The Copyright Society of the USA has declared April as Copyright Awareness month. Following their lead, let's spend the month looking at Intellectual Property law thru the eyes of an Information security professional.

Information security professionals have a responsibility to execute both due diligence and due care in protecting their employer. To execute due diligence, the professional must review the current environment (threats, competitive landscape, applicable laws, et cetera) to maintain the optimal information technology protections and controls. Demonstrating a history of this process along with demonstrating that the controls are appropriately implemented and maintained, known as due care, proves an organization has taken the appropriate steps to protect itself. Due diligence and due care are crucial to protecting an organization and, should an incident end up in court, crucial to demonstrating that the right things were done.

Due diligence and due care also require those responsible for information security to be advised on intellectual property law. In essence, we have two broad objectives: protect the organization’s intellectual property rights and protect the organization from infringing on other’s rights.

This blog series will delve into these topics. Follow the tag "Intellectual Property" to read all the articles.