Recent news reports on a spate of ATM and electronic transfer-related frauds have left many wondering about the safety of online transactions. Malicious actors seem to be finding ever more breaches to exploit. When all talk is of complete digitisation, such loopholes as well as the lack of appropriate online security can be a hindrance. No digital technology is foolproof, therefore, there is an urgent need for cybersecurity.
“Multinational companies and micro small and medium enterprises will require people who understand cybersecurity,” says Abhishek Mitra, CEO & co-founder of Indian Cyber Security Solutions (ICSS), a Calcutta-based company.
“They will need a cybersecurity team to secure the database, applications, website and network so that nobody can get in and steal financial data or manipulate data critical to the organisation,” adds the certified ethical hacker who has been working closely with the Bidhan Nagar and Calcutta Police to fight cybercrime for the last four years.
Mitra says the need of the hour is people who can find weaknesses in websites so that these can be corrected — in other words, ethical hackers. Organisations should start bug bounty programmes that reward those who can find vulnerabilities in a website. Apple, for example, has offered $1 million to anyone who can hack an iPhone. “One of our students found a vulnerability in Myntra. The CEO gave him $500 instantly for it. He was then recruited by another company with a package of Rs 9 lakh per annum,” adds Mitra.
“At the rate cybercrime is increasing, cybersecurity should be a prime consideration for a career,” says Rohit Chouhan. “I think ethical hacking not only protects against cybercrime but also builds a security wall and diagnoses possible major threats in the future,” say the 25-year-old who recently attended a cybersecurity workshop by ICSS.
“Today, cybercrime includes a gamut of things — from state-sponsored attacks to regular phishing, ransomware and other social engineering-lead attacks. Cyber attacks are increasing in volume and sophistication, affecting an ever-greater number of people and institutions. Through artificial intelligence (AI), the Internet of Things (IoT) and other new technologies, the threat surface and vulnerability are growing. Cybersecurity specialists will continue to be in high demand. A skills gap and lack of diverse and qualified personnel is the key bottleneck to the growth of the cybersecurity industry,” says Sandip Kumar Panda, founder & CEO, InstaSafe, a cybersecurity technology provider.
To join this industry, you need a BTech
in computer science or information technology or a bachelor’s or master’s degree in computer application. You also need to know the programming language Python.
There are a variety of job roles for cyber security experts. Here are a few main ones.
Security Architect
Tasked with designing, building and implementing network and computer security for an organisation. Is responsible for creating complex security structures and ensuring that they function properly. He or she has to design security systems to combat malware, hacker intrusions and DDoS (denial of service) attacks.
Security Consultant
Assesses cybersecurity risks, problems and solutions for different organisations and guides them in protecting and securing their physical capital and data.
Ethical Hacker
Looks for weaknesses in IT systems, networks and applications. Uses a series of tools to simulate real-life cyber attacks, identifies weak spots and helps organisations improve their security posture.
“Currently, a lot of transactions are done online so there is a need to prevent data breaches. I am pursuing BTech in computer science and I am interested in website hacking. There are ample opportunities in this industry and students have no problem finding jobs,” says Avinash Kumar Ranjan.
Chief Information Security Officer
Builds security teams and oversees all initiatives concerning an organisation’s security. Creates strategic plans for deploying information security technologies and improving existing programmes.
Also spearheads IT security investigations and provides recommended courses of action in the event of a breach.
Cyber Hygiene
Malicious links
DON’T click on random forwarded links without checking the URL. This could compromise your smartphone
Note: Paste a link on Google to see if it is original. Many of the links for big discounts from reputed brands are actually cloned websites.
Bogus discount mails
IGNORE forwarded messages or mails that ask you to log on to your Facebook or gmail account to avail big discounts on products
Note: Actual discounts from actual e-commerce platforms will always provide their own log in and not ask you to sign in from another social media account. Fake ones may redirect you to the e-commerce site but since you have logged in with your FB or gmail account and provided your password, you may fall victim to phishing.
.gov links
DON’T click on links asking you to verify tax returns or government registrations, not even if there is a .gov in the web address
Note: You may be directed to an original page but when you fill in the details, hackers could use apps on your phone that have camera and audio permission to get important data. Clicking on these from your phone will compromise it.
Trojan apps
WHEN we install an app, it may sometimes happen that we unknowingly download a remote access Trojan (RAT).
Note: This may give hackers access to your data and apps on your phone. Download the OS monitor app. It will show you which applications are seeking unnecessary permission as well as the data traffic on your device.