Security Risk Management Practices of E-business in India

Abstract

The Internet and e-business offers endless opportunities to business. It also offers convenience to customers and merchants. However, e-commerce environment is under constant security threats giving rise to a variety of security risks because the intrinsic properties of the Internet are a major source of its vulnerability to failures and attacks. Appropriate security risk analysis and management can help reduce this risk to manageable and acceptable levels. For this purpose there is a need for developing suitable security infrastructure in order to control the risk. Controlling security risks for e-business not only requires a lot of investments in security infrastructure but also requires highly specialized technical skills that may be difficult to organize, thus one needs to focus not only on controlling the security risk through internal controls but also evaluating other alternatives for managing this risk. This paper presents a paradigm of security risk management for e-business. The paper also presents the result of a survey on security risk management policies and practices being followed in India.