Intellectual Property Information Security

Abdullah Alshathri

442105936

IS536

Abstract – Intellectual property is a term

used to define intangible assets with the

advancement in technology and

innovation, concerns for the security of

intellectual property information increase.

Intellectual property rights are the legal

rights that individuals used to protect their

concepts, ideas, formulas, trade secrets,

and other forms of intangible property. In

order to protect these rights from online

thefts and hacking, it is important to

design an information security system.

Issues to the intellectual property can be

mitigated through the increase in user

security awareness because there are

numerous individuals and organizations

that lack awareness of security threats in

the form of viruses and Trojans. This

paper will use the qualitative research

method approach to figure out the security

awareness needs of contemporary e-

businesses. Different areas that need

security will be evaluated to understand

the quality of security, and then new

strategies will be proposed to enhance

awareness about the security system.

Key Words – Intellectual Property,

Intangible, Online Theft, Hackings,

Mitigation.

I. INTRODUCTION

All the intangible properties or assets that a

person owns and have rights over them are

known as intellectual property. A few years

ago, along with the increase in technological

development and advancement, Intellectual

property had become a systematic threat to

the national security of the United States. The

scope of the threat because of intellectual

property includes trade secrets theft, hacking,

foreign student enrollment information theft,

and hacking (Halbert, 2014). Although it is

about the intellectual property rights of the

country, it serves as a threat to the whole

national security of the United States, along

with its economic competitiveness. In the

modern world, more than half of the

organizations are shifting towards e-business

and ensuring their presence on online

platforms to increase sales and business

growth. In these researches, security is

becoming the major concern of organizations,

mainly those who are dealing with customer

information. But the problem occurs when

the organizations don’t have information

about security concerns and how much

security is required while operating online

businesses (Koushanfar, 2010). Every

organization should have an understanding of

security concerns that might confront

anytime, such as viruses, stolen passwords,

worms, and authority concerns.

Augmentations are also needed to understand

that information security threats can be

originated Internally or externally. It can also

be caused by humans or non-human factors.

The only factor that is beyond human control

is natural disasters; thus, hacking and other

online misshapenness can be controlled by

strengthening the internal information

security system. The internal information

security system includes security negligence,

security errors, security attacks, and security

carelessness. And the system can be

prevented by detecting, preventing, and

managing internal threats. These threats

cannot be solved unless the organization has

awareness about security threats, either

internal or external. All the organizations,

regardless of that size, have developed some

protection systems, both hardware, and

software-based, such as proxy servers,

antivirus software, and numerous low-quality

password management systems, but they

need to know that these are very weak

security management systems in the

digitalized world. According to a computer

crime and security survey in 2005, the

computer security Institute and the Federal

Bureau of investigation, one of the most

common security risks is virus infection

(73%). After the virus infection, insider

abuse has become the second most occurring

security risk (47%) (Charlie C. Chen, 2018).

And the majority of organizations are facing

these risks because of the lack of various

information security. The role of humans in

starting the security factor is more important

and prominent than technology.

Businesses that are operating online through

E-Commerce websites should evaluate all

types of possible information security risks

that could happen to them. Because in online

businesses, most of the operations including

sensitive information of the organization,

users’ good customer’s information,

employee records, and other important data

will be stored own online portals that can be

hacked anytime. Thus, strong information

security systems should be insured for data

thefts.

In the process of development of

technological solutions and strategies for the

organization, it should be ensured that all the

security risks are measured and evaluated in

order to improve the level of security and

awareness among employees and employers.

Information security awareness is crucial to

keep the workforce ready to face these

challenges or risks that might confront

anytime and to come up with substantive

solutions without compromising the only

value of the organization (Charlie C. Chen,

2018). Functions should be aligned with the

need for the security and safety of the

organization. Although it is imperative to

keep the functions and operations of the

organization as a priority at the same time,

considerations for security and safety are also

crucial. The quality-tested the offer existing

literature regarding the importance of

information security in the protection of

intellectual property. Fifteen valid research

articles will be reviewed to enhance the

knowledge of business organizations

operating through Online platforms and for

the collection of information to propose a

strategy effective for all levels of our

positions to take care of intellectual property

rights while operating online and targeting

international customers.

II. LITERATURE REVIEW

Intellectual property right (IPR) Is considered

as defective to protect and develop

innovation and strategic competitiveness

business. The emergence of globalization and

increased collaboration in international

businesses Raises the concerns of increase

intellectual property protection (IPP)

(Hyungjin Lukas Kim, 2019). Increased

collaboration increases the risks of theft and

hacking that is the reason businesses are

advised to keep their property protected

under strict information security systems to

avoid any conflict and theft (Trappey, 2015).

