Need to Expand Cyber Security Education for Creating Cyber Workforce

“I dream of a Digital India where cyber security becomes an integral part of our National Security –Narendra Modi”

These words of Honourable Prime Minister of India echoed the need of expanding cyber security to build a secure and better tomorrow. Across nations, people are coming closer, the exchange of information is normalizing, and this demands a huge responsibility of developing an advanced cyber workforce who can be the leading lights in this field.

We have come so far in terms of being a Digital India and have been witnessing the major moves taken by our Prime Minister Narendra Modi, from surgical strike to demonetization. A lot of Nation’s confidential information is travelling through cyber networks thus the cyber security has become the key concern to the government agencies.

Demonetization will be marked as a significant contribution in making Digital India. Growing emphasis has been on the use of cashless transactions and avoiding paper currency can make things easier; however, demanding a higher cyber security regime.

This flow becomes a gold mine for hackers because “Digital India” intends to place sensitive personal information over the cyber networks. A situation has come when there is a need of cyber security professionals at the entry level and mid-level to safeguard our intelligent systems from outside hackers or anti-national activities.

We need to see where we stand when it comes to cyber security in India as we cannot overlook the growing cyber world and its impact on our physical security. Overall, India is looking forward to establishing a highly skilled workforce and catering cyber security at different levels while placing blocks for not letting the ethical hackers attack digital systems.

Cyber security and physical security in any country must function in correlation to avoid a fatal damage. Cyber Security education is the need of the hour to join those missing dots in our physical security systems. The growing number of hackers inside or outside the nation is making it more difficult for a developing nation like ours to deal with adverse cyber security issues. Hence, a practical approach in implementing technology solutions and constant efforts need to be put in improving cyber security law enforcement and cyber security education in India.

Are you cyber smart?

Are you a Management Professional, an Investment Banker, an Engineer, a Doctor or a Lawyer or may be the one who is still coaxed to pursue your profession in one of these departments.


Sunder Pichai (CEO GOOGLE) quotes that India will be a global player in the digital economy. Recently Indian government has warned all the organizations to be secure from the recent ransomware ‘Locky’ which has sent more than 23 Million messages in the form of an email that contains subjects like “Please Print”, “Documents”, “Photos”, “Images”, “Scans” and “Pictures”. The said ransomware has demanded half a Bitcoin equivalent to 1.5 lakh for the repair. Here how can we forget “wannacry” and “Petya” which has created havoc all over the world affecting 150 countries damaging 2,00,000 computers.

Forbes in their May 2017 edition says that People are the weakest link in the security chain when it comes to Cyber Security. Besides creating awareness and bridge the skills gap, it is more important to realm the fact that there has to be a change in behavioral activities and this issue needs to be addressed on the priority. 2017 Internet Cyber Security Threat report of Symantec revealed that India if 5th most vulnerable country in terms of cyber security breaches after US, UK, Canada and Australia.

The problem is; though the cyber security risks are ‘pretty high’ yet the number of skilled professionals in this field is ‘woefully low’. 2013 National Cyber Security Policy had raised the need of 5, 00,000 cyber skilled professionals. However states that India only had 60,000 cyber security professionals in 2017. Ministry of law and Justice of India Ravi Shankar Prasad in his recent statement said , “Every digitally connected industry must have cyber security officers who must be able to tell you what precautions you must take in an industry and business to keep cyber criminals at bay that is what we are insisting.”

In the wake of choosing a career rather a safeguard you would be amazed to know that India’s digital economy is worth $500 million and there is a huge gap that needs to be bridged. It would not be wrong to say that “it’s raining jobs for cyber security professionals” and it is the NEXT BIG THING.

So step out, gain knowledge and be a CYBER SMART because it is you what the country demands.

5 cyber security Myths that you need to forget

MYTH#1: I cannot be the target to criminals, only rich people and big organizations are.

