In the job before the one I mentioned earlier, management was paranoid about IP, to the extent that they wouldn't let us see circuit diagrams of the stuff we were building.
(A bit difficult to fault find when as often happened, the product didn't work)
This company had a bunch of IT guys who the customers could ring up & consult with at any time.
They would also travel to them to sort things out if need be.
Sound good?
The problem was, the Software was rock solid, & most problems were either electronic or mechanical!
The Software was definitely " the jewel in the crown", but although they "talked good security", was much more vulnerable than the hardware, which was really all "public domain".
They did make a fuss about the possibility of "hackers" getting into the internal network, but neglected the real possibility of someone breaking in & placing a miniature surveillance camera where it could see staff using passwords, then repeating the same visit to steal software .
The physical security was such that you could break in with a "sharp fingernail".
There was also the issue of the laptop that disappeared.
Of course, management were unlikely to think that hard---- it might make their heads hurt!
Not IT or security related, but capable of quite devastating results if things went bad, was the fact that the whole electronics production facility was powered from a series of "daisy chained" power boards!
The best case would be if the OH&S people dropped by & shut them down, the worst is obvious.
After I left,I dropped back one day.
Still the same setup, but now they had, for some reason, set up a CCTV watching the electronics area.
No idea why---scared someone would steal a few feet of solder?