Archive for 'Due Diligence and Risk Assessments'

Intangible Asset OPSEC

April 25th, 2014. Published under Due Diligence and Risk Assessments, Intangible asset protection. No Comments.

Michael D. Moberly  April 25, 2014   ‘A long form blog where attention span really matters’.

This post is written for entrepreneurs, researchers, and companies who recognize the importance and value of retaining some semblance of confidentiality regarding perhaps a pending merger, acquisition, R&D project, new product launch and/or public rollout. The following is one example.

I colleague of mine who very deservedly is a highly sought after ‘chief security officer’ (CSO) for Fortune ranked technology firms. In a previous CSO position he assumed enterprise wide responsibility for maintaining absolute secrecy regarding a newly developed product and its launch at the annual ‘consumer electronics’ show in Las Vegas. His efforts were successful, that is, there was no evidence of leakage or premature disclosure that would have provided fodder for analyst speculation that may have, at least partially, negated – undermined the company from experiencing a rapid 300% increase in its stock price following its public launch at the show.

In the U.S. Silicon Valley, where there are large numbers of extraordinarily sophisticated, and globlly predatorial competitor – business intelligence activities ongoing, coupled with the somewhat incestuous employee fire – hire – rehire environment, maintaining comprehensive project – product launch secrecy for any substantial length of time is, to be sure, is a significant responsibility and undertaking encompassing countless variables.  Though, my colleague is and remains an ardent advocate and practitioner of OPSEC.

The Origins of OPSEC

As a methodology, OPSEC (operations security) emerged in 1967, during the Viet Nam war, when a small group of U.S. Navy personnel were tasked to determine how the enemy was obtaining advance information about U.S. military combat (air, ground) missions. The enemy, in this instance, was the Viet Cong, the North Vietnamese Army and their various allies.

This group of Navy personnel learned that, in many instances, there was an abundance of unclassified ‘indicators’ that were readily observable by adversaries that, in many instances, signaled a pending military mission or operation.

The enemy’s intelligence collection and analysis methodologies were quite unsophisticated, generally relying on personal observations and understanding which indicators were relevant, which in turn allowed them to ‘connect the proverbial dots’ to develop a rapid and frequently accurate assessment of (a.) the capabilities of the particular combat unit involved, and (b.) it’s intentions, which included the missions’ intended target.

As the adversary’s honed their observation and analytical skills insofar as recognizing mission/operation ‘indicators’, the always desirable and preferred element of surprise was routinely being compromised, along with a reduction in mission effectiveness. More importantly however, the military personnel executing the compromised missions were now being exposed to greater risk.

In short, the U.S. Navy personnel charged with examining how missions – operations were being compromised came to learn that, even though mandated security and intelligence countermeasures were being used, reliance solely upon them, was insufficient to completely deny adversaries from surmising mission intentions and capabilities to their benefit.

It was ultimately concluded that, if military operations ‘were examined through the eyes of the adversary’, i.e., from the planning phase through execution, mission planners would themselves come to recognize and ultimately eliminate the myriad of subtle and often indirect indicators, i.e., actions, behaviors, etc., that ‘signal’ a pending operation.

Then, as now, operations security (OPSEC) is associated with the planning and executing operations in which…

  • secrecy
  • integrity, and the
  • element of surprise

…are absolutely essential to mission success and mitigating personnel  risk!

Since the Viet Nam war, the OPSEC process has undergone numerous revisions and refinements. Its benefits are now widely recognized and applied throughout much of the defense, public law enforcement and even certain corporate R&D environments.

What Is OPSEC?

OPSEC is a specialized security discipline. It focuses on discovering and eliminating the indirect ways in which information assets pertinent to the planning and execution of an operation and/or project can become known to and used by an adversary to undermine the mission’s success and elevate exposure to risk

OPSEC emphasizes the view that adversaries have a consistent interest in acquiring information that will aid them to evade (a.) detection, (b.) capture and arrest, and (c.) otherwise permit them to continue their intelligence collection activities unabated.

Insofar As The Private (Tech) Sector Is Concerned, The Key To OPSEC’s Success Is Examining Projects Through The Eyes Of Economic and Competitive Advantage Adversaries

To be effective in today’s global business environment, a company must be able to systematically examine all planning and execution related activities ‘through the eyes’ of their known economic and competitive advantage adversaries, which entails…

  • assessing the adversary’s motivations, intentions, and capabilities to actually detect and exploit relevant intangible assets, particularly intellectual, structural, and relationship capital.
  • eliminating, or, at least minimizing preparatory ‘indicators’ related to pending operations, projects, and R&D throughout the planning and execution stages.

In my judgment, each OPSEC principle is readily translatable to the private sector. It’s merely a matter of recognizing how military related goals fit a private sector initiative or transaction.

For example, companies, be they Fortune ranked or early stage start-ups, that are about to ‘go public’ with a new product, service, or technology have an interest in discovering and eliminating even the most subtle indicator that could become known and applied by competitors to undermine and/or deny success.

I am hard pressed to identify any circumstance in which it would be in a company’s interest to inadvertently or negligently provide a close competitor with advance notice. Given the aggressively competitive, globally predatorial, and ‘winner-take-all’ nature of most companies today, any advance notice would give competitors ample time to develop a counter campaign of sorts, to undermine the projected success of a new products’ rollout, merely because ‘the element of consumer surprise’ was absent.

There is little question that the combined elements of consumer anticipation and surprise are valuable commodities to the private sector!

But, in part because of how and why OPSEC originated, particularly perhaps its association with military (war) operations, there have been challenges to overcome (address) with business decision makers to render it a more appreciated application, not solely to new product launches, but also to various types of business transactions in which confidentiality and due diligence are essential, e.g., mergers and acquisitions, etc.

A key and very favorable factor, insofar as applying OPSEC to private sector transactions is concerned is the economic fact that 80+% of most company’s value, sources of revenue, and competitive advantage now lie in – evolved directly from intangible assets.

So, an initial step is for a company to recognize various ways in which valuable intangible asset shrinkage – compromise – misappropriation can prematurely occur to benefit a competitor and its market space. Company leadership must too recognize that some intangibles may not meet the six requisites of trade secrecy, but still they may be identified as proprietary and remain out of the public domain for as long as possible so the company is positioned to take full advantage – exploit their intangibles before any (global) competitor can mount a counter move designed to undermine and/or diminish any projected successes.

