October 3, 2011: Be conscious entering into contracts with offshore outsourcing vendors
It is dangerous for US companies to get into contract with offshore service providers as there is immense risk involved in outsourcing to the offshore, says INSA Report.
According to the report it is noticed there is hacking widely being practiced in the offshore, thus security for confidential information and data of clients are at risk. The survey conducted by National Security Alliance was purposed to find out the threat present in offshore and also to enhance the cyber intelligence capacity of the United States. The survey report states that it is the federal authorities being aimed by the hackers as there is enough information available on them which can be easily accessed by the hackers. Information on US public sector companies, military and intelligence companies are also easily accessible. If the situation continues, it is expected that the loss for United States will be $400 billion annually.
The intensity of threat does not limit up to the company or the service buyers. It is a nation wide threat which obviously will make impact to the whole economy of the nation as hacker can easily indulge themselves into the United State’s information networks, the report added.
Even though the report dose not pin points any country as such, but it is understood that China and Russia are some of the offshore countries which are into the theft of information and data regarding US based companies, particularly the public sector and defense sector. US defense sector depends on procurement and supply chain related services from service provider which has their operations in vivid parts of the world.
In its findings, the report also added that national and international laws has much to be improved. As technology has advanced and loop holes for hackers are many, the laws must also be improved to get along with the changing scenario. Priority must be given to take measures which are more practical.
Report suggests that it US should not focus on offensive-defensive cyber measures which are costly and also not the perfect solution at this point of time. Instead, definite strategies much be created to minimize the impact that information and data theft. Moreover it was also suggested that public sector firms who are into outsourcing IT requirements must build an effective relationship between the private companies which are into internet authorities to minimize threat and come up with joint measures to resolve security issues in the internet