FACT: Many individuals and SME (small and medium enterprises) think that cyber criminals only attack rich/important or bigger organizations but the reality is bitter. Cyber criminals always keep adding to woes by catching any lucrative information. India was the third worst-hit country in the recent WannaCry ransomware attacks. More than 40,000 computers were affected, but no major corporate or bank reported any disruption to their activities, raising doubts whether they are disclosing attacks at all.

MYTH#2: Cyber Security! An IT issue.

FACT: There is no doubt that cyber security is an Information Technology job but 2016 edition of Forbes states that; PEOPLE ARE OFTEN THE WEAKEST LINK IN THE SECURITY CHAIN. Though people and organizations are spending billions of dollars to protect themselves from the battle of cyber security yet safety starts from you.

MYTH#3: I do not have important data in my PC therefore I cannot be a victim.

FACT: Cyber attackers not only look for the important data on the system but also trace all the online activities of an individual. The more we do and share online, the more we are vulnerable to cyber-attacks. It was reported in 2016 1 in 10 adults is the victim of fraud or online offences.

MYTH#4: I only access safe locations and open e-mails from known sources, therefore I am safe.

FACT: This myth is a hoax among individuals, irrespective of the fact that phishing is the most common type of breach in the world. You would be surprised to know that 46,000 new phishing sites are created each day.

MYTH#5: My passwords are enough to protect me.

FACT: Along with passwords you need to have extra layer of security to keep your data and yourself safe. Deloitte, one of the big four’s and a leading source of cyber-security advice for corporates, has had it email server hacked using legit credentials, client details revealed, attackers on system for months and no 2FA.

The need of cyber education in schools

Education is the most powerful weapon which you can use to change the world – Nelson Mandela

Gone are the days when schools were only limited to chalks and dusters and the study time was fixed to 5-6 hours a day. 21st century has not only changed the teaching and learning standards but has brought in a lot of technological challenges. UNICEF report shows how cyber offences against children in India are spreading and diversifying as new methods are used to harass, abuse and exploit children. In the wake of technology evolving at a much faster pace and social media being always a buzz among teenagers, it has become very important to introduce Cyber Education at every level.

The kids of today’s era are born in a digital age where pizzas are being delivered by drone and cars have become driverless. Knowingly or unknowingly there is a lot of personal information being shared online by kids without knowing its effects. Therefore, it is very important that cyber Education is made part of School curriculum.

Cyber Education from the student’s perspective is teaching students of how to keep themselves safe in their digital world. It is like teaching the same things as they do in real world – do not talk to strangers, do not share your personal identifiable information in the DIGITAL world. Over the past few year the cyber-crimes against children has seen a meteoric rate and blue whale challenge was one of the examples. India has one of the world’s highest rate of teen suicide rates according to WHO*. Telenor survey 2016 states ‘Indian urban children spends 4 hours daily on the internet’.

The current attacks and incidents show countries all over the world have realized the need of cyber education. Cyber education needs to be penetrated across various stakeholders and majorly in schools. Suffice is to say that “Cyber education” needs to be introduced in schools at all levels.

National Cyber Security Awareness Month (October)

October is National Cyber Security Awareness Month, which is a yearly event to bring issues to light about the significance of cyber security. National Cyber Security Awareness Month (NCSAM) is intended to draw in and instruct open and private division accomplices through events and activities to bring issues to light about the significance of cyber security. Themes for 2017 are:

Week 1: October 2-6 – Basic Steps to Online Safety.

Week 1 will address the best customer cyber security concerns, give basic action to secure against these problems, and help society to comprehend what to do if they suffer from cybercrime.

Week 2: October 9-13 – Cyber security in the Workplace is everyone’s Business

Week 2 will feature how associations can ensure against the most widely recognized cyber threats. The will also put focus on the organizations to reinforce their cyber strength.

Week 3: October 16-20 – The present Predictions for Tomorrow’s Internet

Smart cities to Smart cars have turned into another reality. Week 3 will put focus on delicate, personal data, which is the fuel that influences smart gadgets to work.

