As data security is becoming a priority for information technology (IT) services companies in India, a joint study by the Data Security Council of India (DSCI) and consultancy major PricewaterhouseCoopers says the primary source of security breaches are the insiders, or employees.
More than 50 per cent of the service providers participated in the survey said insiders not part of the core IT department were the main perpetrators. The survey, ‘The Threat Within’, adopted a three-pronged approach — industry survey and inputs, analysis of the insider theft cases and secondary research — to understand the security environment of the Indian IT/business process outsourcing (BPO) industry.
The study was conducted among nine IT/BPO service providers and four client firms.
Around 89 per cent of the service provider firms believed behavioural motivation to break existing norms was the primary motive for insider problems, while 75 per cent of the client organisations believed that personal financial gain was the primary motive for the insiders for the damaging activities.
“Security breaches and the compromise of sensitive information are real concerns for any organisation. The impact of the insider attack is higher compared to an external attack as they know the organisations’ sensitive secrets and vulnerabilities,” said Siddharth Viswanath, associate director (consulting), PricewaterhouseCoopers.
