It dawned upon me only when I attended a seminar that cyber crime is
menacing, growing rapidly, and would impact perhaps every section of the
society. I was shocked when a speaker informed the audience of CIOs and IT heads
that pornography was one of the biggest illegal activities happening in the
cyberspace. I was ashamed that as a business editor the only evil of cyber crime
I reported was revenue losses to business houses, while pornography, directed at
hooking children of impressionable age, was growing unabated.
For the uninitiated, dimensions of cyber crime are endless. It includes
piracy of software and ring tones; unauthorized tapping of radio signals or
telephones; hacking or breaking into others networks or computers to steal
information; stalking someone using IT or communications networks; SIM card
cloning; sending or putting up offensive material on a network; sending
unsolicited mails and messages; attacking websites and networks with messages to
bring it down, and so on.
|
Cyber crimes lead to breach of individual privacy, commercial frauds and
revenue losses, terrorism, theft of strategic business data and secrets, theft
of IP, theft of State secrets, to name a few. Not just individuals, but even
organizations and even Governments are sometimes perpetrators of cyber crimes.
And, the sufferers too. The challenge from cyber crime, therefore, is not just
before the IT industry. The society as a whole will have to gear up to handle
all sorts of new ways these criminals will find to attack with.
The seminar on cyber crime threw up another interesting observation. What
surprised me was that while our Indian CIOs seem to know a lot about storage,
utility computing, networking, ERP, and network security, their awareness about
the various facets of cyber crime was far less than adequate. That so many types
of cyber crimes existed came as a bit of surprise to them too.
A CIO not fully aware of the possible threats from IT and telecom deployments
in the organization can prove to be very costly.
I will not be surprised if in the future we see a CIO also doubling up as
Chief Vigilance Officer, therefore not just running the IT and network
infrastructure, but also ensuring that it is not breached and used to the
disadvantage of the organization. The enemy will not crash physical gates, climb
over boundary walls, and gun down security personnel to come in-but will break
through the IT network to get what he wants.
The impact of cyber crime can be and will be devastating for organizations.
Not only will trade secrets and business strategies get stolen, but the CEOs
could get arrested, and the reputation of well known companies could get hit.
Nobody would like to do business with an organization that does not have safe
networks.
No wonder leading enterprise users the world over have taken up security as a
major initiative. Several standards and best practices on security regulations
have been formed, and millions of dollars are being spent on getting those
standards. To ensure that these security standards are across the entire chain,
and not just with one partner, many of these organizations are refusing to
partner with companies which do not have those security practices in place.
Who said the CIO's career is over? In fact, life is going to get more
challenging and difficult for him. Besides running the MIS shop, he has to be
the watch-guard too. He needs to keep himself abreast of not just the new
technologies, but also all the new crimes that a cyber criminal can think of.
And, just when, after the ISO 9000 and its likes, he thought he was done with,
he will now go mad figuring out how to get certifications which certify that the
company's IT processes and networks are safe.
The author is Editor of Dataquest IBRAHIM
AHMAD