A global nonprofit: Focusing on IP Protection and Anti-Corruption Sharing leading practices based on insights from global companies, academics, organizations and think tanks Assessments and benchmarking to measure current processes/systems Guidance and steps for improvement Available in English, Chinese, Spanish and Brazilian Portuguese

4

Globalized Marketplace Information Digitalization Mobile Workforce Fragmented Value Chains

6

*CREATe and PwC: “Economic Impact of Trade Secret Theft: A framework for companies to safeguard trade secrets and mitigate potential threats

10 Category of Trade Secrets Product Information Research & Development Critical & Unique Business Processes Sensitive Business Information IT Systems & Applications Gather key stakeholders to identify trade secrets Group trade secrets into relevant categories Map trade secrets across physical and virtual locations To-dos:

Malicious Insiders Organized Crime Groups Nation States Hactivists Competitors Types of Threat Actor Access to sensitive company information through employment or relationships Cyber intrusions Social engineering Exploiting disgruntled employees Bribery Theft Cyber intrusions Bribery Theft Intelligence and Security Service Collection SOEs Regulations (patent enforcement

Impact Motivation Access Connections Red Flags Most common source of IP theft Ego, ideology, competition or financial gain Systems, records, source code, facilities Malware, malicious code, social engineering to exploit access Activity changes with business events, employee departure

“information which meets all the following requirements”: “is secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question”; “has commercial value because it is a secret”; and “has been subject to reasonable steps under the circumstances, by the person lawfully in control of the information, to keep it secret.”

15

IDENTIFY 1. What risks does the company face? ASSESS 2. How serious are those risks? MANAGE 3. What steps should the company take to manage those risks? Cybersecurity Corporate Digital Assets Breach Trade Secrets or other IP Theft

Gain consensus across business units over definitions and criteria for determining IP that is a trade secret Create a prioritized, ranked list of trade secrets with location maps around the world Define a clear repeatable process for incorporating new innovations and trade secrets into the existing trade secrets list Use a proven formula for assessing the cost of trade secret theft at the company level Determine how to maximize the value of protective measures to ensure the greatest return on security investment Align people, processes and technology to ensure that trade secrets are secret and protected

MeasureImprove

Scores in each category; benchmarked against peers

5 Mature system covering all IP-related issues and focused on continual improvement 4 Systems are well developed and implemented 3 Systems approach; inconsistent implementation and monitoring 2 Limited, reactive systems 1 Little or no awareness or repeatable processes

Improvement Plan: Individual Recommendations Improvement Guide Broad range of tools, resources

Free Downloads Available at Trade Secrets: CREATe-PwC Report/Framework Protecting Trade Secrets with Supply Chain Partners Model Policies: Trade Secrets Protecting Intellectual Property Through Enterprise Risk Management (ERM) Model IP Policies Health and Safety Risks of Counterfeits in the Supply Chain

For more information about CREATe Leading Practices, please contact me at or our information desk at