P.S. This is in continuation of the previous article
The second e-mail threat received by Wipro has been reported with some more detail today in this article in Times of India.
According to this report, the investigation has now been taken back by CID from the Bellandur Police. However unless this is pursued like a Terror threat in full invoking the assistance of NIA, it is unlikely that any quick progress can be made.
Law enforcement naturally have a nose for smelling intelligence but Companies are more prone to displaying an “All is Well” syndrome and try to downplay such risks under the false impression that they are protecting their reputation which would otherwise be lost.
In this case, the natural complacency of the corporate sector seems to have rubbed off on the Police also and hence over the last one month, no progress seems to have been made in tracing the e-mail.
For those who think Naavi.org is being needlessly hyper about the incident, it is necessary to point out that “Risk Management” requires identification of risk and assigning the probability of its manifestation. As long as the risk is not brought down to zero, it is the duty of the Risk manager to flag the risk and seek action. In the subject incident I feel the risk goes beyond the corporate boundaries of WIPRO and hence we the citizens have the right and also the duty to seek proper corrective action by all those concerned.
If this delinquent employee as is being believed turns himself up to be recruited by a terror organization, his threat may be used as a potent weapon against people outside WIPRO. Hence the incident cannot be buried as a coprorate event on which only WIPRO is interested
In Cyber Crime investigation, one month is an unpardonable delay and parking of the investigation at the local police station which every one knows is ill equipped to handle was as good as abandoning the investigation.
I hope atleast now the investigation is taken up with a new vigour to catch up with the loss of time that has occurred.
I would like to also make a comment here about companies thinking that if they give weight to such incidents, they would be harming the reputation of the company.
Actually, in my opinion, the reputation of the companies would be enhanced when they respond promptly to adverse situations.
As the proverb goes,
“ It is not the way you fall down that determines your character, but it is the way you get up after a fall“
When a company hides problems under the carpet fearing a reputation loss fall out (in a case like this where no fault can be ascribed to the Company in the first place), it is only enhancing the risk of the incident escalating in future with a greater force.
I hope the wisemen investigating the incident would correct for the deliberate neglect over the last month and go hyper now.
Naavi
