CEOCFO MOBILE  CONTACT  |   CEOCFO-SERVICES HOME

Trust Farm, LLC

CEOCFO-Members Login

April 16, 2018 Issue

CEOCFO MAGAZINE

 

Q&A with Allen L. Phelps, CEO of Trust Farm, LLC providing Design, Implementation, and Management of Trade Secret Protection Programs to Safeguard Information Assets against Loss, Theft and Misappropriation

 

 

Allen L. Phelps

Chief Executive Officer

 

Trust Farm, LLC

https://trustfarming.com/

 

Interview conducted by:

Lynn Fosse, Senior Editor, CEOCFO Magazine, Published – April 16, 2018

 

CEOCFO: Mr. Phelps, I see on your website, “Safeguard Innovation,” how are you doing that?

Mr. Phelps: Safeguarding innovation is our core competency. We believe that there is a real need for organizations across all industry, academic and government sectors to protect their trade secrets, proprietary information and other innovation assets from converged cyber security, physical security and insider threats. We focus our efforts on directing and guiding client organizations on the design, implementation, and management of innovation trade secret protection programs to safeguard their information assets for loss, theft and misappropriation.

 

CEOCFO: Would you elaborate on the convergence?

Mr. Phelps: Based on security trends, there is an understanding that the cyber and physical threat vectors have converged. For example, we now see cyber-attackers now attempting to compromise employees through spear-phishing and social targeting campaigns to steal login credentials. Traditional security models within organizations separated the IT security or logical security function from the physical security or global security function. We believe that those security functions should be converged to effectively identify, assess and respond to emerging converged threat vectors. Eventually you will see the single chief security officer that is responsible for both the physical personnel and physical security of an organization as well as protecting the information assets. There are parallels regarding risk and threat. Certainly, the threats have converged, so no longer is it just cyber-attack that you must worry about, it is cyber-attack that is being facilitated or enhanced by the insider threat for example. What is happening in the world is that the risk is converging, so organizations must keep up with that threat and risk management by converging their security practices in-house.

 

CEOCFO: Who is concerned about protecting their innovations and willing to take steps, and who should be concerned?
Mr. Phelps:
Currently, most organizations have not designated a specific corporate officer that is responsible for the protection of the innovation assets; which is surprising because most of American innovation and our organizational value comes from ideas in the form of innovation and invention. We believe that every organization that relies on innovation and invention as a competitive edge should have a Chief Innovation Risk Management Officer (CIRMO) to manage the risks related to the loss, theft and misappropriation of trade secrets and other proprietary information. Occasionally we will meet a Chief Risk Officer, but typically those risk officers focus on the financial assets and financial risk related to monetary and operational concerns and very little focus has been dedicated to protecting the ideas that will drive the organization’s value. Our opinion is that it seems that safeguarding innovation should be a management issue and should be treated as one of the largest assets that an organization has, and have the controls in place just like the organization has for the other types of assets. Safeguarding innovation should be considered a key priority for executives in today’s operation environment across all industry and academic sectors.

 

CEOCFO: How are you educating people about the risk?

Mr. Phelps: I spend 80% of my time educating executives and other organizational stakeholders by talking about the risks and threats that an organization faces, including audiences from Fortune 500 corporations, universities and other organizations that rely on invention and innovation for start-up capital, revenue generation, investments and grants. I spend most my time telling the story that organizations are under attack from sophisticated threats, like Nation State-Sponsored threat actors. For example, we know that foreign governments are targeting innovation because it is cheaper to steal a trade secret than it is to create the innovation from scratch. The feedback we receive from organizations is that there seems to be a lack of awareness as to what the actual threat landscape is across corporate and academic sectors. Most executives understand that there is a cyber threat that is an external computer-based threat trying to break into the inner-workings of their organizations. However, this idea that there could be insiders that are working either independently or with those outsiders is a relatively new concept for organizations. We spend most our time trying to get the audience to listen to the evidence that there is a new threat landscape that has emerged (i.e., the insider threat being compromised by the sophisticated outsider threat). We encourage organizations to launch pilot program to better understand their specific risks and vulnerabilities to assess the likelihood and impact of the new threat within their organizations. Once we highlight there is a problem and they believe there is a problem, typically they will buy into that this is a risk that can be managed properly. Then we make our best case that our company [Trust Farm] is well positioned to assist with their risk management plan based on our extensive experience with mitigating the actual threat. We are leader in the Insider Threat Management-as-a-Service practice and can effectively and create a turnkey innovation protection program that is tailored to the individual organization. We present the problem but also the solution.

 

CEOCFO: Would you tell us about the solutions you offer?

Mr. Phelps: We view the risk of innovation loss, theft and misappropriation as an Enterprise Risk issue. Our solutions are designed to fit within an organizations management structure and approach to risk management. Are solutions are designed to answer the question: ‘What is the likelihood and impact that the organization could suffer an innovation loss or trade secret theft either by an outsider, a less-than-ethical competitor or an insider that has breached the inherent trust between employer and employee and decided to misappropriate trade secrets?” That risk assessment approach allows organizations to understand the scope of the problem. Understanding that there is a risk to be managed is the first step.

