Intellectual Property

Do you ever wonder whether your software security program is the correct one for your organization? You spend time and money on processes, technology, and people. But how do you know whether the security efforts you’ve put in place even make sense? The Building Security In Maturity Model, or BSIMM, is a metrics-driven study of existing security initiatives at other organizations. BSIMM results help you assess the current state of your software security initiative and determine which areas need improvement.

During the webinar, we’ll use a BSIMM broken down by the financial services industry to see what other companies are doing. We’ll also:

· Use real data to help drive your software security initiative
· Learn how organizations use the BSIMM to measure the maturity of their software security initiatives
· Look at the aggregate data of the FSI vertical in the BSIMM
· Discuss some of the most common activities that we observe with FSI companies and the drivers of those activities

Patent licensing negotiations have an extremely high fail rate- this can be down to unfavourable licensing terms or weak patent portfolios. One of the ways universities and industry are trying to bridge the gap between innovation and commercialisation is by working together much earlier.

From a university standpoint, their research can be tailored to specific industry needs, as well as having research costs covered. Through the eyes of industry, they can get their hands on the latest research developments, and attract the brightest and talented individuals to their businesses.

Laura Schoppe, President and Founder of Fuentek, who has years experience helping TTO's improve their chances of commercalisation will be joining us to discuss:

- How to start sourcing strategic sponsorship deals
- Where to begin with searching and conversations for partnerships
- The benefits of this chosen pathway. i.e Minimising risk

Please note: All viewers will have their data shared with our guest speaker.

Security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy orders of magnitude faster than human gating can achieve.

What’s needed to add security to DevOps are tools that work well with rapid-cycle CI/CD pipelines and an approach that reinforces the DevOps culture and process changes. This requires that security specialists become self-service toolsmiths and advisors and stop thinking of themselves as gatekeepers.

This webinar includes guidance on the characteristics of security tools compatible with DevOps, but it focuses primarily on the harder part: the people. This talk introduces the DevSecOps manifesto and provides you with a process model, based on agile transformation techniques, to accomplish the necessary mindset shift and achieve an effective DevSecOps culture transformation. It has been successfully used in a large DevSecOps transformation at Comcast and has gained recognition in DevSecOps circles as a leading framework.

It’s been more than six months since the major design flaw in computer chips labeled Spectre became public. And, as predicted, it is still haunting the world of information technology. The CPU (central processing unit) is, after all, the “brain” of any computer, phone, tablet, modern TV, or other “smart” device.
Since then, we’ve all learned a bit about terms some of us had never heard before—“speculative execution,” anyone? We’ve also been told that you can’t just patch a chip the way you can patch bugs in software. But you can create work-arounds with software patches.
In this webinar, Taylor Armerding, senior security strategist for Synopsys Software Integrity Group, will address some of the questions that “regular”—i.e., nontechnical—users may have about Spectre:
- What is it?
- How does it work?
- Why does it work?
- Why didn’t chip makers catch a flaw of this magnitude during the design phase?
- Why is a tool called static analysis the best way to work around Spectre without causing intolerable performance slowdowns?

A ‘Patent cliff’ describes a severe drop in revenue once the patent for a company’s leading product expires. The sharp revenue decline is a result of competitors being able to start developing and selling the product, often at a much lower price.

As US biopharmaceutical company Celgene struggles to get regulatory approval from the FDA, the company is facing major market, shares and revenue losses, and is facing a phenomenal patent cliff. Furthermore, research from EvaluatePharma reports that an estimated $250 billion in projected sales is at risk between 2018-2024 as many drugs lose exclusivity.

When it comes to acquisitions, the effects of a dwindling patent term can severely impact the value of your company. So how do you create 5-year plan to prepare for an inevitable patent cliff? We are very excited to welcome back Jurgen Vollrath, President of Exponential Technology Counsel, and customer of PatSnap. ET Counsel, advise clients on IP strategy & business alignment to ensure the most successful M&A and exit outcomes.

In this webinar, Jurgen will be discussing:

- Risk vs. reality when it comes to patent cliffs
- How to create a 5-year M&A plan for your organisation
- How to find potential acquisition targets
- Predicting the potential impact a patent cliff could have on your business.

