Information security has become an integral part of the IT budget of every company. Gartner has estimated that the information security market will grow in the years to come as the criticality of cyber security is accepted;
Global spending on cyber security is expected to reach US$ 86 billion during the calendar year 2016 from US$ 60 billion during the calendar year 2013
Every organization needs cyber security. The Ministry of Information Technology has projected demand for 5.00 lakh cyber security specialists. The requirement will be spread across sectors from financial to oil & gas, airlines, governments (for law & order), telecommunication companies, utilities, etc.
Options after graduation
To pursue a career in cyber security, the candidate should be a graduate in any discipline but software engineers would have a definite advantage because of their academic background and work experience. Excellent knowledge of the operations of computer networks and the psychology of hackers are the key to a successful career in cyber security.
Graduates with a degree in computer science or computer engineering could study for M.Sc / M.Tech. (Information Security), M.Sc.(Cyber Forensics and Information Security), M.Tech.(Cyber Security and Information Security). Admission to the Masters courses is on the basis of performance in the Graduate Aptitude Test for Engineers (GATE) or the in-house examination that is conducted by the institute conducting the course.
Graduates in computer science or computer engineering are also eligible to study for a Post Graduate Diploma in Information Security and Systems Administration.
The options are company specific Certificate Courses such as Cisco Certified Security Professional (CCSP), CISCO Certified Network Associate (CCNA), Microsoft Certified IT Professional (MCITP) and Microsoft Certified Systems Engineer (MCSE). Generic Certificate Courses are also available such as Certified Information System Auditor (CISA), Certified Information Security Management (CISM), and Certified Information Systems Security Professionals (CISSP). Internationally recognised certifications such as Certified Ethical Hacker (EC-Council) and GIAC Penetration Tester (GPEN), a Certification from Global Information Assurance Certification (GIAC) are among the best recognised penetration testing certifications for making a career in cyber security.
i.Indian Institute of Technology (IIT), Guwahati
ii.Indian Institute of Information Technology (IIIT), Allahabad;
iii.National Institute of Technology, Kozhikode and Rourkela;
iv.Jawaharlal Nehru Technological University, Hyderabad;
v.International Institute of Information Technology, Hyderabad;
vi.Institute of Information Security, Mumbai / Chandigarh;
vii.Amrita School of Engineering, Coimbatore;
viii.SRM University, Chennai;
ix.National Institute of Electronics and Information Security, Kozhikode;
x.Indian School of Ethical Hacking, Kolkata;
xi.University of Madras, Chennai;
xii.School of Vocational Education and Training, Indira Gandhi National Open University (IGNOU);;
xiii.Indian Institute of Information Technology, Ahmedabad;
xiv.Ethical Hacking Training Institute, New Delhi;
xv.Institute of Management Technology (IMT), Ghaziabad;
xvi.Ankit Fadia Training Centre, New Delhi, etc.;
xvii.Tech Defence, Ahmedabad / New Delhi.
xviii.Ambedkar Institute of Technology, New Delhi
The course content would include exploitation fundamentals, moving files with exploits, enumerating users, initial target scanning, general web application probing, password attacks, attacking password hashes, vulnerability scanning, scanning for targets, web application attacks, wireless fundamentals, wireless crypto and client attacks, etc. The courses would cover computer basics, data and evidence recovery, cyber forensics basics, cyber forensics investigations, cyber security, and cyber laws and cyber crimes.
A career in cyber security calls for comprehensive knowledge of computer systems and the ability to identify vulnerable areas in the programs and build defensive systems. The cyber security specialist has to act proactively to prevent breaches of security and not react and do damage limitation when the system defenses have been exposed. Building firewalls, introducing, implementing and monitoring security protocol, security auditing to assess a system’s readiness to withstand virus and hacking attacks, and data encryption are all part and parcel of the work dimensions of a cyber security specialist. The work of a cyber security career builder will be entirely office oriented.
i.Creativity and resourcefulness (15%);
ii.Comprehensive knowledge of computer systems and networks (35%);
iii.Keen observation, eye for detail and problem solving skills (20%);
iv.Analytical thinking and logical approach (15%);
v.Dedication, self-motivation, initiative and integrity (15%)
The field is relatively new and the scope for building a successful career is bright. Employment opportunities are available in the public sector and the private sector. In the public sector, job opportunities are available in the defence, forensic laboratories, law enforcement agencies, the Central Bureau of Investigation (CBI), government departments, etc. In the private sector, openings are available with financial companies, hospitals, telecom sector, airlines, IT companies, consulting companies, etc.
The compensation package for cyber security professionals is usually fairly handsome. It ranges from Rs.25,000/- per month to Rs.45,000/- per month. With expertise and highly regarded certifications, the pay packet could rise to Rs.1.00 lakh per month.
Pluses and minuses
Job security simply because there is such a dearth of cyber security professionals that replacement is difficult;
Starting salary is higher than in related computer fields with the exception of cloud computer specialists;
Career growth may be faster than in comparable careers
Cyber security specialists may also be expected to perform routine computer administration work;
Expected funding may not be available;
Enormous stress because any virus attack or hacker infiltration could cause losses for which they may be held accountable