 

We typically start with an Innovation Protection pilot program to determine the scope and scale of an organization’s risk related to the loss, theft and misappropriation of their trade secrets and other proprietary information. Trust Farm deploys a proprietary Data Loss Prevention (DLP) intelligence solution called the ‘149™ Nation State Threat Finder’ that identifies Nation State-Sponsored threats operating in an organization. We also deploy a proprietary investigation tool called “ObserveTRUST™’ to the endpoint to observe specific high-risk user behaviors at the keyboard and mouse-click level, as we believe that the individual ‘bad apple’ employee or contractor poses the greatest risk to the organization. Once we identify the scope and scale of the insider threat risk within the client organization, we create a turn-key Insider Threat Management-as-a-Service (ITMaaS) program to identify, assess, investigate and remediate innovation risks. Our ITMaaS programs focus on establishing an effective governance model that is sponsored by the appropriate executive level to ensure the risk management efforts are supported across the organization. We then ensure that the organization’s policies and procedures are clear and obvious, so that employees, contractors and other insiders understand the organization’s expectations as they relate to the protection of the innovation and invention. We also design, develop and deliver training and awareness campaign content to reinforce the policies and procedures related to the protection of innovation. Our solutions then focus on the monitoring for compliance to an organization’s policies and procedures; we deploy our 149™ Nation State Threat Finder and our ObserveTRUST™ Insider Threat Management solutions that monitor for specific insider behaviors and alert our dedicated/embedded Insider Threat Management analyst to suspicious behaviors. The Trust Farm Insider Threat analyst assesses the incident and escalates to the investigation protocols established within the organization. Once the incident is investigated, we assist with organization in determining the best remediation option to take, including the option to take disciplinary action against the insider, refer the incident to intellectual property counsel for civil litigation, or refer the incident to law enforcement if the evidence suggests that a state or federal crime may have been committed.

 

Our solutions are designed so that client organizations can create effective Innovation Protection Programs that quickly identify, assess and mitigate the risk of trade secret loss, theft and misappropriation. We believe that proactive prevention and intervention of improper employee handling of innovation and trade information is always better than a reactive approach to risk mitigation. We have the solution that manages the risk in a compliant and fair manner that builds trust.

 

CEOCFO: Do you see a point where insurers would require a company to have a plan like Trust Farm in place? Is there a way around directly starting with the company, such as working with the people who are engaging with a company to present Trust Farm? Are you reaching out to those groups?

Mr. Phelps: We believe that the creators and owners of innovation and invention assets are in the best position to protect those information assets from loss, theft and misappropriation. We also believe that those creators and owners have the responsibility to protect and safeguard those assets. However, we do recognize that there are other entities that have an interest in preserving the integrity and value of those assets. For example, we believe that the investors, research grant authorities, venture capitalists, and other vested stakeholders should have a voice in safeguarding the innovation and invention that drives an organization’s value proposition. We believe if someone has made an investment for research and development programs to any recipient, then the recipient has a moral, ethical and financial responsibility to safeguard that investment and any assets resulting from the research funding. We believe that stakeholders, such as investors and research grant authorizers, should mandate that the organization implement a specific Innovation Protection Program that safeguards research information assets from loss, theft and misappropriation. We believe that those Innovation Protection Programs must be minimum standards, such as the program standards established by Trust Farm. We are exploring whether organizations that provide that financing, such as government research grant programs like the National Institute of Health (NIH) or a venture capitalist or some other fund manager that is giving seed money to an organization, would consider making Innovation Protection Program implementation a requirement for funding. We have written best practice standards for protecting trade secrets and safeguarding trade secrets in America. Our idea is that recipients of funds should be required to meet those standards and have safeguarding in place to protect those assets.

 

CEOCFO: Why use Trust Farm?

Mr. Phelps: Trust Farm has real-life experience to identify, mitigate, and remediate the theft, loss and misappropriation of innovation trade secrets. We are the only company in the United States that create Innovation Protection Programs for client organizations using our proprietary approach to Insider Threat Management-as-a-Service (ITMaaS). From a competitive perspective, we offer the advantage of experience and know-how in protecting trade secrets. We have created Innovation Protection Programs for clients across industry and academic sectors, including Fortune 500 companies, university systems and government agencies. We also have the proprietary solutions that are effective to provide clients with a working Innovation Protection Program that reduces the likelihood and impact of a trade secret loss, theft and misappropriation event. Trust Farm provides turn-key solutions to safeguard our client’s most valuable assets, including the deployment of on-site ITMaaS teams. Most of our staff have backgrounds in the U.S. government counter-intelligence or counter-espionage space, so we know how ‘bad apples’ behave within organizations. We have the proven experience to apply risk mitigation standards to any organization framework so that organizations small, medium and large can tailor a solution that fits not only their culture but their budget to mitigate the largest threat innovative organizations face, which is the threat of loss, theft and misappropriation of trade secrets and other proprietary information. We invite prospective clients to contact us so that we can give them the specifics of how our solutions work, and connect them with current client reference to hear the effectiveness and value of our approach first-hand.

 


 

“Safeguarding innovation should be considered a key priority for executives in today’s operation environment across all industry and academic sectors.”
- Allen L. Phelps


 

Trust Farm, LLC

https://trustfarming.com/



 


 

 



 

 

disclaimers

© CEOCFO Magazine - All rights reserved

Any reproduction or further distribution of this article without the express written consent of CEOCFOinterviews.com is prohibited.

 

 

Innovation Trade Secret Protection Programs, Trust Farm, LLC, Insider Threat Mitigation, Allen L. Phelps, Design, Implementation, and Management of Trade Secret Protection Programs to Safeguard Information Assets against Loss, Theft and Misappropriation, CEO Interviews 2018, Business Services Companies, Innovation, protection services, Trade Secret Protection for industry, academic and government sectors, innovation protection programs, internal risk mitigation control plans, safeguard trade secrets, protect proprietary invention and innovation assets, identification, assessment and mitigation of insider and outsider threats, protect innovation assets against loss, theft, and misappropriation, Trust Farm, LLC Press Releases, News

 

ceocfointerviews.com does not purchase or make
recommendation on stocks based on the interviews published.