Translating OPSEC To The Private Sector

To security practitioners already well versed in the principles and practices of OPSEC, the safeguarding and preserving the value of the array of contributory intangible assets, while being (a.) integral to OPSEC and (b.) routinely part of conversations among company decisions makers, the term OPSEC itself, is rarely uttered because a significant percentage of business decision makers are far removed from any defense and/or military reference points on which OPSEC was founded.

Too, well practiced OPSEC is not reliant on any particular automated procedure. Instead, OPSEC is dependent on a high level of (user) internalization coupled with keen awareness and observation skill sets in which users and decision-makers consistently examine most all of their business-related activities through the eyes of global economic and competitive advantage adversaries

Broadly speaking, these OPSEC attributes are, in some respects, the antithesis of the very technical and procedural (disclaimer and liability influenced) rigidity associated with most computer/IT security (software) programs and/or enforcement provisions related to intellectual property law.

OPSEC compliance and its ultimate value – contribution to a company is, for the most part, dependant on people – user awareness, and alertness. Figuratively then, OPSEC may be more art than science, but it is quite successful.

Intangible Asset Due Diligence

April 23rd, 2014. Published under Due Diligence and Risk Assessments. 3 Comments.

Michael D. Moberly    April 23, 2014    ‘A long form blog where attention span really matters’!

Conducting intangible asset due diligence is essential because today, as much as 80+% of most company’s value, sources of revenue, and competitive advantages, etc., lie in – evolve directly from intangible assets. That’s a globally universal economic fact! Too, the various transactions a company routinely engages, one can be assured, intangible assets will inevitably be in play and therefore their status can affect any transaction outcome.

Intangible asset due diligence is not an exercise that is useful only after a company suspects or experiences the materialization of a risk, i.e., misappropriation, infringement, etc., or is notified they are a defendant to a lawsuit!

Equally important, intangible asset due diligence, given the complexities involved, should not be a mere confirmatory review that certain intangibles are present using a generic, one-size-fits-all checklist.

Intangible asset due diligence is obliged to provide decision makers with…

  • actionable recommendations for making sound business decisions about preserving, managing, positioning, and extracting value from the assets in play.
  • an objective sense of the targeted assets’ fragility, stability, defensibility, and value insofar as projections of deliverable revenue and competitive advantages.

When conducting intangible asset due diligence, a first responsibility is to understand the target company by becoming familiar with its intangibles, i.e., the underlying intellectual, structural, and relationship capital particularly.

When should companies conduct their intangible asset due diligence? In most circumstances, its best to engage in preliminary due diligence should be conducted as a prelude to any transaction in which specific, i.e., the sought after intangibles will be in play. Thus, intangible asset due diligence should be analogous to asset monitoring and conducted in both pre and post transaction contexts.

How will intangible asset due diligence benefit your company? In any business transaction in which intangible assets will be integral to the outcome, due diligence can enable and facilitate a more secure and profitable transaction (not impede it) by providing decision makers with clear and timely insights, i.e.,

  • Identifying embedded – under-the-radar risks, vulnerabilities, and operational complexities that contribute to impairing or entangling knowledge-based assets and serve as preludes to costly and time consuming disputes and challenges…
  • Identifying and unraveling internal centers, chains, or clusters of intangibles and competitive advantages and assess the adequacy of safeguards.
  • Bringing operational – economic clarity to the target company’s intangible assets, intellectual property, know how, brand, and competitive advantages, etc.
  • Identifying efficient – effective protection – value preservation measures that are aligned with a transactions’ objective and the company’s strategic business plan, i.e., projected returns, exit strategy, as well as the life – value cycle of the assets in play.

Reader comments and inquires are always welcome at 314-440-3593 (St. Louis) or

Intangible Asset Risk Assessments: Qualitative vs. Quantitative

February 27th, 2014. Published under Communicating Risk, Due Diligence and Risk Assessments, Enterprise risk management.. No Comments.

 Michael D. Moberly    February 27, 2014   ‘A blog where attention span really matters’.

As most readers of this blog recognize, generally through their personal – professional experiences, assessment and management of (company) risk has indeed become increasingly more complex and multi-faceted, particularly as we endeavor to guide our company’s and/or clients through the respective operational, audit, compliance, and budgeting obstacle course.

Throughout this so-called obstacle course, it is likely we will become inclined, at some point, to justify most, if not all of the factors used to assign a reasonably correct ‘risk rating’ to the various business units within our company or that of our clients.

But, and probably rightfully so, more company decision makers are requiring quantitative (data) driven findings to support a particular risk rating. So, no longer can security – risk management practitioners find comfort by focusing their attention almost exclusively the rather archaic latest zero-day risk materialization or exploitation events. To be sure, that landscape has changed so significantly that we must assume greater responsibilities.

So, in the security, asset protection, and risk-threat assessment and management arena, presenting a risk-threat rating that is simply or solely based on numbers may not result in the best (risk, threat) analysis that we are seeking. Thus, one path that gets us closer to arriving at a more accurate understanding of the actual risk-threat level necessary for business strategic planning and decision making, it’s necessary to introduce and factor multiple elements in the risk-threat analysis equation.

Thus, as we more routinely adopt a more inclusive and/or multi-dimensional view toward assessing risks and threats, additional complexity will likely be one outcome, e.g., quantitative and qualitative forms of measurement.

Quantitative risk-threat assessment…
Quantitative risk assessment surfaces as we develop the ability to assign a (specific) dollar amount/value to a specific risk or threat should it materialize. As an example, let’s apply quantitative risk assessment to a healthcare institution.

For simplicity, there are 1,000 confidential patient records and data that reside in a single database. This particular database is directly accessible by a web server which resides in a semi-trusted environment.  That of course, constitutes a vulnerability (risk) in itself, and any compromise of the method in which the web server communicates with the database would likely result in the exposure (comprise) of all 1,000 patient records holding confidential data as conveyed by HIPPA (Health Insurance Protection and Portability Act).

Too, for discussion sake, and to add further complexity, during a recent ‘business impact analysis’ or BIA, it was found that the replacement cost for each compromised patient record would be $30. This cost includes (a.) contacting each patient to inform them of the compromise, (b.) changing each patients account numbers, and (c.) printing new health cards.

From this, one can easily determine that the maximum quantitative loss associated with a full compromise of that system is conservatively estimated at $30,000, excluding of course, the inevitable litigation. No doubt, as readers already surmise, there is more to consider. But does quantitative risk always have to ‘map out’ the money (loss or cost) aspects associated with materialized risks-threats?, probably not, because in many instances controls are automated with internally consistent and repeatable numbers being generated that can be used to create an alert dashboard or report directed to business unit managers when breaches or other adverse events occur.

