Lack of strict implementation of existing information security protocols, along with poor employee awareness, lead to most cyber frauds in the country's booming business process outsourcing (BPO) sector, a joint study said on Thursday.
The survey, "Understanding the perceptions and awareness around cyber security among employees working in BPOs", jointly conducted by apex body Assocham and Microsoft, noted that awareness about cyber frauds was low amid freshers and job applicants, but it was relatively higher in experienced employees.
Experienced BPO professionals admitted that both employees and customers were to be blamed for cyber frauds -- as employees lack ethics and customers were careless about security and privacy -- while acknowledging that computer hacking, credit card/bank frauds, malware/virus, tech support scams are most prevalent, the survey said.
Highlighting the poor levels of awareness among freshers and job applicants, the survey said perceptions about cyber frauds are mostly driven by word of mouth and media.
"Besides, the predominant perception for causes of cyber frauds is the growing shift of online transactions -- from shopping to banking and consumers' growing trust on internet and its safety nets," it said.
According to the Assocham-Microsoft survey, while enough measures exist in the BPO sector to keep a check on cyber frauds, it is the lack of seriousness at the organisational level towards the issue which is the root cause of the problem as casual attitude is often passed down to employees.
"Basic protocols like frisking/checking before entry/exit, no mobile phones on floor, no pen and paper and others are frequently overlooked, thereby exposing gaps," said the survey.
It was also revealed that certain casualness exists as the general feeling was that most cyber frauds occur on a larger scale and the security staff was not aware of implications of not following proper protocols.
"There is also little awareness on importance of protecting data of clients leading to casual attitude of employees towards data," it added.
The industry body said it has, in collaboration with Microsoft, launched "Cybersuraksha Youth Awareness Campaign", wherein series of workshops are being organised in various states with an aim to promote awareness about cyber security threats among citizens and provide up-to-date security information through education and sharing of good practices.
The joint survey was conducted in Delhi-national capital region (NCR) and Kolkata to ascertain the level of awareness regarding cyber frauds among people employed in the sector. The survey sample design comprised of four focus group discussions (FGDs) and 20 in-depth interviews (IDIs) held across Delhi-NCR and Kolkata.
( 430 Words)