Are Indian companies equipped to tackle data and identity theft from within the company as well as from external attacks? Read on...
"An employee is leaving and you’ve heard he is going to work for the competition or is setting up his own business to become the competition. You’ve worked for years to build up your business and can’t risk your competitors obtaining your valuable confidential information from this employee, " alerts Deloitte, one of the Big Four accounting firms, in an article posted on its web site titled "Theft of confidential Information."
The article has quoted a survey conducted by the Ponemon Institute -- a consultancy firm providing services to private and public sector organizations in consolidating their data protection and security practises -- that says "60% of exiting staff admitted to taking confidential company information with them when they left."
Such a revelation is likely to give employer companies the heebie-jeebies as there are multiple risks at stake in such cases. The Ernst & Young fraud survey -- Fraud & corporate governance: Changing paradigm in India -- found that companies were reluctant to take legal recourse against the exiting employee involved in the data theft owing to fear of collateral damage and the resultant loss of reputation of the company. Weak anti-fraud measures was the other reason, the report said, why companies were unwilling to step forward and press charges. The report did not say what were the weak measures, but summed up saying "Companies still rely on traditional anti-fraud measures."
Most of these companies -- 330 in IT services, 119 in ITES/BPO/KPO, 13 in telecom and 62 others -- are members of the Data Security Council of India (DSCI), a not-for-profit organization
that is responsible for promoting as well as developing data protection and security and privacy codes and standards. "While its immediate goal is to raise the level of security and privacy of IT and BPO service providers to assure their clients and other stakeholders that India is a secure destination for global sourcing, DSCI also promotes these best practises for domestic industry segments like Banking, Telecom and E- governance," is how the organization describes itself on its web site.
Although most of these companies seem to be equipped to tackle data and identity thefts by employees, little is known about their preparedness to stymie external attacks.
Two days ago, a report in the Times of India's web site appealed to individual and corporate internet users to beware of KhantastiC, a hacker belonging to the Pakistan Net Army.
"They attacked and defaced 31 government websites this year exposing the poor handling capacity of web servers by state government," the report said, referring to the attack reported from the state of Rajasthan.
The report did not say whether the crime involved data and identity theft, but warned that more than 70 % of government web sites were vulnerable to cyber attacks.
India's outsourcing industry is aiming at $225 billion in export and domestic revenues by 2020.
Currently, 80 % of its revenues come from US and European clients. However, the slowdown in these markets has prompted Indian companies to seek business from other emerging markets including China, Latin America, Russia and Africa.
Aiming for such voluminous business also means explosion of data its digital ecosystem will have to handle and PROTECT.
Part III of the series will delve into the data and identity theft experienced by companies in the United States and their government's preparedness.
Part IV will talk about how data and identity thieves are ensnaring personal information of children and how the governments -- in the United States and India - the oldest and the largest democracies in the world deal with it.
The author can be reached at francisadams2010@gmail.com and on +91 9916484564
Please feel free to post your comment. I would love to read them and respond
ReplyDelete