Financial Daily from THE HINDU group of publications
Monday, Sep 29, 2003
Mentor
Features
Stocks
Port Info
Archives

Group Sites

 Mentor - Management


Guard your cyber-baggage from thugs and bugs

STORY so far: I have seen people who prefer green as their lucky colour, but I realise it is time that corporates would be unlucky if they didn't give green its due attention. To be eco-friendly, environmentally-aware and so on is not some oratory for conference rooms but deserves action in company operations. Perhaps, it is necessary for accountants to highlight the fact that green initiatives are not wasteful costs but outflows with a high return potential.

Episode 48

Back in office, one thing that made news day after day was the series of virus attacks on the computer servers. It was not as if our competitors were targeting us, because as per media reports the problem was global.

Suddenly, a software would vanish from the desktop; later, some commands may behave erratically; and by the end of the day, we would have logged out and resumed work for the dozen-th time.

I could only pity the systems department in the office. The boys and girls there seemed to be as clueless as the rest of us, and they were trying quick-fixes, downloading patches from the Web and generally keeping fingers crossed.

It was a relief, therefore, when I found a flyer in my copy of the CA Journal and it spoke about the information security seminar in Hyderabad. "The goal of this seminar is to gather officials from the governmental, banking and industrial sectors to bring awareness, to identify the threats facing us today, and to understand the steps, solutions and implementation to counter and protect these critical infrastructures," stated the brochure. There can be no two opinions that any information online is at potential risk from unknown sources. And protection of networks assumes key significance, especially in the aftermath of the events of 9/11.

You may wonder if it is necessary for CAs to be equipped with computing-related knowledge. But the point that is usually made out at professional meetings is this: If CAs ignore this area, there would be engineers who would take that over and accountants would end up playing the second fiddle when it comes to managing information systems. That may be a hollow reasoning because it sounds as if there were a single bone between two dogs.

Look at it this way: Accounting is information-based. In fact, in any organisation, accounting info is pricier than any other info. CAs who preside over accounting information generation and reporting need to ensure that the systems they rely on are okay. The best way it is done is by knowing how the animal called EDP works, rather than swallow second-hand knowledge in this regard. It can make all the difference between standing indefinitely beside a car stranded on the highway with a flat tyre not knowing how to change the wheel, and pulling out the jack and getting down to business.

A prediction from the National Association of Software and Services Companies (Nasscom) has pegged the demand for security positions at 60,000 over the next 2-3 years. At the seminar, the Nasscom president, Kiran Karnik, said information security had become a major thrust area for corporations since it sought to protect various intangible assets and the complex ongoing works of Governments, particularly through external intrusions. He warned the audience of attacks similar to the one on WTC, on the tech front: "We need to guard from attacks in cyberspace, which could cause serious disruption to life and cause huge losses."

We have cops and thieves. So also there are hackers and the regulators. To mind-read the hackers, you need ethical hackers (and that may sound like honest auditors or pure water) and these people have but one goal: To simulate a real intruder's attacks in a controlled, safe way and then tell you what they find and how you can fix the breaches to keep the baddies out.

It is heartening to find, when searching for `ethical hacking' in Google, that the book by Ankit Fadia at the top of 64,900 finds. Fadia wrote the book as a 17-year-old Delhi school student, to encourage a new wave of helpful hackers who break into systems purely for the scientific challenge, as the "Book News, Inc" put it.

They are supposed to leave files and systems unscathed and offer security pointers to system administrators. "The results of Fadia's experiments are published here, with step-by-step hacks for Windows, Linux, and DOS, and information on firewalls, viruses and mail bombs for hackers, programmers, system administrators or anyone."

When the session broke for tea, I managed to network with Karnik and other heavyweights on matters such as cyber law, technical challenges in cyber security and so on. Because, as they say, when you are on to a tough job, you may need all the help you can manage.

*********

At the mailbox: "Hi, I am Ram," reads a mail. He is not the one from Ayodhya but a "CA failure student". Ah, I am sad the way he is introducing himself, because you may fail in an exam but why think you're a failure? Also, professional exams are not the same as your graduate level ones. Not getting through is no big deal. Easier said than suffered, you may be grumbling, but let me resume with my correspondent.

"My problem is that I am not able to score in my theory papers. Also, I find it tough to write section numbers and cite case laws." There are many who find theory easy and practical subjects such as accounting tough. Text-intensive papers have to be studied differently from the problem-oriented ones. First of all, you need to be clear about concepts. Nobody wants to see tonnes of pages as answer for theory paper. You need to be precise, crisp and possess a handwriting that would not act against you. Section numbers and case laws have to become second habit when studying law.

If you can remember bus route numbers, cricket score or telephone numbers, you should be able to store section numbers and case laws too in your head.

There is a mail from Ravi and it is about the ICAI: "Over a period, there has been a marked improvement in the functioning of the Institute. A friend of mine who is suffering from a severe disease had applied for help from the CA Benevolent Fund. Within a month, a grant of nearly Rs 1 lakh has been sanctioned and payment received." That's great, because it is a timely help. Ravi goes on to introspect: "How responsive have we been? Have we responded to the exposure drafts? Have we replied to the invitation for seminars — wishing the seminar success even if we are unable to attend?" The Institute represents what we are, he says. That's right, Ravi. I agree.

(To be continued)

Swati_CA@hotmail.com

Article E-Mail :: Comment :: Syndication

Stories in this Section
There is safety in numbers

Directors, your attention please
Cows, goats and a cart-pusher with a CA goal
Walk me on the tax land
Guard your cyber-baggage from thugs and bugs
Remember what a `forgetting curve' is?

The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription
Group Sites: The Hindu | Business Line | The Sportstar | Frontline | The Hindu eBooks | Home |

Copyright © 2003, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line