As a startup, IP is your asset, along with your people. Once your IP is gone, you have nothing but financial liabilities to keep you company. Humans have this “she’ll be right” attitude, nothing will happen to me, I’m bulletproof… but, the startup graveyard shows otherwise. If you’re running a startup, here’s five things to do before you become a victim.

Did you ever hear the one about the founder who didn’t take their IP seriously?

I’ve ceased to get frustrated talking to startup founders and inventors who have a great idea, only to have it stolen or compromised through a data breach. All that time, effort, money, blood, sweat and tears – and occasionally the family home – gone. Forever gone. Not coming back.

Disclosing your IP before you have legal protection (e.g. patent) or when you are vulnerable to competitors is to investors what the smoke of a campfire is to mosquitos.

Unfortunately, IP is like a dirty secret – once the world knows your secret, you’re gone.

Compromised IP = lost competitive advantage

Once gone, those investors are too. You become that kid everyone ignores in the playground.

Get the message? Unfortunately, most humans don’t (until it’s too late)

Hopefully I’ve got you worried enough to spur you into action. Perhaps you can’t even sleep? But don’t fret, there are 5 things you can do to protect it:

1. Uplift your cybersecurity – understand your risks, and put in place protections for your computers, networks, and digital data like passwords, firewalls, and data encryption. Easy.
2. Have a complete information security program – ever written something sensitive on a piece of paper because you thought it was more secure than a computer? Think Colonel Sanders. Or Coca-Cola. Paper, prototypes, designs, specimens, samples, laboratory notebooks can be a weak link. Protect non-computer information as well.
3. Insider Threats – heard the story of the co-inventor who went rogue? Well, history is littered with them. Just like marriage, a business partnership or employee-employer relationship can sour if people feel disadvantaged. Have the right legal, data loss prevention, behavioural analytics, and security programs to manage those charged with keeping your secrets secret.
4. Data breach & dark web monitoring – when bad stuff happens online, most of the time its the dark web. Trusted employees and business partners are right now selling IP stolen from their employers without them ever knowing. This could be the first indication your IP is compromised. Whilst the horse might have bolted, you may just be able to coax it back behind the starting line before the race starts, otherwise those investors are gone faster than Phar Lap.
5. Market Surveillance – keep an eye on your competitors and your industry. After ~20 years in fraud and security, I don’t believe in coincidences. If a competitor starts selling something that looks like your invention, its probably because it is. Causes could include a data breach, former employee, or accidentally presenting your IP at a conference. The list goes on. Market surveillance aims to put the genie back in the bottle.

So, if you’ve got this far, hopefully you’ve got the message. Lots of startup founders don’t protect their IP and it gets disclosed or compromised. And they don’t realise until its too late. Founders and inventors – protecting your IP is not limited to patents and copyright – you need to do more, and doing more is easy. Don’t be lazy – you’ve come too far to throw it all away.

DISCLAIMER: All information presented on PaulCurwell.com is intended for general information purposes only. The content of PaulCurwell.com should not be considered legal or any other form of advice or opinion on any specific facts or circumstances. Readers should consult their own advisers experts or lawyers on any specific questions they may have. Any reliance placed upon PaulCurwell.com is strictly at the reader’s own risk. The views expressed by the authors are entirely their own and do not represent the views of, nor are they endorsed by, their respective employers. Refer here for full disclaimer.