As the world is developing rapidly and

exchange of information becomes easy

alongside making data theft an easy and

convenient process. It is easy to exchange

data virtually over large distances, but there

are enormous threats of falling prey to

hackers and unauthorized users (Johnston,

2009). Researches also say that an

organization’s information security system

needs internal protection to avoid intellectual

property thefts and to keep the user

information secure (Trappey, 2015). The

establishment of Information Security

Policies (ISP) also helps in the management

of intellectual property by limiting the

actions of employees and restricting them

towards the policies of the security system.

Researches reveal that employees

comply with information security policies

affects by their beliefs, values, and normative

attitudes (Burcu Bulgurcu, 2010). E-

commerce organizations are not only

threatened by internal thefts, but international

data hackers are also involved in the process

that is the major threat, and organizations

should be beware of them because

international thefts are considered as national

insecurity (Halbert, 2014). Researches say

that the implementation of an Information

Security Program is an easy and convenient

approach to take care of the intellectual

property of an organization instead of

looking for individual solutions and

implementation (CISSP, 2007). The only

three requirements for the implementation of

an information security program include

awareness, education, and training.

Awareness is required to stimulate, motivate

and remind the information of the

organization that needs protection. Education

means specialized skills required for the

motivation to achieve positive skills. And

training to enhance management and

observation skills required to detect and

observe thefts to the property (Stefan Bauera,

2017). Research says that compliance with

the information security policies (ISP) Is

important to integrate within the organization

to minimize threats to information security. It

means Prevention is better than queued. Thus,

every organization should have information

security policies established on the place to

avoid the happening offer online theft and

hacking of data. Regardless of the size and

the nature of the organization, these policies

should be established at every level to ensure

that the information security system is safe

and secure (Siponen, 2000). information

security managers of every business

operating through eCommerce platforms

must design effective information security

well. This is a program by analyzing

prevailing threats and severity (Rezgui,

2008). Previous studies discuss the problem

at a different level to communicate the

effectiveness of information security

programs and policies to address the problem.

The literature on the role of awareness of

information security for organizations

promotes learning and training for employees

(Lacey, 2012). Studies (Balakrishnan, 2015)

also reveal that the leadership styles of an

organization perform a crucial role in the

enhancement of employee’s awareness of

information security systems and protect the

organization from internal and external

threats. Research is also highlighting that an

employee of the organization must be the real

culprit of threats to better security with the

organization. It also argues that 80% of

security breaches are done by internal

members of the organization (Balakrishnan,

2015). Previous studies also emphasize the

importance of education and training of

employees at the workplace and to enable

them to understand the information security

programs and the need for these programs at

work. Studies are incorporating social

psychology techniques to integrate with the

organizational behavior heard and states that

tagged awareness programs are neglected in

many organizations that results in the theft of

intellectual property. There are numerous

fraudulent activities happening breaching

copyrights, trademarks, and other intangible

property rights of individuals (M.E. Thomson,

1998).

III. METHODOLOGY

The research about the importance of the

awareness of possible threats to the

intellectual property will be conducted

through the qualitative research on the

previous studies and the effectiveness of the

Information Security Program (ISP) on the

management of data online and protection of

online property of businesses. A qualitative

approach integrated with the observation of

the effectiveness of the program will be

helpful to extract results and provide a path

for future researches. Security awareness and

its concerns are emerging; thus, a detailed

overview of the problem should be provided

to enable readers about the severity of the

issue, and they will understand that there is a

need to take immediate action. By analyzing

research studies and previous literature about

intellectual property rights and the need for

protection in this field, observation will be

made on a practical location to evaluate

whether the ISP is effective practically or not,

results are composed.

IV. RESULTS

After the analysis of the fifteen reputable

types of research and literature and one-week

observation over the practical observation on

the healthcare organization having

Information Security Program (ISP)

implemented, results are in favor of the

proverb that prevention is better than cure.

Research studies reveal that the information

security systems should be strong enough to

stop and limits unauthorized access towards

the intellectual property of any person. With

the emergence of technology, the need for

security instruments has increased. Now

along with technological innovation,

organizations should think for protection

strategies as well. Because the transfer of data

online is not threat-free. The implementation

of ISP on the organizational data portals

proves an effective solution. The information

security program helps in the management of

information from different locations by

detecting the identity. The second emphasis

of previous studies is on the role of internal

members of the organization to protect

information (Aloul, 2012). That can be

achieved through the implementation of

information security properties and

limitations to access the intellectual

properties of individuals.

