BPO firms unaware of liabilities due to data breaches

By IANS
Thursday, December 2, 2010

NEW DELHI - Employees of more than three-fourths of the business process outsourcing (BPO) firms lack awareness on liabilities arising out of data breaches, according to a survey released Thursday by global advisory firm KPMG.

“The industry treats data security more as a hygiene factor, rather than a point of differentiation to gain competitive advantage,” said a report from the survey jointly conducted by KPMG, the Data Security Council of India and the Indian Computer Emergency Response Team (CERT-In) set up by the department of information technology.

“Almost 50 percent of the organisations are negotiating contracts to ensure that any liability arising from vulnerabilities in the clients environment is borne by the client,” the report added.

The survey questioned organisations, among other aspects, on the levels of perceived risks in different lines of service including customer support, payroll, finance, on the roles played by their chief information officers and mechanisms adopted for conducting employee background screening.

“The survey highlights that while the industry participants have developed comprehensive frameworks for addressing the information security concerns, the aspects relating to privacy haven’t matured as much,” said Akhilesh Tuteja, executive director, KPMG.

The Indian BPO industry has grown nine times from $1.6 billion to $14.7 billion in just a decade and is expected to witness robust growth in years to come.

By 2020, Indian outsourcing industry (IT and BPO) which is currently at $60 billion is expected to reach $225 billion.

Only 44 percent of the respondents are mandating vendors or third parties to report new threats and vulnerabilities in their products or services, it added.

“This survey should act as a useful guide for senior executives of BPO companies in formulating their future positions and will be a good tool for many chief information officers in developing business cases for comprehensive information security programmes,” added Tuteja.

Filed under: Education

Tags:
YOUR VIEW POINT
NAME : (REQUIRED)
MAIL : (REQUIRED)
will not be displayed
WEBSITE : (OPTIONAL)
YOUR
COMMENT :