Why Read This
Terrorist attacks, data theft, and financial fraud remind us of the importance of offshore security. Government agencies and the industry association Nasscom have boasted the swift creation of long-term measures like a new statutory act or initiatives like the Data Security Council to prevent potential disruptions posed by threats. Have these initiatives succeeded in curbing risk? The track record for the past six to seven years indicates otherwise. While stakeholders — individual companies, Nasscom, and the Indian government — took many steps, they have yielded only limited results. Why? Rather than accepting and addressing the full issue, these stakeholders have focused primarily on celebrating initial and even superficial successes or trying to address issues by merely deploying one more technology tool or gadget. The industry should focus more on awareness, education, and meticulously following the high standards of a comprehensive security life cycle. Clients should push their suppliers to invest in people and training, demonstrate C-level commitment, and push government agencies for a better legal framework and judiciary reforms for timely prosecution.