While an ‘end of the world as we know it’ tune is still being carried by alarmists and others warning of the possibly dire consequences of a Y2K computer glitch, GartnerGroup, Inc. (NYSE: IT) recently issued a report indicating another area of concern.
Companies, according to Gartner, including e-commerce operations, should beware of those that provide relief in the form of Y2K remediation. There is the possibility that an expert brought in to assist with Y2K-related security damage could end up stealing billions of dollars.
The Likely Perpetrator
Although this might seem dismissible as just another face of Y2K paranoia, the Gartner report — “Year 2000 and the Expanded Risk of Financial Fraud” – which speaks to the potential loss of billions of dollars might command the attention of some.
According to a company statement, “the likely perpetrator would be a highly skilled software engineer who has worked on Y2K remediation efforts and understands both computer systems and the underlying business processes.”
The scenario, according to Gartner, could be possible by the convergence of “two pervasive but unrelated forces:” the fact that “the world’s financial systems have largely migrated to an electronically interconnected model; and that “virtually every line of code, every interconnection, and every computer involved in the process will have been opened, tested and possibly changed to support remediation efforts.”
“The irony,” according to Joe Pucciarelli, GartnerGroup analyst, “is that the person saving the day,” after a security-related disaster, “may end up pilfering the loot.”
Guarding The Castle
“Given the enormity of the Y2K task, the vast number of people assigned to fix the problem, and the element of human foibles, it should come as no surprise that at least one significant theft will occur in the next five years,” said Pucciarelli. “When you ask the king’s soldiers to rebuild the king’s castle, the royal army has more opportunity to steal.”
The report does indicate risk management plans, however, for effective theft and fraud deterrents, including the obvious “identify and assess all Y2K-related theft and fraud risk.”
Additionally, Gartner advises companies to reinforce their Y2K security and quality control procedures, and to review their enterprise insurance coverage.