The Register® — Biting the hand that feeds IT

Feeds

Cameron to ink cyber deal with India, protect Brit outsourced data

UK will also share infosec expertise and threat intelligence

By Phil Muncaster, 19th February 2013
  • print
  • alert

Customer Success Testimonial: Recovery is Everything

Prime Minister David Cameron will step up UK co-operation with India on cyber security on Tuesday in a bid to better protect data stored on Indian servers as well as share intelligence on breaking threats.

Cameron is in India as part of a three-day trade trip designed to build stronger business ties with the vast emerging nation.

The deal, set to be signed in New Delhi by Cameron and Indian PM Manmohan Singh will mark “an unprecedented level of co-operation with India on security issues”, Downing Street told the FT.

The joint task force to be announced will apparently see the UK sharing its expertise in tackling cyber threats in order to better secure the increasing amount of business and personal data stored on servers in India.

“Other countries securing their data is effectively helping us secure our data. I think this is an area where Britain has some real competitive and technology advantages,” said Cameron.

It’s unclear whether this sharing of expertise will come with a bill attached – after all, it is primarily a trade mission – or if the need to ramp up the security of outsourcing providers is the main goal.

The risk to UK data stored abroad has been highlighted many times over the years, most recently last year after revelations that Indian call centre staff were selling on the personal details of millions of Britons.

New Delhi-based Forrester analyst, Katyayan Gupta, told The Reg that although the deal should give Indian firms much needed access to advanced security skills and resources from the UK, the insider threat will persist.

"That is why there is a need for stricter SLAs between the Indian outsourcing firms and their international clients. Moreover, its essential that there is a regular audit of these SLAs," he added

"Plus, Indian outsourcing firms should be pushed to achieve higher/highest levels of information security certifications, including ISO 27001 and others."

The deal will also apparently see the UK and India sharing threat intelligence to thwart cyber attacks on their systems.

However, India’s attempts to secure its own infrastructure have been less than convincing over the years with government sites often taken offline or defaced by hacktivists.

Most recently, news emerged in December that the government and military had suffered one of its worst ever breaches after 10,000 email accounts belonging to top officials were compromised.

Symantec also warned last year that consumers and SMBs in the country were under increasing risk of targeted threats as attackers looked to exploit piecemeal security and low levels of awareness. ®

Ensure Ease of Recovery with Asigra’s Agentless Software

COMMENTS

House Rules Send Corrections
All Reader Comments (22)
Highly Rated
g e

Right we get the point but

Wouldn't he be doing better to try and foster some kind of 'bring your data home' initiative to keep it onshore instead?

10
0
Matt Bryant
Reply Icon

Re: Right we get the point but

"Wouldn't he be doing better to try and foster some kind of 'bring your data home' initiative to keep it onshore instead?" Well, yes and no. Yes, it should be more secure, but no because it will be more expensive. Outsourcing to India is cheaper, hence the popularity for companies trying to cut costs, but then the cost of bribing someone in the outsourced company to subvert security is also cheaper. The simplest way to break any security system is to get someone on the inside to break it open for you. Training the locals in advanced security will simply make them better at subverting any additional security. Companies can live with that if they simply don't care about the penalties, so we would see a lot more reversed outsourcing deals if the UK enacted some serious penalties (financial and jail-time for CEO/CIOs) for security breaches of outsourced data.

5
0
Gaius
Reply Icon

Re: Right we get the point but

Don't you get it yet? Yes outsourcing IS cheaper... For the first quarter, or maybe the first year. Enough for whoever inked the deal to be hailed as a business genius and get his bonus and promotion. Then the wheels come off and you're over a barrel. Penny wise, pound foolish as they say.

4
0

More from The Register

breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17
breaking news
Yes, maybe we should keep hackers in the clink for YEARS, mulls EU
Watch out black hats, they just might throw away the key
39
Microsoft borks botnet takedown in Citadel snafu
Stupid Redmond kicked over our honeypots, wail white hats
19
Critical Java SE update due Tuesday fixes 40 flaws
And yes, most are remotely exploitable
33
Kaspersky slips server security into PC software as attackers get crafty
Want to bag a CEO? Aim for his family
8
NSA accused of new crimes ... against slideware
They may take our information but they cannot take our REFINED AESTHETICS
40