About Us Products & Services Our IP Network Customer Support Resource Centre
Search
Contact Us
Sitemap
Home
  Extensity Newsletter
Vol. I   Issue 11   April, 2004
CASE STUDY
INSIGHT
KNOW-HOW
SIFY NEWS
EMERGING PICTURE
1000 WORDS
TECH TRENDS
 
Previous Issues
 
You are here : Home | Extensity Newsletter | Know-How

Indian Market Status Quo

In my last article I wrote about the inception of the Information Security Standard BS7799. In this article I delve on a very pertinent question, which I thought of when I heard of this standard, the first time. What is the Indian market's status? Do we really need to be talking about this standard? The following is what I found out.

Let us take a look at the current facts and figures that were highlighted in a few recent studies on the Indian Market prior to getting a closer view of this much spoken about information systems standard, "BS7799 Standard".

PWC - CII Study Survey on the Indian Industry

  • Though 68% of the respondents accorded a high priority to security, K Only 41% had a comprehensive security policy in place.
  • Worse, about 47% of respondents continue to work without a security policy.
  • Over 65% of the respondents admitted to not running security audits on e-commerce systems.
  • 83 % of the firms that were victim to a security breach have taken no legal action.
  • About 38% fail to perform background checks on entities that assist them with development, maintenance and/or administration of their e-commerce systems.
  • 72% companies said they were reluctant to report security breaches for fear of damaging their reputation.
  • The use of IDS and vulnerability assessment tools is still low at 21 percent and 8 percent respectively.

Major components found missing in the policy documents of Indian Businesses (Source: PWC - CII Study Survey on the Indian Market)

  • Risk analysis of the processes and activities enabled by the IT deployment.
  • Classification of business data sets along the three IS objectives of Confidentiality, Integrity & Availability.
  • End User Awareness through inclusion of IS security training in structured induction or development programs.
  • Procedures for partners especially in scenarios where business partners interact electronically or the audit/consultant community start to emphasise on the company's electronic data system.
  • Monitoring standards for checking compliance of IT security policy including continuous review of security events.

KPMG NASSCOM Survey 2002-03

  • 84% of respondents surveyed agreed that the demand for BCM has increased manifold, an indication of the increasing awareness level in the industry.
  • However, a meagre 29% have a documented, corporate-wide and tested BCM plan in place, whereas 71% do not have one.

Planned Areas of Investments in IT Security (Source: Network Magazine, June 2003)

How many Indian companies have a Chief Security Officer (Source: Network Magazine, June 2003)

What are the most critical Issues faced by the Indian Companies (Source: Network Magazine, June 2003)

Profile of the participants while creating an organisation's security policies (Source: Network Magazine, June 2003)

- Montu Das
 
 
Search Engine Marketing by Sify SEO
  Best viewed at 800 by 600. Copyright © SIFY Limited. All rights reserved.
Privacy Statement Disclaimer