The use of open source has surpassed the occasional and solidified itself as the standard. In fact, the Black Duck by Synopsys 2018 Open Source Security and Risk Analysis found that 96% of the applications we scanned last year contained open source components.

It’s increasingly difficult to properly manage open source in an organization to ensure compliance with the over 2,000 different licenses in use today and defend against new vulnerabilities, which surface frequently.

Join this webinar with top open source legal experts Mark Radcliffe (partner at DLA Piper and general counsel for the Open Source Initiative) and Tony Decicco (shareholder, GTC Law Group & Affiliates) as they discuss best practices for managing open source in an organization and throughout an M&A transaction:

- How do you conduct an open source / third-party software audit?
- How do you get the most out of your Black Duck code scan?
i.e. Handling license compliance issues and managing security vulnerabilities
- What are key aspects of an effective open source / third-party software policy for both inbound use and outbound contributions?
- What are key success factors for effectively releasing code as open source?

UK Intellectual Property Office is going to be joining this webinar to explore some of the ways UK and Chinese companies can work together on innovation projects, where patents are involved.


Some of the topics covered will be:

- Different types of collaboration i.e. university, industry
- Tips for setting up successful partnerships
- Chinese Policy on Licensing and Ownership of incremental innovation

For most organizations, performing threat-modeling is a difficult and an expensive undertaking. There are good reasons why this is the case. Threat modeling traditionally requires an experienced security architect with knowhow in architecture patterns, design patterns, a breadth of technologies, and above all deep security knowledge.

Join this webinar and learn:

- Consistency/Reliability: Use of patterns allows us to identify recurring problems/patterns and provide consistently the same solution. In security this means that identifying patterns during threat modeling will allow us to create consistent design, development, testing, and risk guidance.

- Efficiency: Use of patterns allows us to automate some part of a problem while leaving the more complex concerns to be tackled by experts. This creates efficiencies.

- Commonly understood taxonomy: Patterns create a common taxonomy for organizing knowledge, training users/practitioners, communicating with stakeholders (developers, testers, architects, security analysts, etc.)

In the highly dynamic online landscape of misinformation, fake news, gossip, and the trading of absconded data, organizations must expand their cybersecurity arsenals in protecting their brands, personnel, facilities, and sensitive information. They must take into account what exists outside the perimeter in the greater cyber ecosystem: the surface, dark, and deep web. Locating and assessing these threats, however, is a challenge for even experienced threat hunters. The tools and techniques are non-standard. You should ask yourself, “Is my security team ready to tackle what lies beyond the perimeter?” If not, let us shed light on this topic. Register for LookingGlass' "Threats Beyond the Perimeter" webinar on Tuesday, July 17 @ 2 pm ET to hear Michael Suby, VP of Research at Frost & Sullivan and James Carnall, VP of Customer Support Group at LookingGlass discuss how these scenarios may affect your brand, employees, and facilities.

Static application security testing (SAST) is the process of examining source code for security defects. SAST is one of many checks in an application security assurance program designed to identify and mitigate security vulnerabilities early in the DevOps process. Integrating SAST tools into DevOps processes is critical to building a sustainable program. And automating these tools is also an important part of adoption, as it drives efficiency, consistency, and early detection.

If you have questions like these, and you’re concerned about integrating SAST tooling into your DevOps process, this session will offer actionable advice to automate security testing that supports DevOps velocity.

But DevOps practitioners looking to integrate SAST tools into the DevOps pipeline often have questions:

How do I manage false positives?
How do I triage the results?
What happens to new issues identified?
How can I use a tool in my DevOps pipeline?

SAST, IAST, DAST, MAST, *AST – There are plenty of technologies and ways to test your software, but how do we do that without slowing us down in a rapid development environment. In this session we will give practical advice on how to integrate software security testing into your CI/CD and your development process so it works. The session will review the pros and cons of each of the testing technologies, how to adapt it to rapid development, and how to make testing work as organizations are moving to A/B testing. Finally, this session will guide on how to manage the balance between risk and speed to build the right process, so that real threats will become blockers, but other issues will be handled in a parallel, slower cycle, without slowing down the main delivery.

