The existential threat of IP theft

The existential threat of IP theft

The existential threat of IP theft

Kevin Kennedy
April 20, 2017

Confusion reigns on the origin of the term "bullseye." Some say it started when English archers showed off their accuracy by shooting arrows through the empty eye socket of a bull skull. Others contend it was a reference to a blemish in the center of a glass window pane.

Regardless of its origin, what is crystal clear today is the bright bullseye painted on the intellectual property and trade secrets of a select set of industries, including medical device manufacturers and pharmaceuticals. China has set aggressive market share targets for its state-owned enterprises in 10 advanced manufacturing industries as part of the "Made in China 2025" initiative.

History tells us that these targets matter. Remember solar and renewables? Sustained Chinese government investments and subsidies combined with a bit of IP theft led to a dominant share in the market – a share north of $70 billion today. U.S., Japanese, and German companies were left as bit players. If they were left at all.

IP and trade secrets are the engine of growth in medical devices and pharmaceuticals. For 10 years, the medical technology sector has led all other fields in the number of patent applications in Europe. And in pharmaceuticals, the typical new drug takes 10 years and costs $2.5 billion in R&D – which is why pharmaceutical firms spend north of 20% of revenue on R&D.

The technical hurdles for any major new entrant are high.

Motivation, capability, history: No.1 perpetrator of cyber IP theft

The Commission on the Theft of American Intellectual Property estimates that China is responsible for 50-80% of international IP theft, and is the No. 1 perpetrator of cyber attacks designed to steal IP (96% of cyber IP theft according to one study). These attacks have been in support of Chinese industrial policy, largely targeting strategic emerging industries that China has identified in five-year plans.

"Made in China 2025" targets sectors where technology is even more critical than in the past. Chinese firms have filed only 1% of the medical tech patents in the last 10 years, compared with nearly 90% coming from the U.S., Europe, and Japan. That’s a lot of ground to make up organically, so it seems near-certain that “borrowing” technology from leading companies will be a key piece of the program.

The bullseye is clearly painted.

Would you know if they were in your network right now?

The stakes are high. IP theft leads to competitive products – with most of the development cost eliminated – which leads to eroding market share. It doesn’t take an advanced math degree to see that this could easily cause billions in lost revenue for a top medical device manufacturer or pharmaceutical company.

Yet, consider this eye-opening Nuix survey of pen testers: 88% of survey respondents indicate that they achieve initial compromise within 12 hours. Perimeter security will not stop a good and motivated attacker. And, once inside, roughly two-thirds report that they are rarely, if ever, detected and stopped.

If you’re chartered with protecting valuable IP, the question is: If they were in your network right now, would you even know?

Vectra helps you to confidently answer "Yes." And to stop any attacks before your trade secrets are gone. All without requiring you to hire an army of threat hunters.

Don’t believe it? Try it.

To learn more about how Vectra can help medical device manufacturers protect their intellectual property, download the solution brief

About the author

Kevin Kennedy

Kevin Kennedy is vice president of product management at Vectra. Before Vectra, he was vice president of product management at Agari Data, which builds data-driven security solutions that eliminate email as a channel for cyberattacks. Prior to Agari, Kevin was senior director of security product management at Juniper, where he spearheaded the company’s continued innovation in data center security. Kevin was also director of product management at Cisco IronPort Systems, where he led the highest-growth business in the Cisco security portfolio, growing bookings by 400 percent in three years. Kevin earned his BSE in computer engineering at the University of Michigan.

Author profile and blog posts

Most recent blog posts from the same author


Stealthy Ransomware: Extortion Evolves

March 29, 2017
Read blog post
Security operations

Better Together: Tight Integration Between Endpoint and Network Security Can Stop Attacks Faster

September 20, 2017
Read blog post

Accelerating action: New technology partnerships help customers bridge the cybersecurity gap

August 4, 2016
Read blog post