Having read a multitude of articles and recommendations for mitigating insider threat issues involving intellectual property, we are struck by set of common threads across the suggestions: Develop and implement policies, manuals, procedures and programs; develop and implement technical solutions; review and audit what you have.
While no doubt this will aid in preventing, deterring and even identifying the those responsible, the challenge we see facing the business community is: do all businesses have the expertise and/or the resources to assess, develop and implement these? Further, if they do identify someone in their organization who has “misappropriated” their information, can they really expect any support from law enforcement or the court systems?