The survey polled multinational as well as Asia-Pacific-based companies and found that internet/intranet security and business disruption/disaster recovery were considered the most significant security concerns to businesses operating in the region.
Pinkerton says that activities related to Y2K planning during 1999, and widely reported virus and hacking attacks on major corporations, have served to make non-IT management more aware of just how much today’s companies rely on technology and computer networks.
And while hi-tech attacks can pose a major threat to a company’s operations, there is also a decidedly more low-tech risk arising from natural and man-made disasters that physically affect technology infrastructure.
According to Jeffrey Williams, vice president Asia for Pinkerton, 75% of respondents reported they had prepared crisis management plans during the last 12 months to counter threats posed by natural disasters, civil unrest or intentional acts against a company.
The bomb blast in the carpark of the Jakarta Stock Exchange this week emphasises the kind of unexpected events that can occur, particularly in the politically and geologically volatile regions that abound in Asia.
“Earthquakes in Taiwan and the Philippines, coupled with violence in areas of Indonesia, insurgency incidents in the Philippines and tension between the PRC and Taiwan highlight the ongoing need for current, well thought out contingency planning,” says Williams.
In the case of the Jakarta Stock Exchange, the on-site transaction systems and data survived the blast, but had the site sustained more damage the disaster recovery infrastructure would have come into play, testing the quality of the exchange’s off site data back-up centre.
Priorities
Pinkerton’s Asia-Pacific survey is based on the survey of Fortune 1000 companies it has been conducting in the US for the past seven years. And a comparison of the two surveys conducted this year reveals as much about differences in corporate culture as it does about security issues.
Although the surveys show that internet and disaster recovery issues are seen to be most important in both the US and Asia-Pacific, other areas of concern were different. In the US, workplace violence, drugs and alcohol in the workplace, and sexual harassment ranked high among security concerns, whereas these weren’t perceived as major problems in Asia.
But kickbacks, business espionage and employee theft were considered to be far more important. According to Pinkerton’s report on the survey, these problems can reach “endemic proportions in countries where cultural differences often result in views on ethics and standards that vary widely from those held in the West."
The Pinkerton report also found that most companies in the Asia-Pacific region were less proactive than US or European companies in tackling recognised security problems. In spite of concern about computer security, for example, the survey found that less than half of all respondents had proactive programs to detect hackers. In its consideration of responses to security issues in Asia-Pacific it concludes: “Clearly there is room for improved pro-active programs aimed at detection, prevention and deterrence of many crimes and threats in the region.”
