A chilling thought…
In the months that the SARS outbreak occurred, a scary
thought crossed my mind. What if someone in an overcrowded Mumbai local train
had a SARS infection and sneezed? With a dozen or so people packed in per square
metre, an entire compartment of people could be infected with the virus before
the train reached the next station. That made me wince and cover my face with
a handkerchief every time someone nearby coughed or sneezed.
Now let's talk about the digital equivalent.
IT infrastructure and stored information is the pulse
for many a business. In some cases, business would come to a grinding halt due
to the slightest downtime. Traditionally, unstable power conditions, data corruption
and system failure caused business disruption. Today IS Managers worry about
other threats: Computer Viruses/Worms, Hackers and e-mail Spam.
Such threats have gained more importance of late. Because
more business networks are now interconnected via the Internet, worms and viruses
can spread in a few minutes and attack thousands of computer systems worldwide.
In fact it's become a 'dog, cat and mouse' game: A
company announces some vulnerability in its software and creates a patch; a
virus writer creates a worm/virus that takes advantage of this and strikes unpatched
systems; a security solutions company races to create an antidote and fix for
This game has been going on for awhile, but now the
moves are faster. New software vulnerabilities are announced daily. According
to Symantec approximately 450 new viruses are reported every month.
Considering the number of information security threats
that have arisen in recent months, we at Network Magazine think this issue has
reached a point when it can no longer be ignored.
Just because we rarely hear about information security
breaches in Indian enterprises, it doesn't mean these aren't happening. While
we read reports about the recent Slammer and Blaster worms we wondered how many
Indian enterprises got infected. We wondered what steps India Inc. has taken
to protect itself from these new threats. So a month ago we decided to investigate.
As part of the research for this month's cover story,
our correspondent Anil Patrick R, visited three major Indian companies to investigate
the status of its security systems. Some of these admitted to security breaches,
notwithstanding all the hi-tech security systems that are in place. And those
who have not yet been attacked are fortifying their systems in anticipation
for the worst. The smarter ones have administered security policies and update
We were alarmed to find that many organizations continue
to remain complacentthey feel the expensive firewall, IDS and anti-virus
solution that they deployed is enough to keep out any virus or hacker. Worse,
a study reveals that 40 percent of Indian organizations lack formal security
management processes or written security policies.
Keeping this in mind, I dread to think what would happen
to India Inc. if there was an outbreak of the digital equivalent of the SARS
virus on our networks.
Brian Pereira (Assist. Editor)