Being connected to the $45m international cyber heist does not mean that India's IT outsourcing industry is insecure !
Yes, though I am usually quite vocal about the (sad) state of security in our organizations I stand by what I am stating.
Time and again, there is a lot of noise in India and overseas whenever a data breach or malicious hack is reported in the country. Invariably everyone overseas is screaming hoarse about the lack of security in Indian outsourcing companies and we, the local InfoSec community, bemoan the sad state and add more fuel to the fire.
Today, newsmedia across the world and in India, is digesting and dissecting the report about the $ 45 m global cyber heist that has been uncovered.
http://www.bbc.co.uk/news/world-us-canada-22484364
http://www.nydailynews.com/new-york/cyber-thieves-busted-45-million-heist-article-1.1339051
At times like this everyone falles over each other to brand the country as a bad destination for outsourcing. People with vest interests will want to use these occasions to lobby for stricter controls on outsourcing.
And the game goes on !
And this is what gets me - what about the big ticket compromises ? RBS, TJ Maxx, Heartland, Cardsystems and many more.
http://flowingdata.com/2011/06/13/largest-data-breaches-of-all-time/
I do not see any Indian name here so why is there so much noise when any person or company of Indian origin associated with any security incident. Or if there is any activity in the information security domain everyone has to pull out a magnifying glass to obtain every detail about the objective and pass judgment (which is usually negative).
It is high time, the community accepted that Indian companies are doing good work and there is a lot more to be done. Frankly even the "most developed" country in the world has miles to go before it can claim to be shielded from security incidents which continue to happen at the most secure and high profile entities, regularly!
So does this mean that the world should write off the US of A ? Just as naysayers and vested interests call to move from India when there is an incident.
And yes it is not summer if you saw just a swallow ! The industry / country, as a whole, is not an information security black hole, just because one company got haped.
Labels: $45m cyber heist, ATM fraud, bank of muscat, mastercard, rak bank