Guardians of Intellectual Property in the 21st Century
The Global Supply Chain Industry

EXECUTIVE SUMMARY

MAIN ARGUMENT

The length and complexity, the number of geographically distributed firms, and the number of products that modern supply chains are tasked with delivering to consumers have grown exponentially over the past several decades. Regional supply chains have transformed into global ones with IP and related proprietary information being dispersed across firms’ extended enterprises. Couple these trends with the increase in digitization and the larger presence of internet-enabled technologies, and the number of attack vectors for malevolent actors has outpaced potential protections and safeguards. Succinctly stated, supply chains are vulnerable to IP theft. But questions remain, such as which parts of supply chains are the most vulnerable? What technologies exist to help protect IP? What is missing, and what can be done? The following measures are needed to better protect IP throughout supply chains: (1) the implementation of training for supply chain personnel to match the scale and scope of the increasingly pervasive vulnerabilities of IP in supply chains, (2) the implementation of protocols for traceability and tracking of raw materials at the beginning of the supply chain, and across entities of the supply chain, ideally through an established set of standards for IP protections in the onboarding process, and (3) the establishment of a detection, mitigation, and recovery strategy such that firms have a balanced approach to handling IP theft.

POLICY IMPLICATIONS

This report finds that companies seeking to better protect their IP in supply chains should both take steps to mitigate personnel-related risks and develop a detection, mitigation, and recovery strategy. Key elements to these approaches include the following:

• Train personnel to better understand and identify potential IP vulnerabilities and breaches.
• Improve monitoring and detection capabilities throughout supply chains, including by implementing more stringent traceability protocols, utilizing supplier scorecards, leveraging AI and blockchain technologies, and improving information sharing.
• Strengthen mitigation efforts, with a focus on cybersecurity, by limiting and monitoring access to data and utilizing practices such as encryption and two-step authentication.
• Establish recovery protocols that ensure a quick return to a pre-disruption state by using redundant suppliers to allow for shifts away from bad actors and by having legal strategies in place to respond to potential malpractice.

Steven Carnavole is Assistant Professor of Supply Chain Management and Program Director at the Saunders College of Business at the Rochester Institute of Technology.