Week 4: October 23-27 – The Internet Wants YOU: Consider a Career in Cyber security

Week 4 will support students and other occupation searchers to get involved in cyber security careers. People like guardians, instructors, counselors and state authorities – will be educated about this developing field and how to engage youth in seeking a career in cyber security.

Week 5: October 30-31 – Shielding Critical Infrastructure from Cyber Threats

Week 5 will focus on cyber security effects on running water, traffic lights, and other basic infrastructure secure. Furthermore, it encourages the c to November’s Critical Infrastructure Security and Resilience Month (CISR).

No one is solely responsible for securing the internet. If each of us– implement stronger security practices, community awareness, educating youngsters – together we will be a computerized society more secure and resistant from assaults.

Cyber Security Expert as a Career for Job Aspirant

With the changing time, the demand for skilled or potential candidature has grown in the gamut of cyber security, majorly in India. The concept of “Digital India” has gained popularity among youth; this was the prime reason behind people taking up cyber security expert as a first career choice. However, before diving into the huge ocean of cyber security, one must know about the career opportunities in cyber security.

Cyber Security in India

It’s defined as security walls or practices to secure any exchange of data or information through digital medium. Safe guarding the confidential information from hackers or people with malicious intensions can be considered cyber security.

Lately, demonetization in India affects the extensive growth of career alternatives in Cyber Security. This sector has shown a fastest growth after demonetization. According to a report revealed by Forbes, 1 million cyber security job openings hit the market with expected growth of $170 billion by 2020. So, if you are an aspiring cyber security professional then you should be happy about such numbers

Let us tell you how to embark a successful journey of your career in Cyber Security expert starting from scratch. The good news is that you don’t need to follow a strict qualification or guidelines to be a professional in this field.

  • Candidate must be a science graduate or should have a software application degree
  • Hands-on knowledge of computer networks is preferred

Cyber Security Degrees and Career Opportunities

To become expert, you must check on your interest level in different options available, for instance, you can be a Security Analyst or a Security Architect based on your qualification and interest. Security Software Developer, Security Administrator, Cryptographer, Security Engineer, Cryptanalyst are among the popular career opportunities in Cyber Security. If you’re good enough and highly dedicated then you will be hired by some of the best departments like Central Bureau of Investigation, Defense, and Department of Transportation, Scientific research laboratories, security consulting firms and IT-Security department. The common goal is to defend the nation through the development and utilization of cutting-edge technologies to probe the system and safeguard the exchange of data from cyber-hackers.

Future of Cyber Security-

As world is coming together, there is a dire need for more secure and reliable digital communication systems. To make connectivity more secure, to save our systems from hackers, the industry needs passionate cyber security professionals who can contribute to make Digital India a growing India. If you’re now thinking to choose it as a career, then you’re on the right path.

Conclusion – A beam of growth

The endless opportunities in this field and constantly growing sector have made Career in Cyber Security popular among young generation or aspiring IT professionals.

5 Best Ways to Ensure Endpoint Security from Cyber Threats

The 2017 state of cybersecurity metrics annual report says that 58% of survey respondents scored a failing grade in measuring the effectiveness of their cybersecurity investment and performance. Also, 4 out of 5 companies worldwide were not fully satisfied with their cybersecurity metrics. It added that 1 in 3 companies invested in cybersecurity, but had no idea how to measure its value.

These results raise concerns while indicating that cybersecurity should be taken seriously. Companies are adopting cybersecurity measures sans ensuring protection of sensitive data and its recovery from a serious breach. Blind decision-making related to cyber security by a number of organizations is leading to investments without gauging the impact on their cybersecurity posture.

