Corp computer crimes: Indian employees more honest

[InfoSec News <isn () C4I ORG>]

http://www.timesofindia.com/271100/27info1.htm

By N Vidyasagar
Monday, November 27, 2000

NEW DELHI: Indian employees are more honest and sincere than their
counterparts in the developed countries, when it comes to corporate
espionage or security breaches within the organisations. This has been
revealed by CII-PriceWaterhouseCooper's (PWC) security survey of
information systems.

Going by the global trends, most of the security breaches or corporate
espionage have taken place with the complicity of present or former
employees of a company. The involvement of hackers in the corporate
computer crime is not much.

``The survey indications on Indian corporates are a surprise. A number
of CEOs and CIOs have admitted that their companies are subjected to
hacking by computer terrorists rather than by their internal
employees,'' PWC head of security services Neel Ratan told The Times
of India.

In a survey of around 700 chief information officers, it has been
found that over 50 per cent of the culprits for the security breaches
are computer hackers. In fact, a large number of information officers
in India are not even aware of how have they been robbed, he said.

Although major Indian companies have an Internet security policy
mission statement to battle against hacker attacks, more than 50 per
cent of the companies have said that they are not satisfied with their
companies' information security policy.

Ratan maintained that more than half of the respondents in sectors as
wide as IT, manufacturing, multinational banks, FMCG companies, among
others, have admitted that their companies have been vulnerable to
virus and hacker attacks.

In contrast to this, PWC's global survey had found the threat of
security breaches from various quarters. In a survey of nearly 1,600
information technology professionals from 50 countries, 58 per cent
authorised employees are responsible for security breaches,
unauthorised employees accounted for 24 per cent and former employees
for 13 per cent. Computer hackers or terrorists comprised another 13
per cent, while competitors accounted for 3 per cent only.

Ratan said that as the hackers are the main culprits for the security
breaches in Indian companies, the systemic damages done by them are
serious in nature. But, at the same time, as there is very limited
involvement of employees are there in security breaches in India,
companies can take prudent measures to limit information losses, he
said.

Although no loss of figure is available, Ratan said that Indian
companies have experienced security breaches in their computer network
resulting in loss of revenue as well as that of key financial data in
the last 12 months. However, he could not give a figure as the data
are still being collated.

The preliminary indications of the CII-PwC IT security survey with the
topline Indian companies is an extension of PwC's global security
survey which was undertaken to provide a benchmarking for Indian firms
for IT security practices.

The final study would be released at IT-Asia in Mumbai next month.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".