This is an interesting perspective from Colin Hulme at commercial law firm Burness Paull. Losing IP or confidential information in this era is effectively the same as losing profits through reputation damage and, in some cases, financial penalties.
The use of UEBA (user entity behaviour analytics) is becoming increasingly common to detect and neutralise this kind of threat before it becomes a risk to the business. Being able to log, search and be alerted to abnormal user behaviour would significantly reduce the risk of information leakage in this scenario. And should a data leak be missed, the organisation would have a complete forensic picture to show adequate steps had been taken to safeguard the information.
Every day in Scotland a business will lose confidential information and trade secrets. The news headlines will make us believe that we need to watch out for foreign military powers cyber-hacking our systems. In reality, the risk is far closer to home for many. By far the greater hazard is that posed by disaffected employees and contractors who will have access to your IT systems for a period of time and then leave, taking sensitive information with them. When we are instructed on these cases we typically need to tackle the challenge to show adequate steps have been taken to keep information secret. Often that is not the case. It is important to show that the business has kept the information locked down and have treated it as being confidential, to show that it should be protectable.