If we are unable to protect the confidentiality of our trade secrets, our business and competitive position would be harmed.
In addition to seeking patent protection for our product candidates or any future product candidate, we also rely on trade secrets, including unpatented know-how, technology and other proprietary information, to maintain our competitive position, particularly where we do not believe patent protection is appropriate or obtainable. However, trade secrets are difficult to protect. We limit disclosure of such trade secrets where possible but we also seek to protect these trade secrets, in part, by entering into non-disclosure and confidentiality agreements with parties who do have access to them, such as our employees, our licensors, corporate collaborators, outside scientific collaborators, contract manufacturers, consultants, advisors and other third parties. We also enter into confidentiality and invention or patent assignment agreements with our employees and consultants. Despite these efforts, any of these parties may breach the agreements and may unintentionally or willfully disclose our proprietary information, including our trade secrets, and we may not be able to obtain adequate remedies for such breaches. Enforcing a claim that a party illegally disclosed or misappropriated a trade secret is difficult, expensive and time-consuming, and the outcome is unpredictable. In addition, some courts inside and outside the United States are less willing or unwilling to protect trade secrets. Moreover, if any of our trade secrets were to be lawfully obtained or independently developed by a competitor, we would have no right to prevent them, or those to whom they communicate it, from using that technology or information to compete with us. If any of our trade secrets were to be disclosed to or independently developed by a competitor, our competitive position would be harmed.
Risks Relating to Our Platform and Data
Our business and operations would suffer in the event of computer system failures, cyber-attacks, or deficiencies in our or third parties’ cybersecurity.
We are increasingly dependent upon information technology systems, infrastructure, and data to operate our business. In the ordinary course of business, we collect, store, and transmit confidential information, including, but not limited to, information related to our intellectual property and proprietary business information, personal information, and other confidential information. It is critical that we maintain such confidential information in a manner that preserves its confidentiality and integrity. Furthermore, we have outsourced elements of our operations to third party vendors, who each have access to our confidential information, which increases our disclosure risk.
Although we have implemented internal security and business continuity measures and have developed an information technology infrastructure, our internal computer systems, as well as those of current and future third parties on which we rely, are vulnerable to damage from computer viruses and unauthorized access and may fail. Our information technology and other internal infrastructure systems, including corporate firewalls, servers, data center facilities, lab equipment, and internet connection, face the risk of breakdown or other damage or interruption from service interruptions, system malfunctions, natural disasters, terrorism, war, and telecommunication and electrical failures, as well as security breaches from inadvertent or intentional actions by our employees, contractors, consultants, business partners, and/or other third parties, or from cyber-attacks by malicious third parties (including the deployment of harmful malware, ransomware, denial-of-service attacks, social engineering and other means to affect service reliability and threaten the confidentiality, integrity and availability of information), each of which could compromise our system infrastructure or lead to the loss, destruction, alteration, disclosure, or dissemination of, or damage or unauthorized access to, our data or data that is processed or maintained on our behalf, or other assets.
In addition, the loss or corruption of, or other damage to, clinical trial data from completed or future clinical trials could result in delays in our regulatory approval efforts and could significantly increase our costs to recover or reproduce the data. Likewise, we will rely on third parties for the manufacture of our current or future drug candidates and to conduct clinical trials, and similar events relating to their systems and operations could also have a material adverse effect on our business and lead to regulatory agency actions. The risk of a security breach or disruption, particularly through cyber-attacks or cyber intrusion, including by computer hackers, foreign governments, and cyber terrorists, has generally increased as the number, intensity, and sophistication of attempted attacks and intrusions from around the world have increased.
Sophisticated cyber attackers (including foreign adversaries engaged in industrial espionage) are skilled at adapting to existing security technology and developing new methods of gaining access to organizations’ sensitive business data, which could result in the loss of proprietary information, including trade secrets. We may be unable to anticipate all types of security threats and to implement preventive measures effective against all such security threats. The techniques used by cyber criminals change frequently, may not be recognized until launched, and can originate from a wide variety of sources, including outside groups such as external service providers, organized crime affiliates, terrorist organizations, or hostile foreign governments or agencies.