Security Experts:

Connect with us

Hi, what are you looking for?



Software Piracy – How to Identify if you Have a Problem

Software Vendors Need to Know the Impact That Unlicensed Software has on their Bottom Line

Software Vendors Need to Know the Impact That Unlicensed Software has on their Bottom Line

Independent Software Vendors (ISVs) don’t build houses or cars or anything that can be physically touched; they make software that helps businesses run more efficiently. Besides selling that intellectual property to as many customers as possible it is equally important that they protect their assets from the threat of unlicensed use and overt software piracy. Non-compliance and software piracy are two main factors contributing to the stunting of an ISV’s revenue growth.

Developers: How to Handle Software PiracyIn order for a software vendor to grow its business, it needs to be able to sell its product, but far too often it fails to consider whether that same product is being pirated. The vast majority of ISVs are focused on prospecting and lead generation while overlooking potential sales funnel leakage due to piracy. Any vendor that is serious about its longevity needs to know if it has a software piracy problem.

For ISVs, the extent of their piracy problem can be compared to a flat tire. The loss of air can be from a slow leak or a major blowout. Either way, you probably never see the source. Software piracy impacts revenue the same way: for any given ISV, losses could slowly trickle out or come in the form of massive infringements. The bottom line is that in order for ISVs to successfully grow their business, they need to identify the areas where they are losing money.

Whether software makers want to accept it or not, their products and intellectual property are continuously at risk of being pirated. With industry groups such as the Business Software Alliance (BSA) claiming $59 billion in software theft globally in 2010, there shouldn’t be an independent software vendor (ISV) without some concern that they have a piracy problem. When you consider the amount of resources dedicated to developing a software product and bringing it to market, the financial impact of unlicensed use could be devastating.

How to identify the problem: If a software vendor is a victim of piracy, it is critical for them to know what is being used illegally and the revenue impact of the unlicensed software. Software pirates are often bold, touting their latest thefts on P2P sites and the like, indeed, one such pirate software site, even has a Facebook link and has nearly 500 fans.

Monitoring where the pirates play: ISVs can monitor these sites and may be able to learn if their organization’s products have been cracked. But is this really the best use of their time? More importantly, is it really the most accurate and aggressive approach to identifying their piracy problem? Absolutely not. Going after individual hackers/crackers may stop that particular pirate but there are thousands waiting to step up once they are on the sideline. Also, individual pirates typically don’t have the financial resources to pay back the piracy problem they have caused. It is the businesses that download and use the cracked software that have the revenue ISVs should be concerned with.

Upfront Protection:

Software providers can also take preemptive measures and implement protection layers into the products; however, software protection is not an absolute security measure. It simply makes the underlying code harder to crack. This is by no means a new approach, but one that has proven to be an effective deterrent for less experienced pirates. However, hackers continue to find ways to beat these measures.

Taking a Measurement:

PiracyTreating software piracy as a potential business opportunity rather than a problem needing to be fixed can help ISVs see infringing companies as potential clients, not thieves, and can boost their marketing efforts. Marketing and measurement are practically synonymous. In fact, many marketers believe that it’s not marketing if it’s not measured. In order to get a true sense for the scope of the problem, as well as measuring the amount of revenue that piracy is siphoning out of the pipeline, ISVs need a system that allows them to detect the source and each instance of the problem, and track its severity. Too many organizations take a backward approach to this war – they try to fight the problem before they even have any sense as to how big of a problem they are actually dealing with. Marketers need to step in to ensure the organization takes a new approach, where the ISV first does an internal assessment of its own problem.

Once you determine the problem, then you can begin to act on it. For ISVs, that means implementing a system that will enable them to track software pirates, identify their location(s) and develop a plan that will recover the lost revenue from stolen licenses. ISVs now know exactly how much of a financial impact this has on their bottom line and are beginning to see the software pirates as a potential source for business growth, rather than a nuisance.

My next column will describe what ISVs can and should do once they identify and assess their piracy problem and touch on how to begin turning pirates into paying customers.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...