From Standard Cybersecurity Measures to Endpoint Security

Even the excellent cybersecurity measures may have some loopholes that allow cyber threats to enter your corporate IT network. Endpoint security ensures protection from these threats. It is a centralized approach that protects the network by monitoring endpoints such as servers, smartphones, laptops, desktops, and other IoT devices.

Endpoint security goes beyond what enterprise network security focused at. Therefore, with the increase in mobile threats and practices like BYOD (Bring Your Own Device), the need for successful endpoint security approach has also risen.

Under this approach, endpoint devices must meet certain security standards before they could access a network. This allows enterprises to have better control over all the entry points, thereby blocking any malicious attempts and eliminating any threats. Endpoint security comprises protection of everything from IT infrastructure to customer data and identity.

Various features that differentiate endpoint security from other security measures such as an anti-virus software are:

  • Data loss prevention
  • Application whitelisting
  • Data classification
  • Network access control
  • Endpoint and email encryption
  • Endpoint detection and response
  • Insider threat protection

Below are the 5 best ways to ensure high endpoint security:

1) Cyber awareness campaign – Run effective cyber security awareness campaign in your organization, and convert the fear of cyber-attacks into concrete actions. Let’s be realistic. One of the biggest threats to your corporate network is your employees. Insiders, including your employees and partners, cause over 50% of all data breaches, says IBM’s 2015 Cyber Security Intelligence Index.

2) Use encryption for all data – If you haven’t yet, ensure that all your enterprise data is protected with encryption. If not all, you may want to encrypt certain documents that are way too sensitive to prevent data loss, especially when these are transported from one place to another.

3) Invest in robust cybersecurity technology – Invest heavily in robust cybersecurity technology.

Top-notch technologies become an inevitable part of your organization when your network is growing and your enterprise data is at increasing risk of violation. A centrally managed integrated technology solution that delivers security for the entire network, including all endpoints, could be a great choice in this case.

4) MDM (Mobile Device Management) for multiple mobile devices – MDM (Mobile Device Management) and EMM (Enterprise Mobility Management) are counted among the most dedicated solutions when it comes to meeting the organization’s mobile needs. For MDM & EMM security,

experts require innovative security measures, such as penetration testing, managing third party app, and effective validation of devices, which could arm the mobile devices from security threats.

5) Consider multiple needs of multiple users – The larger the size of an organization, the diverse the types of users to handle. Take into consideration the different needs of different users to have maximum security in place. Two people at two different positions may need different software, for which you may ensure special firewall exceptions. Limit the usage of social networks at workplace to avoid further risks of data loss or damage.


Cybersecurity is a multi-faceted terminology, which is not easily navigable due to new threats emerging with each passing day. Many companies rely on employee education and latest technologies along with cyber awareness programs to ensure security from these threats. Nevertheless, to make sure that you don’t miss out on any threat when protecting your data, continue with your organization’s self-testing and be cyber ready!

General Data Protection Regulation

Regulation is the innovation

Any data protection law is mostly drafted with a certain amount of jargon and the General Data Protection Regulation (GDPR) is no different. Many of us can hear the clock tick as the European Union is set to implement a set of data protection regulations designed to protect

European citizens’ personal data. This regulation will affect anyone and everyone who will deal with EU citizens’ personal data, meaning that, yes, even if you are a non-EU-based company you will still need to comply.

Arguably the GDPR appears to be one of the biggest changes to the regulatory landscape of data privacy, the strength of which only time will be able to tell. As of now, the GDPR is set to be implemented in coming May 2018.

So, what has changed?

  • Consent from a client for the processing of their personal data now should be done in an unambiguous manner, through a statement or a clear affirmative action.
  • Reporting of a data breach to the Supervisory Authority must be done within 72 hours after becoming aware of a personal data breach.
  • Data portability of one’s personal data from one electronic processing system to and into another, will not be prevented by the data controller.
  • Data Protection Officers (DPOs) must be appointed in the case of public authorities or organizations that engage in large scale systematic monitoring and processing of sensitive personal data.
  • An administrative fine of up to 10 million EURO or 2% of the annual global turnover (whichever is higher) can be charged for non-compliance with the obligations of a data controller or a data processor.
  • Parental consent will be required to process the personal data of children under the age of 16.
  • Privacy by design and default should be considered adequate to meet the principles of data protection.
  • A Right to be forgotten may be obtained from the controller without undue delay and the controller shall have the obligation to erase the said personal data.

