The growth and intensification of e-commerce traffic over the worldwide web (aka the internet) has multiplied opportunities for cyber terrorists. Enter the cyber security professional
With cyberspace payment gateways multiplying, e-payments, credit cards circulation and the country’s internet user base expanding, e-commerce is fast becoming a way of life for government, corporates and middle class India. However the growth and intensification of e-commerce traffic over the worldwide web (aka the internet) has also multiplied opportunities for cyber fraudsters and terrorists to hack into citizens’ accounts and play havoc with their finances and businesses. Cyber criminals or hackers strike through virus attacks which may erase an entire system or by stealing financial information from secure systems or breaking into systems to modify files without owners’ knowledge.
Therefore unsurprisingly, there’s galloping corporate and public demand for IT (information technology) security professionals (aka ethical hackers) who can counter the machinations of the growing community of cyber crooks and criminals and check-mate them. The job profile of a cyber security professional includes permitted ethical hacking into a company’s network to identify security loopholes; designing security systems for business and other organisations; 24×7 remote management of security systems and firewalls; security auditing; cyber forensics (clinical investigation of computer crimes) and training company personnel to safeguard its e-commerce activities.
The ideal qualifications for a career in cyber security are a degree in engineering or computer science topped up by specialised diploma courses in cyber security. Certification programmes such as CISA (Certified Information System Auditor), CISM (Certified Information Security Management) and CISSP (Certified Information Systems Security Professionals) are very useful to kick-start a career in cyber security. Other vendor specific certifications such as CCSP (Cisco Certified Security Professional) and MCSE (Microsoft Certified Systems Engineer) are also useful. Most of these courses are of 12 months duration.
Among the reputed institutes offering postgrad cyber security diploma programmes are IMT, Ghaziabad (www.imt.edu); Tilak Maharashtra University, Pune (18 months); and Manipal Institute of Technology (distance education programme). Network Intelligence India also offers several training programmes which are good for an introduction to cyber security, and the Sedulity Group, Delhi (www.sedulitygroups.com/elearn/ethicalhacking.php) conducts work-shops on ethical hacking.
With institutional and corporate demand for cyber security professionals rising 200 percent per year, this is a big-bucks career option. Freshers start at Rs.3.5 lakh per year and after acquiring two-three years hands-on experience, annual remuneration packages could swell to Rs.12-15 lakh, with the sky being the limit for competent self-employed professionals.
“In the near future, almost all businesses will take to e-commerce in incrementally expanding modes. With cyber security awareness among Indian companies being very low currently, and cyber security regulations coming into force, the demand for well-qualified and trained information security professionals will skyrocket. According to NASSCOM, cyber security will be a major job creator within the IT sector with the annual demand rising to over 100,000 information security professionals by 2012, against current supply of 35,000-45,000 trained professionals per year,” says 20-something whiz kid Yash Kadakia, chief technology officer of Security Brigade Infosec Pvt. Ltd, a cyber security firm founded by him in 2006 (annual revenue: Rs.1.5 crore).
Kadakia’s interface with the worldwide web started way back in 1995 when he was merely eight years of age. He started by playing computer games and rapidly proceeded to design websites thanks to tutorials and resources he found on the internet. At age 15 while he was still a schoolboy, Kadakia registered a company called Deadbolt Technologies, which provided software development services, developed websites and managed them for clients. This start-up was shut down after he co-founded Security Brigade in 2006 with teenage friend Vineet Kumar, while he was a B.Sc (IT) undergrad at Vidyalankar College, Mumbai from where he graduated in 2010.
Currently, Security Brigade provides a host of services such as testing the vulnerability of a company’s web applications, networking computers and data-bases, and ethical hacking of companies’ websites and e-commerce operations to make them secure. “My roster of clients includes HDFC, Infosys, Tata Steel and multi-nationals such as Microsoft and the anti-virus firm Symantec,” says Kadakia, who is also a board member of the National Anti-Hacking Group, comprising 4,000 volunteers with a core group of 50 ethical hackers which conducts cyber security seminars and awareness campaigns countrywide.
According to Kadakia, currently over 50 companies in India are certified by government to engage in cyber security work. Banks, credit card, telecom and insurance companies constitute the main clientele. “As awareness grows, a growing number of companies will understand the need for cyber security. Moreover with the Cybersecurity Bill on the anvil, the growth in this field will be phenomenal,” he predicts.
Indra Gidwani (Mumbai)