Development and operations teams have already come a long way by aligning around the shared goal of delivering stable, high-quality software—quickly. By automating manual processes and building tools into the continuous integration and continuous delivery (CI/CD) pipeline, they’ve increased trust between groups, which is essential as these once-disparate teams tackle critical issues together. In this webinar, you’ll learn how to build a DevSecOps culture in your organization with automated and integrated application security tools and the right training for each team.

Social Impact Investment brings together capital and experience from the public, private and non-for-profit industries to achieve specific social objectives. The return of these investments is measured typically by the social outcomes achieved.

The Centre of Advancing Innovation is a public-private partnership non-profit focused on identifying breakthrough inventions hidden in portfolios, to maximise investor returns and commercial success. Research performed by the group has highlighted that Social Impact projects accelerate innovation, and result in higher returns.

In this webinar, Rosemarie Truman, CEO and Founder of CAI will be discussing the positive implications of choosing social impact projects for your business, including:

- Why they accelerate innovation
- How these projects can increase your potential investment opportunities for the future
- The influence on the future funding of projects.

The data trends do not lie: China will soon become the top filer of IP in the world, both home and abroad. What does this mean for your business? Join RWS and Managing IP for our webinar China IP Trends: the shift in patent filing as we take a look at the data and give you tips to stay ahead of your competitors. Guest speakers Justin Simpson, RWS, founder of inovia and Xia Zheng, founder, president of AFD China Intellectual Property, will review trends from WIPO and discuss important strategies for filing in China, including some of the advantages of their system and common mistakes even experienced filers fall victim to.

•Keys to Success: Understanding the Patent System in China

•National Filing Numbers in China: Looking at the Data

Cyber threat intelligence – when properly gathered, refined, and applied – can help organizations identify business risks and target both protections and mitigations. But what distinguishes high-quality and actionable threat intelligence from low-quality security "noise"? How are cutting edge CISOs and IT security teams applying threat intelligence to respond to incidents and slam shut windows of compromise?

Find out in this webinar moderated by Paul Roberts, the Editor in Chief at The Security Ledger. Paul will be joined by LookingGlass’ Brandon Dobrec, and counter threat intelligence & vulnerability research expert Chris Roberts. Together they will review the value of threat intelligence to organizations, discuss how cutting edge firms are using threat intelligence to their advantage, and review how to orchestrate threat intelligence to automate mitigation and combat third party risk.

Tune in on Tuesday, June 26 @ 1PM ET!!

Open source management is a key part of any application security toolkit. But with so many different tools and techniques on the market, how can you decide what other tools you need to fully address the security risks of your applications? In this webinar, you’ll learn the benefits and limitations of several application security tools, including SAST, SCA, DAST, IAST, and fuzzing, as well as how they differ, so you can make informed decisions as you build your AppSec toolkit.

Trying to keep pace in a highly connected world and increasingly hostile environment is a challenge for any developer, let alone an entire industry. To protect the software they write, developers turn to technologies and processes such as audits, reverse engineering, application firewalls, sandboxing, and many others to provide a level of protection. But these technologies also have the potential to become entry points for vulnerabilities. So do we really trust software?

See how Synopsys started the software security journey and is taking an active role in providing industry expertise to help organizations deliver robust software security solutions. We will focus on how the cyber supply chain can have a direct and meaningful impact on the overall design and deployment of software. See how known vulnerability management, mitigation, and training can affect the known risk profile of overall software design. Learn about what we are working on and how you can participate in improving standards and programs that reduce cyber risk.

With innovation budgets increasing each year and R&D becoming more competitive, many organisations are getting creative in how they increase the reach of their IP protection.

One technique is to widen IP claims by patenting human experiences induced by the product or service. This is often seen in the automotive and consumer goods sectors, commonly describing visual and tactile sensations around the original technology.

Jason Lye, IAM 300 Strategist & Founder of Lyco Works has worked with many clients using this technique and will be hosting this webinar to discuss how your company could benefit from broadening patent claims in this way. He will also cover:

- What patenting human experiences really means and looks like
- The importance of not forgetting the human-impact your technologies create
- How claim-broadening technique offers another layer of protection for your technology
- Why it will make it much harder for your competitors to trap you in litigation cases.

Mature products, such as smartphones and cars, tend to become very similar – whether they are from different manufacturers or the latest model from the same manufacturer.

