Comments
The $45-million ATM heist at Gulf-based National Bank of Ras Al Khaimah PSC has once again brought the Indian information technology-enabled service companies under the spotlight.
According to industry analysts and cyber experts, such incidences can take place in future too that could further erode credibility of such service providers.
“An incident like this certainly impacts credibility of the Indian outsourcing industry. Although we see that a handful of people are involved throughout the world and this is not specific only with Indian environment, the involvement of Indian company will bring back issues of security while outsourcing,” Atul Khatavkar, Vice-President - IT Governance Risk Compliance, AGC Networks, said.
Stringed law needed
Cyber experts said that there needs to be more stringent law under the IT Act. Currently, there is only a three-year imprisonment and also it is a bailable offence.
“The problem is most of the companies are breaching the law rather than following it. If such cases happen in India, we are not prepared for them as we do not have a central agency to audit these companies. Therefore, this case should be a wake up all,” Pavan Duggal, Cyberlaw expert and Advocate at Supreme Court of India, said.
He said the IT Act needs to be tweaked especially for dealing with protection, preservation of sensitive personal data and adapt to security as way of life. “The law which is there is not in sync with time,” he said.
According to a PwC analysis, the number of cyber crime cases registered under the IT Act in 2011 was 1,791, an 85 per cent increase since 2010, and this number is expected to go up by 173 per cent this year.
“Security is still seen as an act of God and hackers have figured that it is easier to break into the Indian arm of a multinational company rather than its American or European arm,” Vijay Mukhi, a cyber expert, said.
Growing risk
With more opportunities for cyber criminals to access sensitive data, the lack of a robust legislative framework and inadequate cloud computing strategies of organisations, the risk relating to data privacy and security could increase in India, said Sivarama Krishnan, Executive Director at PwC.
However, according to individual companies and industry body Nasscom, the firms are well equipped with security practices.
“IT/Business process management industry in India is fully aware of its responsibilities and realises the growing threats in cyber space. Our companies have put in place robust security practices as mandated by the clients, which are regularly tested by them through periodic audits,” Nasscom said in a statement.
“We take care of small transactions between Rs 10,000 and Rs 50,000, which are meant for bottom of the pyramid. We have all the security in place where a customer is provided with passwords, which are also encrypted,” Pramod Saxena, Chairman and Managing Director, Oxigen (payment solutions provider), said.
ronendrasingh.s@thehindu.co.in
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.