Qualitative risk-threat assessment

Qualitative risk-threat assessment, on the other hand takes a different form. To demonstrate qualitative risk-threat assessment it is important to introduce additional factors, i.e., threat-risk vectors into the above example.

The first is, we learn that the patient database that previously held 1,000 records will now hold 10,000 records, possibly rising to 500,000 patient records. We also learn that (a.) multiple groups and/or business units within the healthcare institution will have access, and (b.) the capability to modify patient records, and (c.) the database/system will now come under the control of a different unit, i.e., the company’s Operations Group.

Obviously, substantive changes like this elevate – bring additional complexity to the risk-threat assessment we are endeavoring to calculate.  Too add yet another layer of complexity to our risk-threat analysis, we are informed by the audit unit that the data in the database is (d.) neither encrypted in transit to the web server or at rest on the database. The coup de grace follows with the audit unit giving exactly ninety days to document and remediate these adverse set of circumstances, i.e., risks, threats, vulnerabilities, because, as it stands, this healthcare institutions IT system is not in compliance with HIPAA.  Collectively, the additional factors serve to expand the risk-threat equation.

Now that these vulnerabilities (risks, threats) are known to exist relative to the institutions’ IT system, the next steps involve determining (a.) linking costs to any actual compromise, i.e., the materialization of a risk-threat or vulnerability being exploited, and also (b.) the probability that a specific or possible multiple vulnerabilities that have been identified will be discovered and adversely exploited by bad actors, or (c.) a single vulnerability materializing and cascading throughout the IT system.

Assessment process…

The assessment process commences by examining the cost(s) associated with potential compromises, as (a.) single acts, (b.) as multiple acts occurring simultaneously, and (c.) the potential for adverse cascading effects throughout the institution, well beyond perhaps the IT system itself.

Because we now know there may be in excess of 500,000 confidential patient records stored on the database, it’s often prudent to consider – factor absolute worst-case scenarios, i.e.,

500,000 records X $30 remediation cost per record = $15 million.

In most any company’s perspective, the possibility of $15 million dollars being ‘at risk’ is significant. One problem associated with relying solely on this formula is that it is largely one-dimensional. In other words, just because a banks has $100 million in cash in its vault does not translate that the money could be easily stolen from the vault.

So, being prudent security – risk management professionals, we must have other way in which to assign a particular level of risk to a particular vulnerability that fully considers multiple (known) risk factors, not just one, or absent the possibility multiple risks could materialize in some manner of sequence and cascade.  Such added (risk-threat-vulnerability) complexities should prompt practitioners to re-visit qualitative risk ratings.

One reason is because many companies, organizations, and institutions learn there is a necessity to have multiple, perhaps three to five qualitative risk levels which may be addressed in relatively simple, but in my view, ambiguous terms like low, medium and high.

Sources for quantitative and qualitative data…

Based on my own experiences, I, and many other security – risk management professionals information and insight related to quantifying probabilities for risk-threat materialization is acquired from such sources (a.) penetration tests, and (b.) vulnerability scanners.

Generally, these sources produce good and relevant information, but it’s important to acknowledge that it may be from delivering the necessary complete risk-threat-vulnerability picture because either can, and frequently does change rapidly and routinely. Consequently, in addition to conventional risk-threat-vulnerability assessments, each must be routinely monitored for the inevitable changes. A critical part of which is internal, that is information about the activities of legitimate and authorized users of the IT systems, i.e., such things as where do they go, what do they do, what do they click on, etc.

Welcome inspiration for this post is gratefully attributed to Stephen Sims of the Sans Institute  Other Related Articles in Audit and Governance


Company Culture Due Diligence

January 6th, 2014. Published under Company culture and reputation., Due Diligence and Risk Assessments. 1 Comment.

Michael D. Moberly    January 6, 2014    ‘A blog where attention span matters.

 A company initiating, or even contemplating, a merger or acquisition would be well served today if a company culture analysis was included in their overall due diligence strategy!

The reason, as conveyed here many times, is that increasing percentages, i.e., 80+% of most company’s value and sources of revenue either lie in or directly evolve from intangible assets, which company culture is one.  It’s correct to assume then, that a substantial factor in the rationale if the initiating company’s seeking an M&A evolve around merging or acquiring particular intangible assets which the target firm already has in place and collectively exist in the form of intellectual, structural, and relationship capital.

From an operational perspective, intellectual and structural capital constitutes the knowhow and processes which collectively underlie the revenue, competitive advantages, and efficiencies, etc., being sought.  So, in M&A transactions, acquiring unimpeded use and control of these valuable assets becomes the underlying starting point for achieving the projected (desired) transaction outcomes.

Unfortunately, for the uninitiated, a target company’s culture, as well as other intangible assets, may be overlooked, dismissed, or even deemed irrelevant to a transactions’ projected outcome.  It’s equally unwise to assume, should a proposed transaction, i.e., M&A, strategic alliance, etc., be favorably executed, that the sought after intangibles can be necessarily (individually) separated, extracted, and  exploited apart from a company’s culture. Today, transaction management teams are obliged to understand that are intangible assets quite indivisible from its culture, particularly intellectual, structural, and relationship capital which are generally embedded in various operational processes and integrated throughout an enterprise,.

Transaction management teams again, would be well served to recognize a company’s culture as being an invisible (intangible) temperament and/or attitude that connects and bonds companies, employees, and stakeholders together, says Grant McCracken, one, among several prominent company culture specialists today, specializing in the intersection of commerce and culture, i.e., where company culture sits at the intersection of anthropology and economics.

So, from McCracken and others’ work in this arena, we see perspectives emerging, that company culture is being likened to an ‘internal version of a company’s brand’.  That’s largely attributable to a broader recognition of the reality that company culture generally encompasses a company’s mission, its vision, its values, and its intangible assets.

Clearly McCracken understands how an effective (company) culture can impact a business, e.g., “culture is a company’s last mile” he often emphasizes as he makes a very compelling case that a company’s culture is marketing’s newest version of the proverbial ‘silver bullet’.  Certainly, no disagreement here!

