take to identify and protect their most important corporate assets and address risks from insiders, competitors and third parties by effectively training, managing and monitoring their people, processes and technology.  See also “Strategies for Preventing and Handling Cybersecurity Threats from Employees,” The Cybersecurity Law Report, Vol. 1, No. 1 (Apr. 8, 2015). 

    Read Full Article …