Even as the country is re-positioning itself as the world's most favoured IT hub, Indian companies are highly exposed to the "internal attacks" generated by the "insiders", a top IBM official said.
"These attacks are most dangerous, since they are performed by people with established authorisations within the organisations...Given Indian organisations are in a hyper growth phase and hiring many new employees..The threats too grow in magnitude," IBM's Worldwide Evangelist for Security Pierre Noel told PTI in an interview.
IBM had announced a $ 1.5 billion investment in its security initiatives in November 2007 and has also drawn up plans to relocate a significant chunk of its activities to India by increasing its investment in Bangalore and Pune labs.
Noel's comments assume importance in the backdrop of rising instances of security breaches in the country in the past few years.
This includes a $ 4,25,000 cash theft carried out by five former employees of Pune-based BPO unit MSource from four Citi Bank customers in New York in April 2005.
In a similar incident, an employee of Gurgaon-based IT firm Infinity E-Search also allegedly tried to sell the bank account details of 1,000 Britons by stealing data from the company's software.
In many cases, underground brokers have been found delivering tools to aid the IT criminals in a bid to avoid detection by security software, Noel said.
In a recent report, IBM had warned against the rising exposure of IT companies against such attacks worldwide.
"The criminal element will contribute to a proliferation of such attacks in 2008," the company had said.
As a part of its strategy to enhance its footprint in the Indian sub-continent, the US IT major plans to deploy a significant number of its security researchers in the country in the next few years, Noel said.
However, he declined to divulge the details of investment in the project.
Meanwhile, the increased reliance of Indian companies on IT and Internet to carry out essential aspects of their business has subsequently increased the number of "targeted Internet attacks", Noel pointed out.
"The public, domestically and internationally, is made aware of these evolutions, attracting specific forms of attacks aimed at these organisations which are aimed at stealing corporate secrets and information assets."
With a view to consolidate its position in the estimated $ 22 billion global security services market, IBM had undertaken a series of acquisitions in last two years, including the $ 1.3 billion take over of US-based Internet Security Systems in 2006.
Last year, the company had acquired Netherlands-based Consul Risk Management and Watchfire of the US.