But, before embarking on a company culture analysis, says Monica Mehta a writer for Profit and Profit Online, the target company should be distinguished on several cultural dimensions often conveyed as dimensions between two extremes as Ms. Mehta has portrayed so well here…

So, there should be less resistance to including company culture analysis as an integral component to transaction due diligence.  In my view, each of the dimensions above apply to corporate cultures, and can serve as effective starting points for culture assessment and due diligence. It is important to realize, as Ms. Mehta points out, there may be no, necessarily right or wrong (company) culture at the analysis stage.  The initial key is that due diligence teams are operationally familiar with the characteristics and features of their own company’s culture.
In Ms. Mehta’s example, the following can be observed with respect to Company #1…
  • it is engaged in public manufacturing with a strong western, primarily U.S. oriented, business culture.
  • the nodes confirm the company has an individualized (work ethic) orientation overall wherein employees have the opportunity to work in a meritocracy fashion.
  • is very rules-oriented, i.e., there is a process for most every function or task.
  • due in part to its public nature, the Company #1 has a relatively short-term focus, e.g., new business strategies need to pay off – produce a return on investment within each fiscal year.
  • tends toward a (McGregor) Theory Y perspective, wherein managers assume employees are (self) motivated to perform well providing their efforts are duly and appropriately recognized., i.e., the bonus program, based on over-performing on the goals, can be found on the company’s intranet, next to all other procedural descriptions
  • is relatively internally focused, and plans its business using a traditional – conventional budget scheme.
  • benefits from the best practices of performance management, i.e., a top-down strategy for task implementation, coupled with openly shared feedback with a ranking of the best-scoring people in sales.

On the somewhat opposite extreme, Company #2 would likely not be as successful because Ms. Mehta suggests…

  • it has been a family-owned business for multiple generations with senior management knowing most of the employees, many of whom have worked for the company their entire professional lives.
  • the next generation of ownership is growing up and the company needs to secure their future too.
  • the culture of the company is externally focused which suggests it can only survive in the market by sustaining its extreme customer focus.
  • of the company’s decision-making process, i.e., senior management ask for input only from a few trusted employees, and then the family will make a decision with information eventually being shared with the staff, but usually verbally and in informal meetings.
  • while the company has performance indicators, they are mostly aimed at how the company is performing in the eyes of the customers.
  • rewards are not directly tied to performance during a specific period, rather the family rewards loyalty and provides bonuses when deemed necessary.

In closing, while I am a strong advocate of company culture due diligence, standing alone, culture alignment does not guarantee a successful and profitable transaction, i.e., M&A.

For example, if Company #2 is realizing losses, perhaps some elements of the performance management practices of Company #1 need to be adopted.  Conversely, if Company #1 is experiencing a substantial growth phase, key people (and their respective intellectual, structural, and relationship capital abilities) need to be retained to manage that growth with these individuals becoming part of the company’s inner circle of strategic thinkers and decision makers.

Thus, the insight that a company culture analysis (due diligence) would bring to transaction oversight could ultimately set a strategic path how (culture) performance management should be conceived and implemented. But, transaction management teams should also recognize that (culture) performance management it can work as a measurement mechanism that drives employee behavior.

So, if there are particular aspects of a target company’s culture that appear undesirable or otherwise may impede a transactions projected milestones for success they may warrant change.

Otherwise if there is too much…

  • of a group focus, individual performance indicators may be useful, or
  • of a long-term focus, short-term targets may help, or
  • if relationship (capital) focus turns into nepotism, more uniform reward processes may be needed.

This post was inspired and adapted from work authored by Monica Mehta in a February 2009 piece in Profit and Profit Online.

This blog post has been researched and written by me with the genuine intent it serve as a useful and respectful medium to elevate awareness and appreciation for a wide range of issues related to intangible assets within the global business community.  My posts are not intended to be quick bites of unsubstantiated commentary or information piggy-backed to other sources.

Comments regarding my blog posts are encouraged and respected.  Should a reader elect to utilize all or a portion of my posts, full attribution is expected and appreciated. While visiting my blog readers are encouraged to browse other topics (posts) which may be relevant to their circumstance or business transaction.  I always welcome your inquiry at 314-440-3593 or






Business Culture Due Diligence

December 21st, 2013. Published under Due Diligence and Risk Assessments, Intangible asset focused company culture.. No Comments.

Michael D. Moberly    December 21, 2013   ‘A blog where attention span matters’.

Yes, through some practitioner’s lens, business culture due diligence is synonymous with human due diligence.  Agreed the term culture is one with sociological roots, and of course, sociology is the study of ‘people’ interactions.  And, understanding a company’s culture, in any type of transaction, is an important component that goes toward ensuring the desired outcome(s) will be achieved as planned.

I, on the other hand, as an intangible asset strategist and risk specialist hold the view that business culture due diligence in, let’s say, a merger – acquisition context, must go well beyond prognostications about how two distinct company cultures’ will or will not effectively merge or be receptive to being united and/or positioned to create greater efficiencies, maximize distribution channels and/or mitigate overlap, etc.

Instead, I hold the view that business culture due diligence, while being a very necessary element to any and every transaction, the term ‘business culture’ itself should be distinguished in intangible asset contexts, i.e., intellectual, structural, and relationship capital.  The product of the due diligence I advocate and practice actually drills down to and distinguishes the core assets which we know underlie a transaction delivering superior vs. mediocre returns, or utterly failing.

On the downside…

As noted in previous posts regarding due diligence at this blog, an undesired outcome of engaging in a business transaction, absent the benefits and insights of a business culture due diligence action that distinguishes the intangibles in play, is that there is a significant probability a substantial loss of talent in the form of intellectual, structural, and relationship capital, will commence once rumors of a merger are uttered.  Too, this downside reality will likely escalate following an official announcement of a pending (merger) transaction.

At the 30,000 foot altitudes of deal making, and deal makers who are operationally unfamiliar with or dismissive of the contributory role and value of intangible assets, the potential problems and/or challenges posed by intellectual (structural and relationship) capital attrition for both the near and long term, may initially appear as mere blips on their respective radar screen, and thus readily dismissed.

However, through countless studies, papers, and articles, a clear picture emerges which shows companies are likely to continue to lose disproportionate levels of intellectual capital, i.e., executives and management team members long after a mergers’ execution, due to, among other things, confusion over and differences in managerial styles and decision-making.

As noted in Jeffrey Krug’s piece in Harvard Business Reviews’ (February, 2003) Forethought, titled “Why Do They Keep Leaving?”, for those individuals (and their respective intellectual, structural, and relationship capital) that remain, post merger, differences in decision-making styles will inevitably produce infighting, causing decisions to be postponed or blocked altogether.