Rules of the game will be applicable to you if:

  • You process personal data of subjects residing in the EU.
  • You monitor behavior of EU residents.
  • You have an ‘establishment’ in the EU.
  • You sell goods or services to users over the internet including to the users in the EU.

How do you begin?

  • Revisit the design of your processing operations, such that by default; personal data are only processed where necessary.
  • Deploy regular checks on your data management system wherein third party suppliers have access to personal data.
  • Conduct periodic privacy impact assessments.

What can the academy do for you?

  • Conduct a six-week sprint to assess readiness of your data & define a remediation program in line with your risk appetite.
  • Create organization wide awareness thereby helping relevant stakeholders to integrate GDPR solutions into their operational environments.
  • Streamline your breach notification plan there by strengthening and unifying the safety and security of relevant data.
  • Design and implement a sustainable privacy and data protection in accordance with ISO 27001.

A thought paper by Quick Heal Academy

SPPU launches M Tech in information security

Pune: The Department of Technology of Savitribai Phule Pune University (SPPU) on Friday launched a Masters in Technology (M Tech) course in information security.

The Vice Chancellor of SPPU, WN Gade, launched this course that will be conducted in collaboration with city-based Quick Heal Academy.

Gade said, “Cyber security is currently a burning issue. The government’s method of working has changed now and with Digital India, cyber security has gained importance. The human resource for that is not adequate. We have launched the course considering the industry needs.”

SPPU will accept application forms for admissions till January 1, 2017 and the entrance exam will be held on January 7. The entrance exam syllabus is same as GATE syllabus, but GATE score will not be considered. The course is open for students as well as working professionals.

Kailash Katkar, CEO and Founder, Quick Heal Academy, said, “The way every thing is going digital, cyber crime is also growing. But, we have very less people who understand reverse engineering and find a solution to viruses that are made daily. The course is developed so that education can generate candidates with that skill.”

A separate lab has been made at SPPU for this course. The construction work of the lab is going on and will be ready before January. “In the first phase, we have spent around Rs 20 lakh on the lab,” said Aditya Abhyankar, Head, Department of Technology, SPPU. “With demonetisation and more and more online payments, the scope of cyber security has become very wide,” he added.

Read More On Following Link-

Quick Heal acquires Junco Technologies, launches cyber security arm

PUNE: Quick Heal Technologies has acquired Junco Technologies, at IT security firm and will be launching a new line of business, Seqrite Services to be headed by Junco founder Rohit Srivastwa. Seqrite Services will operate as a division of Seqrite, the enteprise business of Quick Heal and will offer cyber security consulting services. The company also announced the launch of the Quick Heal Academy which will work in conjunction with universities, law enforcement agencies, and educational institutions to offer training in cyber security.

Junco Technologies was incubated by the Science & Technology Park, Department of Science &Technology, Government of India. Prior to that, Srivastwa was Director Technology ‘Common Wealth Games 2008 &2010’ held in Pune and New Delhi, overseeing the IT & Security operations.
Vishal Kumar, a cyber law specialist will manage the operations of Quick Heal Academy out of New Delhi.

NASSCOM reports that India has currently around 50,000 trained cyber security professionals, as of 2015. The desired strength should be at least one million by 2020, given the rise in digital threats. With the aid of these two services, Quick Heal aims to help businesses and organizations become more aware of cybersecurity threats, their landscape and learn how to effectively mitigate the associated risks, the company said in a release. The company is among the leading Indian providers of security software products and solutions.

Read More On Following Link-