V. DISCUSSION

Intellectual properties are intangible rights

and property of an individual that is at risk

because of the investment in technology and

the emergence of innovative devices. The

research aims to suggest organizations

operating only economist level take care of

their information on open portals to avoid

data theft and user information. The

integration of information security programs

helps in the protection of user data and

sensitive information of an organization.

Organizations ensure that every employee

and employer have an awareness of

information security, and they are willing to

protect user information in all circumstances.

Research says that 80% of information thefts

happened because of the internal members of

the organization. Thus, policies should be

implemented to restrict practices of

employees and internal protection

(Balakrishnan, 2015). Researches also state

that the leadership style of an organization

also helps in the production of online data and

eliminates possibilities of data breaches.

VI. CONCLUSION

In conclusion, intellectual property rights are

important property of individuals that cannot

behold and own by any second-person

without their consent. And those who

breached that data through different means,

online and physical, are known as hackers.

The people were discussing the causes of

information security threats and suggested

solutions to avoid these threats. Such as

training of employees and spreading

awareness about information security, and

the second one is the implementation of

information security program if you for

efficient management of the organization.

VII. FUTURE RESEARCHES

This paper is focuses on the qualitative side

of the problem and lows future research is to

focus on the quantitative measure of the

importance of the awareness of information

security to protect intellectual property right.

VIII. REFERENCES

1. Aloul, F. A. (2012). The Need for

Effective Information Security

Awareness. JOURNAL OF

ADVANCES IN INFORMATION

TECHNOLOGY, VOL. 3, NO. 3, 1-20.

2. Balakrishnan, N. H. (2015).

Leadership Styles and Information

Security Compliance Behavior: The

Mediator Effect of Information

Security Awareness. International

Journal of Information and

Education Technology, Vol. 5, No. 4,

311-350.

3. Burcu Bulgurcu, H. C. (2010).

Information Security Policy

Compliance: An Empirical Study of

Rationality-Based Beliefs and

Information Security Awareness.

JSTOR,

https://doi.org/10.2307/25750690.

4. Charlie C. Chen, R. S. (2018).

Mitigating Information Security

Risks by Increasing User Security

Awareness: A Case Study of an

Information Security Awareness

System. Information Technology,

Learning, and Performance Journal,

Vol. 24, No. 1 , 1-30.

5. CISSP, T. R. (2007). Implementing

an Information Security Awareness

Program. Tylaor & Frances Online,

https://doi.org/10.1201/1086/45241.1

4.2.20050501/88292.6.

6. Halbert, D. (2014). Intellectual

property theft and national security:

Agendas and assumptions. An

International Journal Volume 32,

Issue 4,

https://doi.org/10.1080/01972243.20

16.1177762.

7. Hyungjin Lukas Kim, A. H. (2019).

Protecting intellectual property from

insider threats: A management

information security intelligence

perspective. Journal of Intellectual

Capital,

https://www.emerald.com/insight/co

ntent/doi/10.1108/JIC-05-2019-

0096/full/html.

8. Johnston, A. C. (2009). Improved

security through information security

governance. ACM,

https://doi.org/10.1145/1435417.143

5446.

9. Koushanfar, Y. M. (2010). Active

Hardware Metering for Intellectual

Property Protection and Security.

USENIX Security Symposium, 292-

310.

10. Lacey, G. S. (2012). Death by a

thousand facts: Criticising the

technocratic approach to information

security awareness. Information

Management & Computer Security,

https://www.emerald.com/insight/co

ntent/doi/10.1108/096852212112191

82/full/html.

11. M.E. Thomson, a. R. (1998).

Information security awareness:

educating your users effectively.

Information Management &

Computer Security,

https://www.emerald.com/insight/co

ntent/doi/10.1108/096852298102276

49/full/html.

12. Rezgui, Y. (2008). Information

security awareness in higher

education: An exploratory study.

Computers & Security Volume 27,

243-253.

13. Siponen, M. T. (2000). A conceptual

foundation for organizational

information security awareness.

Information Management &

Computer Security,

https://www.emerald.com/insight/co

ntent/doi/10.1108/096852200103713

94/full/html.

14. Stefan Bauera, E. W. (2017).

Prevention is better than cure!

Designing information security

awareness programs to overcome

users’ non-compliance with

information security policies in banks.

Computers & Security Volume 68,

https://doi.org/10.1016/j.cose.2017.0

4.009.

15. Trappey, H. L. (2015). Intellectual

Property Protection. SpringerLink,

https://link.springer.com/chapter/10.

1007/978-3-319-13776-6_18.