Thus, having some assurance that the effective integration of intellectual (structural, relationship) capital will neither stall nor prompt declines in productivity is essential.  Krug’s research states that nearly two-thirds of companies will lose market share in the first quarter following a merger. By the third quarter that figure may climb to 90%.  I suspect when such disastrous outcomes occur, if due diligence was undertaken prior to deal execution, it did not engage ‘transaction critical’ intangible assets.

On the upside…

On the upside, intangible asset focused due diligence for mergers, or most any business transaction, can help deal makers mitigate, if not avoid the above types of problems and challenges altogether.  Intangible asset based due diligence will reveal and unravel these and other potential and often times unforeseen fissures and friction points in advance and make them integral to the transaction negotiations and perhaps most importantly, distinguish them in intellectual, structural, and relationship capital contexts.

The value then of conducting pre-transaction (intangible asset focused) due diligence coupled with monitoring key – contributory value intangible assets for a specified period following execution of a transaction have become imperatives which no deal/decision maker should dismiss.  After all, it is an economic fact – business reality today that 80+% of most company’s value, sources of revenue, and ‘building blocks’ for growth, profitability, and sustainability globally, either lie in or evolve directly from intangible assets!

Respectfully then, excluding intangible assets, that underlie the value and rationale for most mergers, as well as many other types of transactions, from due diligence, constitutes a substantial risk which I advise my clients to avoid.  And, if the targeted company expresses unwillingness, or otherwise is not receptive to intangible asset focused due diligence it may well be a harbinger or predictor of ‘on the horizon’ challenges.  Thus, demanding a comprehensive intangible asset focused due diligence would be especially insightful.

This blog post has been researched and written by me with the genuine intent it serve as a useful and respectful medium to elevate awareness and appreciation for intangible assets throughout the global business community.   My blog posts focus on a wide range of issues related to intangible assets and intellectual property.   Respectfully, each post is not intended to be quick bites of  unsubstantiated commentary or information piggy-backed to other sources.

Comments regarding my blog posts are encouraged and respected.  Should any reader elect to utilize all or a portion of my posts, attribution is expected. While visiting my blog readers are encouraged to browse other topics (posts) which may be relevant to their circumstance or business transaction.  I always welcome your inquiry at 314-440-3593 or

Company Culture, Intangible Assets, and Due Diligence

December 20th, 2013. Published under Company culture and reputation., Due Diligence and Risk Assessments. No Comments.

Michael D. Moberly     December 19, 2013    ‘A blog where attention span matters’!

Company culture is a powerful and lucrative intangible asset, but it requires consistent due diligence, i.e., stewardship, oversight, and management, that is, if a company’s leadership wish it to remain intact.

Throughout the past 15+ years, particularly following the 2001 Brookings Institution publication of…

  • ‘Intangibles: Management, Measurement, and Reporting’ authored by Baruch Lev, and
  • ‘Unseen Wealth’ authored by Margaret Blair and Steven Wallman.

the economic fact that 80+% of most company’s value, sources of revenue, and ‘building blocks’ for growth, sustainability, and profitability globally, either lie in or evolve directly from intangible assets is being minimally acknowledged as a business reality, but unfortunately, seldom executed!

Of course, there have been equally thought provoking books, articles, studies, and position papers written by subject matter experts such as Dr. Nir Kossovsky and ‘reputation risk’, Mary Adams and ‘intellectual capital’, and Jonathan Salem Baskin and ‘brand’ and many others, including my own that is scheduled to be published in Spring, 2014 on the ‘management and safeguarding of intangible assets’.

A small, but never-the-less integral component to each of these books, plus numerous other works by colleagues in the intangible asset arena, addresses the role and value of the ‘company culture’ as a powerful, lucrative, and brand building intangible asset.

For some management teams, c-suites, and boards, ‘company culture’ are elusive and imprecise which are well suited (applied) in San Jose, California’s ‘silicon valley’ technology firms which carefully manage and hype their respective work environments’ as constituting somewhat of a ‘spiritual’ environment, i.e., culture, purposefully designed and intended to be a consistent and positive driver for collaboration, creativity, and productivity.

The relevance of a positive company culture in terms of its collective ‘contributory value’ to that collaboration, creativity, and productivity, too many, is very clear and rational.

The passing of Steve Jobs (Apples’ founder) has rejuvenated interest among academics and management analysts alike to articulate a ‘before and after’ (longitudinal) picture of Apple’s culture and its potential for replication through a feature film and various documentaries that endeavor to capture his self-characterized maniacal interest in sustaining Apple’s culture of annual technological breakthroughs and product marketing instincts.

In other words, I suspect there will be numerous, presumably well intentioned initiatives to gauge the permanency, relevance, and value of a ‘company culture’ comparable to that which was obviously embedded throughout Apple.  Another film, ‘J Edgar’ depicts the evolution of an institution’s culture which lasted for 50+ years is, which of course portrays the deeply held beliefs and style of oversight of the U.S. Department of Justice’ Federal Bureau of Investigation’ long time Director, J. Edgar Hoover.

Given these two, perhaps, extreme examples, please don’t overlook the positive reality that a finely tuned and managed ‘culture’ can be a powerful revenue producing and much respected intangible asset attribute to a company.  On the other hand, a company culture that emits arrogance, which admittedly there may be a relatively fine line between arrogance and confidence, can stifle receptivity to incorporating new practices and inhibit much needed – essential introspection by company management teams.  Irrespective of Steve Jobs’ and J. Edgar Hoover’s respective maniacal managerial styles, somehow, room remained for the former at least, for linking individual and collective creativity as an expectation of performance.

In a January, 2012 article titled “Apple Without a Core,” (Report on Business) author Timothy Taylor asked how valuable ‘taste’ is, as an asset, which readers know was a consistent refrain of Steve Jobs.  Consistently projecting ‘taste’ in a product marketing and consumer context, is again, in my view, a powerful and lucrative intangible asset which many business leaders aspire and/or purport to possess, but again can be stifled or suppressed altogether by managerial arrogance or over-confidence!

To support Jobs’ perspective of ‘taste’ as constituting a valuable (intangible) asset, Taylor identifies three attributes of Apple’s brand, i.e., Jobs’

  • own sense of taste.
  • personal energy, and
  • himself, as constituting a unifying symbol to and for the company.