Speed, power and slight changes in appearance become the focus for many companies. Marketing can make advances through insightful methods to dig deeper into opportunities from unmet needs – but the right science and technology are required to make them real.

R&D teams have access to incredible developments in science and technology, such as artificial intelligence and the latest developments in genetics, but struggle to find how to link them with market opportunities. Opportunities become ‘market pull’ or ‘technology push’, without joining together. Innovation opportunities must connect customer needs with science and technology to be more than just ideas or technologies.

This webinar will demonstrate how technology mapping can be used to discover new opportunities, whichever direction you start from, and how IP landscapes can then help you to make the right connections.

Please note: Registrants details will be shared with the presenter after the webinar.

In an age where technology and cars have never been more intertwined, experts believe the most successful automotive companies in the future, are the leaders in the smart manufacturing race today. A recent survey of automotive companies by Capgemini’s Digital Transformation Institute revealed that 49% of automotive companies have invested over $250mn in smart factory innovation.

The ability to integrate currently siloed systems throughout manufacturing processes with smart techniques is clearly beneficial, and of course, it isn’t just about software and connectivity tools, it's about making better business decisions by using data to solve problems before they happen.

But how can you begin making your organisation smarter? PatSnap is pleased to welcome Paul Mairl, Chief Digital Officer at GKN Powder Metallurgy. Paul has worked within GKN for over 25 years and is now responsible for setting up GKN Powder Metallurgy's digital system in line with Industry 4.0.

In this webinar, Paul will be sharing:

- What smart manufacturing really means
- How GKN successfully integrated it across their shop floor
- Techniques you can use to successfully integrate smart manufacturing processes into your organisation
- The benefits and barriers of these techniques

Hundreds of thousands of fans and their personal devices. Increased political tension. International boycotts. What is at stake at the 2018 FIFA World Cup? This webinar will examine the cyber and physical risks surrounding this year’s upcoming World Cup in Russia including the likelihood of a large-scale cyber attack and a simulation of how a possible attack might play out – how it could be launched and the steps to taken to ameliorate the effects.

Join LookingGlass’ Sr. Director of Investigation, Olga Polishchuk, and special guest speaker Rob DuBois of Impact Actual on Wednesday, June 6 @ 9am ET/ 2pm GMT as they explore elevated threats that may play out during one of the world’s largest and most treasured sporting events. Register now!

Open source components are the foundation of modern applications, but ineffective management of open source can lead to serious risks and unwanted media attention when security flaws lead to data breaches. The Black Duck by Synopsys 2018 Open Source Security and Risk Analysis (OSSRA) examines the previous year’s open source and security news and analyzes trends based on the audits of more than 1,100 codebases.
This webinar will detail the findings in the OSSRA report, showing that M&A target organizations are not always effective in securing and managing their open source. Not surprisingly, 96% of audited codebases contained open source components, and nearly 78% contained at least one vulnerability. We’ll discuss these findings and the risk associated with not understanding them before making investment decisions.

In a recent survey by Harvard Business Review, it was revealed that on average, only 23% of participants said they learned about a competitors innovation early enough to respond before it hit the market. Whilst competition is inevitable, there are strategies you can implement to decrease the risk they pose to your business.

Join our upcoming webinar, hosted by Christopher Ralph as we explore how to successfully track the activities of your competitors using patent data. Other themes covered in this webinar include:

• Identifying emerging players in your market
• The benefits of keeping, or bringing your competitor tracking back in-house
• Communicating competitor intelligence to colleagues
• Competitors as opportunities, not just threats.

Open source components are the foundation of modern applications, but ineffective management around open source can lead to serious risks and unwanted media attention when security flaws lead to data breaches. The Black Duck by Synopsys 2018 Open Source Security and Risk Analysis (OSSRA) examines the previous year’s open source and security news and analyzes trends based on the audits of more than 1,100 codebases.
Not surprisingly, 96% of the audited codebases contained open source components, and nearly 78% of the codebases contained at least one vulnerability. As the percentage of open source in codebases continues to grow, it’s clear that open source management practices need to improve.
In this webinar, open source expert Evan Klein will walk through the report’s findings in depth and discuss strategies companies can use to minimize open source security risk while maximizing the benefits open source provides.