Bank security hit by IBM deal
IT security at Australian bank Westpac was compromised as part of a 10-year, $4.3 billion IT outsourcing deal with IBM.
Westpac made a “small blunder”by outsourcing security as part of the massive outsourcing contract,according to Westpac’s chief information security officer and CIO of enterprise services, David Backley.
Under the contract, which covered infrastructure, desktop, e-business, mainframe, mid-range, and telecomms, around 1000 of the bank’s IT staff were transferred to IBM.
Backley told an IT Security Summit in Sydney: “In 2000, when we outsourced to IBM Global Services over 10 years, we made a small blunder in that we outsourced the security team and we were left with one person in-house who now works for the National Australia Bank (NAB); he was the guardian of information security at Westpac.This didn’t work so well as we struggled to get IBM to understand, so the battle continued for a while.
Backley emphasised the importance of addressing human resource issues when outsourcing. “One of the other things that may be useful for anyone who’s thinking of an outsourcing agreement, they guys who had handled security originally had been pretty difficult to deal with. They being security guys and we were trying to deliver budgets.
But when we outsourced we moved them to an organisation [IBM] they didn’t want to work with.”