With information security becoming a big issue around the world, the number of security breaches has shown a massive increase in India.
This year the number of security breaches has shown a rise of 83 per cent from last year, prompting Indian corporates to put secure information systems high on their priority, a survey by PriceWaterhouseCoopers for CII has revealed.
This change in mindset is driven to a large extent by companies whose clients in US want them to have secure information systems, Joydeep Datta Gupta of PwC said.
"While many companies are reacting to the demand, some have been proactive so as to address the concerns of their clients outside India. In last six months, many companies in IT and BPO space have come to us for putting in place secure information systems and use it as a differentiator," he said. "
Apart from IT and BPO, financial services were proactive about security.
"It can attract business to companies that have secure systems while for others it can become a question of survival," Infosys' chief operating officer and chairman of the CII committee on e-governance S Gopalakrishnan said.
He said in the last six months, CII has worked with 100 corporates to sentisise them about information security and even in the manufacturing sector there was heightened awareness about the issue.
With security breaches increasing alarmingly, PwC and CII favour tougher enforcement of laws to bring the hackers to book.
They even suggested coming up with insurance products that compensate for losses due to breaches.
As many as 77 per cent companies in IT and communications space and 70 per cent overall have putting in place secure information systems high on their priority but still 50 per cent of them see capital expense as a major barrier.
Despite high costs, as many as 84 per cent of the corporates surveyed said that they plan to increase spending on security, the survey, the third in a series said.
The last survey had reported an increase in the percentage of corporates with a security policy from 16 per cent in 2000-01 to 41 per cent in 02-03.
This year corporates with a comprehensive security policy have expressed a higher level of faith in its effectiveness.
The survey found that more corporates are expected to formalise their policies in the years to come and 40 per cent of the businesses in India plan to obtain security certification in the next 12 months.
The CII-PwC survey found that while viruses continue to be the single largest source of breach affecting 76 per cent of respondents, non-virus breaches have affected 54 per cent of those surveyed.
Primitive methods of attack are still prevalent and 36 per cent of the respondents reported security breaches due to abused user permissions, guessed passwords, poor access controls and unintended configurations.
The survey also found that as many as 40 per cent of the corporates who faced security breaches reported downtime of over four hours.
The report suggests investment in security systems and end-user awareness as a means to prevent attacks on information systems.