Having visited the Apple campus on several occasions, I found it evident, as I’m confident others did as well, ‘Jobs’ taste, energy, and unifying symbol, were truly embedded (intangible) features which much importance was attached.  As to Jobs’ sense of taste, a quote attributed to him is…

“the only problem with Microsoft is they just have no taste. People like symbols. So I’m the symbol for certain things.”

Without Jobs, Taylor suggests, Apple’s brand (and, presumably its culture) would be vulnerable to competitors.  We already see some evidence of this occurring now, whether it can be correctly attributed to the absence of Steve Jobs, various 2013 litigation outcomes, or some combination will, I’m confident, be subject to much debate for years to come. (The above piece was inspired by articles respectively titled ‘Defining the Value of Culture Within An Organization’ authored by Bill Bliss and ‘Apple Without A Core’, authored by Timothy Taylor.)

However, in many respects, what occurs at Apple, with respect to the sustainability (legacy) of the company culture largely attributed to Steve Jobs, reflects a common business problem. That is, c-suites, boards, and management team members frequently underestimate the significance of employee originated assets, i.e., intellectual, structural, and relationship capital as constituting underliers to a company’s culture.

Again, with respect to Apple, and Steve Jobs in particular, there is no shortage of articles, books, and papers that put forth various descriptions of the ‘apple experience’.  But, few, if any have addressed Apple, post-Steve Jobs, in an ‘intellectual, structural, and relationship capital’ due diligence context.  That readers, is what’s missing, but absolutely must be done!

This blog post has been researched and written by me with the genuine intent it serve as a useful and respectful medium to elevate awareness and appreciation for intangible assets throughout the global business community.   My blog posts focus on a wide range of issues related to intangible assets and intellectual property.   Respectfully, each post is not intended to be quick bites of  unsubstantiated commentary or information piggy-backed to other sources.

Comments regarding my blog posts are encouraged and respected.  Should any reader elect to utilize all or a portion of my posts, attribution is expected. While visiting my blog readers are encouraged to browse other topics (posts) which may be relevant to their circumstance or business transaction.  I always welcome your inquiry at 314-440-3593 or

Entrepreneurs and Patents…

June 22nd, 2013. Published under Due Diligence and Risk Assessments, Enterprise risk management., Intangible asset protection. 1 Comment.

Michael D. Moberly    June 21, 2013     ‘A blog where reader attention span matters’.

There are and infinite number of interpretation to what is routinely referred to as what ‘the American dream’ and an equal number of paths how to achieve it.  The notion of ‘the American dream’ has certainly embedded in political rhetoric as one need only watch C-SPAN and listen to countless elected politicians consistently apply those three words to produce – elicit a myriad of emotions, imaginations as well as anger and frustration among their so-called target audience at the time.  The lingering effects of the 2008 economic recession are still very much evident in most sectors as many Americans and certainly citizens in numerous other countries struggle to find sustainable paths to surface from their own economic breakdowns.  Collectively, these persistent downturns has made first, retaining, and second, re-achieving ‘the American dream’, however one wishes to personally characterize it, elusive.

But, this piece is not about painting a new or conventional portrait of ‘the American dream’, rather it’s about the one twentieth of one percent of those individuals engaged in entrepreneurism and R&D who are seeking their version of ‘the American dream’ which often commences with making application for and hopefully having a patent issued for their work and achievement.

Due largely to the nature of my business consultancy, I encounter entrepreneurs of all stripes engaged in some truly remarkable endeavors.  These very purposeful encounters over the years have lead me to conclude that while there are numerous rationales for entrepreneurs to seek a patent for their idea – innovation, one rationale seems to repeatedly surface, which is, seldom are they familiar with, nor have they been apprised of options or alternatives to the ‘conventional patent route’.  Instead, I often characterize entrepreneurs as being singularly focused on seeking and securing conventional intellectual property, i.e., a patent.

There’s little doubt, being in a position to seek and possible secure a patent is indeed a privilege and achievement which very few others can put on their resume.  Further, in many instances, obtaining an issued patent will shine a well deserved light on one’s expertise and assign instantaneous credibility, short-lived as it ultimately may be among colleagues, peers, and even competitors.

Too, once a patent is issued it provides the holder with well deserved grounds for expressing pride in their labors, which in many instances have evolved over many years, depending on the product, testing, re-testing, etc.  Of course some do in a singularly boastful manner while others are far more humble and even self-deprecating in their characterizations.

But, I often find it puzzling, particularly with individual entrepreneurs, who, for the most part are very thorough, objective, and ‘driven’ researchers, why and how they readily gravitate to ‘going the patent route’ versus taking time to genuinely explore perhaps just as viable alternatives and/or options.

For the countless entrepreneurs I have had the pleasure of meeting over the past 25+ years, is their seemingly innate penchant for ‘going the patent route’ while conveying little if any awareness or interest in exploring alternatives to safeguard and commercialize their innovation against the realities of the increasingly predatorial global business environment in which any idea, patented or otherwise, is in a constant state of risk of infringement, misappropriation, theft, counterfeiting or a target of economic espionage.

As readers know well, there are numerous variables and influences that come to bear on entrepreneurs with respect to the path they choose for safeguarding and commercializing their original idea.  Aside from the demands made by would-be investors, including venture capitalists, angel investors, etc., one influential variable, I’m quite confident, even though I have never heard it specifically expressed in these terms, is that ‘idea holders’ opt for the patent route because they mistakenly assume that if/when a patent is issued, the stewardship, oversight, and management of their intangible asset (idea, innovation) becomes magically guaranteed, thereby relieving them of absolutely essential chores, which of course, is simply not the case!

I respectfully and admirably recognize possessing an issued patent represents for many entrepreneurs the ultimate ‘brass ring’ if you will, that will define, in many instances, one’s professional career.  Any assumption though that ‘going the patent route’ is the only option to achieve the necessary protection, and thus serve as the singularly best path to successful commercialization of an idea and possible profitability, is one that numerous professions and institutions wish to preserve and are not so courteous to those who want entrepreneurs to at least be exposed to equally viable alternatives.  To be sure, part of the challenge lies in the reality that there is no intangible asset strategist available to objectively articulate viable alternatives and objectively describe, with no malice, the reality that all forms of intellectual property, i.e., patents, trademarks, and copyrights have been the victim of some major hits in the past 20 years.

Let’s be clear, intellectual properties, i.e. patents, trademarks, copyrights, etc., are merely one type or category of intangible asset. The primary difference is that a patent, once issued by the U.S. Patent and Trademark Office (USPTO) or other countries’ counterpart, will assume a tangible/physical property only insofar the issuance letter one receives which can be framed and hung on an office wall as a testament of one’s persistent and challenging work.

