Risk managers need to embrace their changing role

Don't risk your precious assets

With over 65% of a company’s value now typically deriving directly from intangible assets, including intellectual property, it is not surprising that organisations are  increasingly dependent on the ability of their management teams to effectively harness and convert these assets into sources of revenue.

Most people would agree that the late 1980’s to early 1990’s were the launchpad into what we now call the ‘knowledge-based economy’ and this trend shows no sign of abating.  As the value of many physical assets declined, conversely the value of intangible assets grew – and with this trend, and understanding that it was not only possible, but vitally important, to put a real monetary value on those assets, and put as much effort into securing them as companies had hitherto done with their physical assets.

When intangible assets are not effectively and consistently safeguarded and their risks managed, they become less valuable, and can lead to undermining of competitive advantage.

It is essential that organisations make use of the combined expertise of security, risk management and IP practitioners to ensure that a company’s intangible assets are consistently safeguarded and positioned to maximise their benefits. 

Point 1 – The issue

Unfortunately, many businesses still fail to recognize this fact.  It is not just security and risk management practitioners who have had no training about intangible assets but often c-suites, boards, and stakeholders have little insight into the specific risks posed to company value.

In some companies, however, Chief Security Officers (CSO)s and CROs are now assuming, consciously or not, new or greater/more integrated roles as regards safeguarding key intangible assets are concerned because of the latter’s crucial importance to the company’s value, competitiveness, sources of revenue, investment attractiveness, sustainability and market position.  

Whoever takes responsibility for an organisation’s IP, whether the accountability is explicit or not, it is essential that the development, acquisition and utilisation of intangible assets becomes aligned with core business, security, and risk management strategies rather than being considered solely as intellectual property based legal processes.

As CSOs and CROs acquire a stronger operational familiarity with intangible assets they will be able to contribute in a number of vital ways to the success of the business.

Point 2  - Why this change of role is of value to a company

This shift runs parallel to the inclusion of ‘return on security investment’ (ROSI) concepts in the security-risk management equation.  A good understanding of an organisation’s assets is essential for managing, among other things:-

 • Business continuity, contingency, organisational resilience planning

 • Intangible asset disputes, risks and challenges

 • Mergers, acquisitions, new ventures

 • Venture capital investments

 • Early Stage Companies

 • Corporate – eg university research partnerships

Point 3 – The need to recognize exactly what the risks are

Given the global volume of intangible asset intensive/driven companies, when security challenges and risks materialise, the contributory value of the (intangible) assets can quickly go to zero.  That’s especially true if safeguards, asset monitoring, and risk management practices are either not in place or are ineffective relative to mitigating the speed and cascading effects of which most risks-threats are now capable.

This is due, in no small part, to the prevalence of technologically sophisticated, globally predatorial, and instantaneous risks and threats, emanating from a variety of sources.

Threats to intangible assets can materialise instantaneously and simultaneously, and course through an enterprise to produce long lasting and even permanent adverse economic affects to a company’s competitive advantage, R&D, reputation and relationship capital. 

CSOs and CROs should no longer characterize/portray risks and threats in the context of probabilities, but rather as inevitabilities.

Point 4  - Nature of what is at risk

The characterization of the problem is often being solely related to intellectual property, i.e., patents, trademarks, copyrights, and trade secrets. When 65+% of most companies’ value and sources of revenue evolve directly from intangible assets, of which IP is just one, it’s prudent to assume that adversaries are also seeking the knowhow, ie., intellectual, structural, and relationship capital (intangible assets) that underlie and/or are by-products of any and all IP.

Initially, managing risk associated with intellectual assets may seem a daunting task if this has not previously been fully addressed.   A great deal of the value of an organisation often lies not just in the IP (that is, patents, trademarks, copyright, designs, trade secrets) but in other intellectual assets  (skills, policies, “know-how”, processes), and intellectual capital (reputation, branding, relationships, contracts).   If key employees leave, perhaps because they are unhappy about a possible change in the company’s structure, their knowledge may leave with them.   Written materials, customer contact lists and bespoke materials can all form part of the intangible assets. Ideas and inventions may be fundamental to the company but the wider intellectual capital is often the key to driving growth, profitability and access to markets.   If these ‘crown jewels’ of a company are allowed to dissipate, in today’s knowledge-based economy, the risk is great indeed.

Point 5  - Who is the threat?

Many countries are now in the early stages of a second generation of citizens who possess the capability to create large scale manufacturing facilities to produce the various products and/or services that with some frequency emanate from infringed – stolen – misappropriated or simply copied intangible assets and IP.

Point 6  - Actions to be taken

It should be (professionally) obligatory for CSO’s and CRO’s to acquire operational familiarity with their company’s intangible assets, which, among other things, include recognizing…

 • what they are, what they aren’t, how they develop/evolve to create contributory value, sources of revenue, and competitive advantages, etc. 

 • nuanced, sophisticated, and asymmetric risks-threats to intangible assets.

 • various ways those risks-threats can materialize to adversely affect intangibles, and

 • effective tools to sustain (protect, preserve) and determine control, use, ownership, and value of the ever growing array of intangible assets on behalf of a company, business unit, or client.

So how should risk managers enhance their understanding of their role in minimising the risks to intangible assets?  Clearly, if an IP professional is part of the company’s senior management team, the risk professional should work closely with that individual or team, or perhaps take advice from a specialist external IP specialist.  In either case, the following steps need to be taken:-

1. identifying the full range of intangible assets owned by the organization;

2. identifying and mitigating definitional and operational gaps (disconnects) between,

 i. conventional intellectual property protections,

 ii. computer/IT security,

 iii. competitive intelligence and data mining,

 iv. economic/industrial espionage,

 v. recruitment and covenants, and

 vi. commercial functions;

3. demonstrating security and risk management’s role in aligning a company’s intangible assets with (its) core business and strategic planning initiatives, i.e.,

 i. utilizing intangibles commensurate with their value - functionality cycles, and

 ii. articulating and positioning intangibles to render companies more attractive to trade and investment opportunities.

Conclusion

This knowledge (intangible asset) based, largely global economy in which we’re in the midst, all be it in the early stages, shows no signs of reversing.

This makes it all the more important that security and risk management practitioners engage and lend their expertise to ensuring a company’s intangible assets are consistently and effectively safeguarded and positioned to realize the economic and competitive advantage benefits which they are generally capable of delivering. 

In most situations, the consequences of intangible asset  losses, are that value/competitive advantage is undermined, and that reputational risks are increasingly immediate and frequently irreversible.  Once lost, compromised, or undermined, the value, revenue, competitive advantages and strategic positioning of those assets and a company’s reputation are extraordinarily costly to regain and seldom, if ever fully recoverable in a timely manner.

About the authors

Jackie Maguire is CEO of Coller IP

Michael D Moberley is President and Founder of Knowledge Protection Strategies - KPSTRAT