Board Agenda and POTUS Priorities: Cybersecurity and Trade Secrets
Howard Schmidt, a co-founder of Ridge-Schmidt Cyber LLC and a former cybersecurity adviser to Presidents Obama and Bush, recently rendered cybersecurity advice for boards of directors: “At every board meeting, whether it’s monthly, whether it’s quarterly, cybersecurity should be on [the agenda]. If not, you’re going to wind up in a situation where you’re having an emergency board meeting to discuss something that has gone wrong. You have to have a plan. You should have general counsel, public relations, communications, the IT people, the security people – all of them need to have a structure in place to be able to deal with something like this.” (What Business and the Feds Must Do About Cybersecurity, Noelle Knox interview of Howard Schmidt, Feb. 10, 2015 Wall Street Journal, R4.)
Today, Mr. Schmidt’s former boss, President Obama, issued an executive order entitled “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities.” That order authorizes financial sanctions against foreign cyberattackers. Notably, that order also recognizes that trade secrets can be cyberattackers’ primary targets.
So, yes, just about every company — starting with its board — needs to meaningfully account for cybersecurity. Cyberattacks are more frequent, or at least more frequently reported. Cyberattacks are becoming more sophisticated and coordinated, and the economic impact of a cyberattack can be significant for the direct target and others.
But, consider this. When it comes to trade secrets — a.k.a., competitively valuable information — there are two fundamental threats: (1) outsiders, such as cyberthieves, and (2) insiders, such as dishonest or careless employees and partners. Importantly, insiders still pose a greater threat to trade secrets than outsiders.
With that, let’s back up. If the board’s agenda accounts for cybersecurity, does it sufficiently account for the company’s trade secrets? For a given issue or endeavor, possibly. But, overall, no. Trade secrets are significant corporate assets that require broader board attention and broader protective measures.
Finally, President Obama’s efforts to create or enhance legal tools to protect trade secrets or penalize misappropriators are laudable. Next, he should try to catalyze congressional action on a federal civil trade secret statute.
Leave a Reply