[ISN] Corporate India found wanting in security preparedness: Survey

[InfoSec News <alerts@xxxxxxxxxxxxxxx>]

http://www.hindu.com/thehindu/holnus/006200901161938.htm

The Hindu
January 16, 2009

Chennai (PTI): Finding gaps in Corporate India's security preparedness, 
a survey on Friday said companies should carry out stringent 'threat 
analysis' and adopt multi-layered security approach to prevent their 
premises and personnel from falling a prey to terror attacks.

Corporates should assume a more proactive role in ensuring that at 
organisational level they were accountable for security of their 
premises and personnel and do not become victim of such attacks on 
account of negligence, the survey conducted by KPMG said.

The survey found Corporate India was not prepared to cope with a 
security incidence in case they were caught in a terrorist attack or 
faced with an unconventional threat. Gaps exist in current safety 
measures of most companies, indicating a need to improve the security 
frame work.

According to the survey conducted on select companies in the country 
from various sectors, majority of them with an annual turnover of over 
USD 150 million, revealed that more than half of the respondents (53 per 
cent) did not conduct such threat analysis.

The preparedness to threat was found to be drastically low with only 
about a quarter (24 per cent) of the respondents having a comprehensive 
response plan while the rest either had no or very generic security 
response plan, it said.

Over 58 per cent of respondents' Business Continuity Management plans, a 
critical process for organisations since it helps them recover fastpost 
an occurrence of a disaster, did not consider terror attacks.

When asked to rate security related aspects, background verification of 
employees was deemed the most important aspect followed by IT and 
perimeter security.

Due diligence of vendors/service providers followed by training and 
perimeter security were identified as the weakest areas within the 
organisational security.

According to respondents travel (airlines/airports), hospitality and 
retail were more prone to terror attack as compared to others.

The KPMG report also delves into money laundering and the allied issue 
of terrorist financing. One of the important features of terrorist 
financing was concealing the source and usage of funds. To tackle the 
issue, the report suggested a joint approach by the private and public 
sector.

In conclusion, the KPMG recommended conducting a threat perception 
analysis for all locations in order to access the exposure to the risk, 
considering terrorism as a major risk when designing disaster management 
and BCM processes and thorough background checks of all employees.

Besides, it also suggested training people for emergency response at 
times of disasters, continuous engagement with intelligence agencies to 
understand the alerts and react appropriately and educating IT users 
with risk management principles and counter-measures in case of a 
disaster or a terrorist attack.


_______________________________________________      
Please help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html