Too, I suspect, respectfully so, that deference is often attached to patent (only) strategies by entrepreneurs due to the time honored, but flawed assumption that an issued patent conveys a more personal sense of ownership and certain legally defensible rights of protection, technically speaking, over say, a trade secret.

Too, a constant source of nourishment to ‘patent only’ strategies is the widely held, but mistaken assumption that an issued patent constitutes a standalone deterrent to, or safe harbor from, would be infringers, misappropriators, counterfeiters, and economic espionage in general.  To that I say, in today’s increasingly aggressive, globally predatorial, and winner-take-all R&D and business transaction environments, ‘idea holders’ can be assured that depending on the nature and subject matter of their patent, it will likely be in a constant state of risk from a host of legacy free players, independent (information) brokers, and certainly state-sponsored entities engaged in economic (industrial) espionage.

Some years ago, I would characterize/frame the likelihood that an entrepreneurs’ idea, innovation (or patent) would be stolen, infringed, or counterfeited, etc., in the context of probabilities.  Since the early 2000’s, I believe I have taken a wiser and more reasoned and realistic approach by framing such likelihoods, not as mere probabilities, rather as inevitabilities if relevant precautions and safeguards are not taken that extend beyond the presumptive deterrents and safeguards in conventional intellectual property.

Comments regarding my blog posts are encouraged and respected. Should any reader elect to utilize all or a portion of my posts, attribution is expected and always appreciated. While visiting my blog readers are encouraged to browse other topics (posts) which may be relevant to their circumstance or business transaction.  I always welcome your inquiry at 314-440-3593 or

Transaction Analysis For Intangible Assets!

December 21st, 2012. Published under Business Transactions, Due Diligence and Risk Assessments, Intangible asset assessments/audits.. No Comments.

Michael D. Moberly    December 21, 2012

As stated here on numerous prior occasions, it’s absolutely essential for business decision makers to recognize that in a vast majority of transactions they either initiate or otherwise become engaged, correctly identifying and assessing intangible assets plays an increasingly significant role in achieving a desired, presumably profitable and sustainable, outcome!

The reason of course, is that steadily rising percentages, at least 65+% of most transactions’ value and potential resides exclusively in the effective stewardship, oversight, and management of the intangible assets in play, and, as noted above, critical to achieving a favorable transaction outcome. So, if a transaction management team overlooks or dismisses the intangible assets, it’s tantamount to excluding how and where deal/transaction value is created, revenue is generated, and further strategic planning will be executed.

This makes it all-the-more-important, and, according to many, rising to a level of fiduciary responsibility insofar as transaction management teams’ incorporating intangible assets in their task of strategic oversight. When executed effectively, a transactions’ intangible assets will be collectively addressed in due diligence, inventory, audit, and valuation contexts. On the otherhand, if transaction management teams are deaf to the intangibles underlying most any deal, i.e. by doing neither, it’s quite fair to say it’s time to either change transaction management teams or engage them in relevant training to elevate their operational familiarity with intangible assets, i.e., their ability to identify, unravel, make quantitative-qualitative judgments regarding their status, stability, fragility, contributory value cycle, and overall sustainability.

As readers know, there is an abundance of research that consistently paints a very convincing picture that if and/or when a merger, acquisition, strategic alliance, or other type of transaction ‘goes south’, evidence of impending problems and challenges will surface quite early and will very likely be determined to be rooted in mishandling or disregard for the relevance or contributory value of one or more intangible assets necessary for achieving sustained transaction success.

One technique to mitigate or even remedy the probability that the latter will occur is for decision makers to require (receive) a ‘heads up’ from their transaction management team in the form of what I broadly describe as a ‘before transaction consumation asset impact analysis’. As the phrase implies, this specialized analysis should bring greater (business) clarity, i.e., a more definitive picture of the stability and strategic contributory value of key assets, particularly should certain risk(s), reputation and others, materialize that carry a high probability for adversely affecting one or more of the intangible assets integral to achieving a favorable transaction outcome. The most usable analysis (report) will address

  • the inter-relatedness of intangible assets’ contributory value and associated risks and threats as well as key assets identified as being impaired in some manner, or are found to be already misappropriated, infringed, and/or counterfeited.
  • the probability that particular risks/threats will materialize to adversely affect the projected economics, competitive advantages, and/or synergies of a transaction
  • strategies for mitigating and containing certain risks/threats relative to the resiliency and sustainability of the transactions’ key intangible assets.

The obvious rationale for incorporating a  ‘before transaction consumation asset impact analysis’ is for decision makers to be apprised of circumstances and scenarios that should be revealed which can (may) influence decisions and outcomes.

I am a strong advocate of  ‘before transaction consumation asset impact analysis’ because I believe the three, most challenging intangible assets to sustain and preserve their contributory value (pre/post transaction) are, (a.) intellectual, (b.) relationship, and (c.) structural capital because they are individually and collectively highly mobile and attitudinally based.

Too, a ‘before transaction consumation asset impact analysis’  can reveal other cautionary circumstances/scenarios while retaining the option to proceed with a (a.) plan for risk mitigation, or (b.) re-negotiate a deals’ terms in light of the risk(s) and/or asset impairment(s) that have been identified.

But, the objective remains the same, that is to facilitate a more secure and profitable transaction going forward, not impede it!

Comments regarding my blog posts are encouraged and respected. Should any reader elect to utilize all or a portion of this post, attribution is expected and always appreciated. While visiting my blog readers are encouraged to browse other topics (posts) which may be relevant to their circumstance. And, I always welcome your inquiry at 314-440-3593.

Intangible Asset Specialists: The New Business Transaction Analyst!

June 27th, 2012. Published under Business Transactions, Due Diligence and Risk Assessments, Intangible asset protection. No Comments.

Michael D. Moberly    June 27, 2012

Context…today, 65+% of most company’s value, sources of revenue, and ‘building blocks’ for growth and sustainability directly evolve from intangible assets usually, intellectual property.  One must, and I might add, correctly conclude then, that proportionately, similarly increasing percentages of (global) business transactions will involve either the buying, selling, or trading of intangible assets and IP.

As intangible assets become more recognizable and play more integral roles in business transactions, their value and exposure (vulnerability) elevates.  So now, it’s not merely prudent, but rapidly being quite correctly characterized as a fiduciary responsibility for transaction management teams to:

  • include intangible asset specialists and strategists skilled in the art and science of conducting due diligence on intangible assets that are increasingl in play and/or part of a deal.
  • be alert to an ever increasing and sophisticated array of risks and threats when materialized, can rapidly undermine and/or erode asset value, competitive advantages, and projected synergies and efficiencies,  or, worst case, cause certain intangible asset values ‘to go to zero’.

Perhaps it’s worth repeating, it’s no longer merely prudent, rather, it’s essential, if not a fiduciary responsibility for transaction initiators to recognize that in most, if not all deals, intangible assets, e.g., IP, competitive advantages, proprietary information and know how in the form of intellectual, structural, and relationship capital are critical to transaction value and achieving a positive and sustainable outcome.  It is in this context then, that I urge transaction management teams to include, at the outset, a high degree of specialization and expertise, particularly with respect to intangible assets, i.e., professionals who…

  • are additionally skilled in identifying, unraveling, and safeguarding those intangible assets identified as being integral to transaction success.
  • can identify transaction risks, which, if materialized, can stifle a deals’ momentum and/or undermine important assets’ projected value, competitive advantages, and synergies.
  • can articulate relevant-favorable (off-setting, mitigating) modifications to the terms of a transaction when risks are revealed that jeopardize asset value projected synergies, expected efficiencies, etc.
  • can readily put in place effective, yet unobtrusive measures that compliment re-negotiated transaction-contractual codicils to retain control, use, ownership, and monitor value and materiality of key assets in both pre and post transaction contexts.

One could make an effective argument then that intangible asset specialists and strategists today are comparable to industry sector (Wall Street) analysts who assess and monitor relevant-key variables, e.g., trends, events, cycles, and risks to  intellectual and structural capital, innovation pipelines, and the full range of intangibles relative to their near – long term stability, sustainability, fragility, and volatility.

The premise here, of course, is that intangible asset specialists and strategists should be early and consistent invitee’s to the ‘transaction management and decision table’. And, once ‘at the table’, their assessments and recommendations should be given due attention relative their contributions to facilitating more secure, stable, and profitable transactions as they were initially envisioned.

While visiting  my blog, you are respectfully encouraged to browse other topics/subjects of interest.  Should you find particular topics of interest or relevant to your circumstance,  I would welcome your inquiry or comment at  314-440-3593 or

Intangible Asset Due Diligence In A Recession: Should It Be Conducted Differently?

June 7th, 2012. Published under Due Diligence and Risk Assessments, Enterprise risk management., Intangible asset protection, Intangible asset strategy. No Comments.

Michael D. Moberly   June 7, 2012

At the outset, let me say that the intent here is certainly not to cast dispersion on, or otherwise suggest the state of being unemployed or under-employed necessarily renders one more receptive to infringing proprietary knowledge acquired from a previous position, as leverage to secure new employment, market themselves as a specialized sector consultant, or start a new enterprise.

But, as we all have come to know all-to-well, the extended economic recession we’re experiencing and its various and often devastating ‘trickle down after shocks’ has placed growing percentages of workers and families at risk.

One well-understood reality, regardless of whether its influenced by this current recession or not, is that large scale layoffs, terminations, and the sheer unavailability of gainful employment prospects across all sectors, irrespective of whether one received a severance package, advance notice, unemployment benefits, or opportunity for ‘call back’ can, and usually will produce disgruntled and justifiably worried employees coupled with an elevated sense of (company, employer) disloyalty.

Collectively, we know through multiple objective and rigorous research studies, these factors can manifest themselves as a greater propensity (proclivity, receptivity) for a (former) employee to engage in illegal and/or unethical acts, e.g., theft, misappropriation, and/or infringement of proprietary information, intellectual property and other intangible assets.

Such attitudes and the adverse behaviors they can spawn are largely manifested as uncertainty that such dire economic and employment circumstances produce, particularly as one’s financial future and solvency become increasingly and indeterminately at risk.

In these circumstances exit interviews should obviously be ratcheted up to, among other things, emphasize the (legally binding) contractual components of employee non-disclosure confidentiality, and non-compete agreements (the latter in jurisdictions where they’re enforceable).  This especially important for employees who have had access to sensitive-proprietary information and other forms of intangible assets.

The recession has also prompted countless companies to ’look to the proverbial low hanging fruit’ as targets for budget reductions which we know has substantially curtailed if not eliminate countless security and risk management programs and initiatives.

Translated this means fewer information (intangible asset) audits and less direct oversight and management of information-based intangible assets which includes intellectual property, proprietary and sensitive information, competitive advantage driving business processes and methods, as well as brand, reputation, and goodwill, etc.

But, collectively, these (intangible) assets conservatively comprise, for most companies, 65+% of their value, sources of revenue, and ‘building blocks’ for growth, expansion, and competitive advantage.

Too, we see many companies reallocating (re-distributing) their security resources or literally dismantling their security departments causing decentralization of security and asset protection responsibilities.  Routinely then, these responsibilities are being delegated – entrusted to untrained and inexperienced personnel and/or business units.  For the most part, they are unaccustomed to asset protection and security which, practically speaking means inconsistent interpretation, assessment, and treatment of intangible asset risk thresholds.

We can also presume with considerable certainty, that during an economic downturn, there will be an elevated presence and even more aggressive and predatorial tactics emanating from global competitive/business intelligence operations, information brokers, and various state sponsored entities and actors that will specifically target ’disgruntled employees’.   In most instances, the objective of course is to elicit proprietary information, knowhow, and other forms of value laden intangible assets that can deliver new/additional sources of revenue and/or competitive advantage to another (end) user.

Similarly, we can presume these circumstances may well prompt a percentage of already disgruntled and disheartened employees to initiate contact with competitors or other adversaries to leverage or otherwise offer any specialized knowledge acquired during a previous employment for (a.) cash payment, or (b.) in exchange for employment with a competitor, or (c.) to start their own company.

A collective bottom line to all of this is that some company’s appear to have positioned themselves, as perhaps an unfortunate choice or reaction to the recession, to accept increasingly higher risk thresholds regarding their primary sources of value, revenue generation, and strategic (intangible asset) capability.  The question, or perhaps more appropriately, the challenge for information – intangible asset protection professionals is how much company value, reputation, image, goodwill, and IP, etc., will be eroded, de-valued, undermined, or outright lost in the interim?

To me, this is hardly a sustainable position!