Advertisment

Building cyber security roadmap

author-image
DQI Bureau
New Update

As technology becomes more complex the onslaught of cyber criminals is shooting up at an unparalleled rate. Though there are several form of cyber attacks, worldwide phishing attacks seem to gain ground at both enterprise and individual level. Around 181,600 phishing attacks were identified during the first half of 2013. In order to build our firewall and push away our enemies professional cyber security experts are needed. As Sarv Saravanan, SVP and GM, EMC APJ Centers of Excellence said, "India probably has only 600 security professionals. Whereas China has around twenty-five thousand and USA has nineteen thousand". And here comes the role of EMC Defender's League. The goal of Defender's league is to narrow this gap, to dismiss, to deliberate by bringing professionals, stakeholders and investors together and raise the awareness.

Advertisment

RSA, the security wing of EMC which helps enterprises to curb and fight cyber criminals, organized Defender's League to bring out future cyber security professionals. It is meant to test and reward the professional adept in IT security. The final event event held on December 4, 2013 saw thirty finalists, both from professional and educational background contesting hard to prove their mettle. Around forty thousand applicants registered for the contest, out of which thirty got selected for the final event. It was an online contest where contestants had to face challenges. The challenges took place in several rounds until the panel selected 30 finalists for the final round of the contest.

In the final event they attacked each other and defended their own services. The idea is to attack others' services. They got points for defending their services and keeping it alive. And also points for putting down others' service. Services are generally OS which needs web service, ftps to keep it running. These essential services are part of the operating system itself which must be kept alive in order for it to run. The finalists defended standard services like FTP, and HTTP. According to Guruprasad, associate manager, EMC RSA, and supervisor of the event, said, " They were given a virtual image which has got an OS and which has got all the weaknesses of an application. They need to install it and then run it on their system. The scoreboard will look at services whether they are up or not. So they have to try and pull others' service down and get points. At the same time keeping their firewall alive will earn them points."

The challenge continued for four long hours which emanated a lot enthusiasm from the contestants. Albert Sunny, one of the contested was excited about the challenge he had to face in the contest. "This was my first time and I have got a hang of it. I am still a student and I think I will be nurturing seriously in the future", said Albert Sunny. For him such platforms would surely help a lot of experts in the crowd to showcase their talent and be an agent in shaping cyber security professionals for India. The winner of the challenge was Chaithu R K, an IT professional. "This is the first competition that I ever won in my life. And I intent to become an expert on it", said an ecstatic Chaithu R K. The winner was awarded a sum of rupees five lakh at the end of the day.

Advertisment

The event also saw experts in the field giving their seasoned views about the state, nature and future of IT security in India and across the world. Cyber terror can come in different forms. Hacking, malware, phishing. Malwares are malicious software disruptive in nature to destroy computer operations. It can appear in the form of code, scripts, active content or other software.

Phishing again is careless and malcious. It is like net spread across to catch targets. According to Dinesh Pillai, CEO, Mahindra SSG, "The threat comes from the new paradigm of risk. The evolving IT world throws firewall hadware." According to him, "Approach should be hollistic. It should come from three sections. Firstly, financial and operational. Secondly, Governance, where stringent laws should be drafted and implemented." But laws are too complicated right now. So simplification is required for sound understanding. Subhash Subhramanium,CISO, ICICI Bank also opinionated the same views.

Cyber attacks have proliferated in recent times and is mushrooming in every corner. From big organizations to small startups cyber criminals are targeting everyone. This is just because of the sheer connectivity and the herculean amount of datas that we create everyday. The connectivity makes it easier for hackers to reach an individual or company and thereby making them easy targets in the game. Vincent Goh, VP, APJ, RSA believes, "BYODs is gaining a lot of popularity. I call it ‘Bring Your Own Disaster'. Because it just facilitates cyber criminals, or let's just say equips them with a tool to launch their attack." The target is increasing each day. He thinks that earlier we used to have one system for our every purpose but now the sheer number of IT devices used by individuals or a group is increasing the target landscape for hackers. He thinks the solution lies in changing us to defend from cyber onslaught.

Advertisment