October 17, 2019

October 16, 2019

Subscribe to Latest Legal News and Analysis

October 15, 2019

Subscribe to Latest Legal News and Analysis

October 14, 2019

Subscribe to Latest Legal News and Analysis

Employment Law This Week®: Protecting Your Trade Secrets from Insider Threats [Video]

Cyberattacks have emerged as a critical threat to trade secret security. This Employment Law This Week Deep Dive episode focuses on cybersecurity and protecting your trade secrets from attacks that occur from inside your company. Attorneys Brian Spang and Brian Cesaratto of Epstein Becker Green discuss cybersecurity awareness, the Defend Trade Secrets Act and the evolution of cybersecurity, and the importance of implementing strong employee policies and planning ahead. Having a security incident response plan ready is a must for employers in this environment. 

Read on for more about this episode: 

1. Cybersecurity Awareness

British Airways, T-Mobile—these are just a few companies affected by hundreds of data breaches that have occurred this year. October is Cybersecurity Awareness Month, and every new breach is a reminder that cybersecurity cannot be taken for granted. And while the media often focuses on foreign attackers, data increasingly shows that the bigger threat comes from inside your company. We spoke to Brian Spang and Brian Cesaratto, from Epstein Becker Green, for more.

Brian Spang:

"Most data breaches are caused by insiders as opposed to outside attackers. By ‘insiders,’ I mean people who already have access to your system. That includes current employees, former employees who retain access rights to your system, and potentially third-party contractors or vendors who you have granted access to your system."

Brian Cesaratto:

"The data is increasingly showing that insider threat to trade secrets is a growing vulnerability. And that's both because insider threat presents two types of risk: risk of an intentional malicious insider causing damage or exfiltrating trade secrets or unintentional insider threat. So, what companies should do is they should consider the type of threats they face using available data and then determine what their existing controls are and how those can be improved."

For more, click here.

2. The Evolution of Cybersecurity

These attacks have emerged as a critical threat to trade secret security. In 2016, Congress stepped in and tried to make it easier for companies to protect their trade secrets by taking their claims straight to federal courts with the Defend Trade Secrets Act.

Brian Spang provides more:

"The most significant change brought about by the Defend Trade Secrets Act is the establishment of federal subject-matter jurisdiction for trade secrets claims. Plaintiffs now may go directly to federal court without worrying about establishing diversity jurisdiction or relying on a different federal statute to establish subject-matter jurisdiction in federal court. Employers generally view federal court as a forum in which they can obtain relief more quickly and in which the cases move more quickly."

In the past, companies have sometimes relied on non-compete agreements to help prevent insider threats or to provide an avenue for relief. But as Brian Spang tells us, the current regulatory trend is running against these agreements.

"Regulation in this area is evolving toward restricting the use of non-compete agreements and in favoring the rights of individuals. And in certain jurisdictions, there have been recent decisions throwing out claims attempting to enforce over-broad non-compete agreements without giving the plaintiffs any opportunity to argue for modification or a narrowing of the restrictions."

3. Employee Policies and Planning Ahead

In this uncertain climate, ultimately the best offense is still a good defense, and that means stopping the insider threats before they materialize. The most important cybersecurity tools for employers are strong policies that shore up vulnerabilities and a firm plan for a potential incident or breach.

Brian Cesaratto tells us:

"The most important step that an employer can take to prepare for a security incident is to have in place a security incident response plan and to train employees and managers in the implementation of the plan. Planning ahead of time is important because that way, when the time comes and there is a crisis, the company's not reactive. It's not attempting to address the issue under stress where there's no plan in place."

©2019 Epstein Becker & Green, P.C. All rights reserved.


About this Author

Brian G. Cesaratto, Epstein Becker, Employment benefits Litigation Lawyer, Workforce Management attorney

BRIAN G. CESARATTO is a Member of the Firm in the Litigation and Employment, Labor & Workforce Management practices, in the New York office of Epstein Becker Green.

Mr. Cesaratto's practice includes complex commercial litigation, criminal defense, internal and law enforcement investigations, employment litigation, and computer and electronic data misappropriation and forensics.

Brian Spang, Epstein Becker Law Firm, Chicago, Labor and Employment Attorney

Brian Spang is a Member of the Firm in the Employment, Labor & Workforce Management practice, in the Chicago office of Epstein Becker Green. He has nearly 20 years of experience litigating on behalf of Fortune 50 companies, as well as representing, counseling, and advising Fortune 50 and mid- and small-sized employers on all aspects of employment law.

George Carroll Whipple III, Epstein Becker Green, Workforce Management Lawyer, Hiring Matters Attorney

GEORGE CARROLL WHIPPLE, III, is a Member of the Firm in the Employment, Labor, and Workforce Management practice, in the New York office of Epstein Becker Green. He hosts the firm's innovative weekly video program, Employment Law This Week.

Mr. Whipple:

  • Counsels employers on workplace issues, including hiring and promotion, firing and discipline, wage and hour, and the implementation of employment policies, to ensure compliance with federal and state laws

  • ...