Wednesday, December 31, 2008

IT Crisis at the World Bank

The Government Accountability Project in November published a story describing problems of information security at the World Bank. It reported "that duties have been stripped from the institution’s Chief Information Officer." GAP also published on its website an internal memo of the World Bank dated November 25 making an interim appointment placing Van Pulley in charge of cybersecurity at the Bank, reporting to a trio of senior Bank officers, and mentioning that there had been a number of hacker attacks on the Bank's computers.

My wife and I, both having served as consultants at the World Bank in the past, have recently received letters informing us that the World Bank's records of our financial data had been breached. This adds personal confirmation of problems in security of the bank computers.

Fox News on December 22 reported that "a leading India-based information technology vendor named Satyam Computer Services was barred last February from all business at the bank for a period of eight years.......The World Bank debarment — the harshest sanction the world's largest anti-poverty agency has imposed on any company since 2004 — was meted out for "improper benefits to bank staff" and "lack of documentation on invoices," according to Robert Van Pulley, the top World Bank information security official."
From 2003 through 2008, as FOX News reported, the World Bank paid Satyam hundreds of millions of dollars to write and maintain all the software used by the bank throughout its global information network, including its back-office operations. That involved overseeing data that ranges from accounting and personnel records to trust funds administered for many of the world's richest nations.
Other stories in the Fox News series:
Comment: I am saddened by this ongoing story since the World Bank is an important institution and will be doubly important providing assistance to developing nations during the current global financial crisis.

Of course the World Bank is a major international financial institution with a portfolio of many tens of billions of dollars worth of loans in place, and as such must have strong cybersecurity. Indeed, it has access to confidential information from many nations, and has a responsibility to protect that information.

I wish the Bank staff good luck and quick success in dealing with the current problems and establishing a trustworthy and trusted information and communications technology system. JAD

No comments: