Two terrorist bombings in the rapidly growing Indian IT city of Hyderabad have reportedly given some investors the jitters. For CIOs who've contracted with Hyderabad outsourcers, how serious is the risk?While neither terrorist attack specifically targeted IT firms or their operations, a Reuters news story picked up by security news website PlanetData quoted a handful of executives with Hyderabad outsourcing companies who expressed concern about the risk of further bombings.

From the Reuters story: "I can't deny there is a lot of concern," said B. V. R. Mohan Reddy, managing director of Infotech Enterprises Ltd., a mid-sized software services firm. "Incidents of a sporadic nature may not have a major impact but if this becomes frequent, it will be a cause of major, major concern."

An executive of another Hyderabad IT company said the local strategy of referring to the attacks as "stray incidents" might not be enough to allay the fears of investors, according to the story: "Shakti Sagar, managing director of ADP software company, said companies needed to restore investor confidence. 'It will certainly have an impact in terms of damage control,' Sagar said. 'Some investors have expressed concern. We have been telling them these are stray incidents but for someone who has never traveled outside of the U.S., it certainly causes them concern.' "

And Kiran Karnik, the head of the heavyweight IT industry lobbying association NASSCOM, said it's time for public officials in Hyderabad to take decisive action in strengthening security, the Reuters story says: "It is the second such incident in a short period," [Karnik] said. "Although these incidents target the general public, the industry will also have to be aware of any security threat."

CIOs are keenly aware that outsourcing of any kind entails clear risks, including traditional issues such as privacy, quality, deadlines, and various SLAs. In today's new global economy -- which brings with it extensive benefits but also new types of risks typified by these developments in Hyderabad -- CIOs will need to expand the risk-evaluation analyses they undertake before signing on with new or even existing outsourcers. Because, as Infotech's Reddy told Reuters, "The government is acting but if the frequency (of bomb attacks) increases, it will be trouble."