Technology has simplified modern-day life. A click of a button ensures that our weekly groceries reach us by the time we finish a long day at work. You are one Skype call away from your long distance friend who can brighten up your day. And who can forget food – one swipe and your favourite food is delivered at your footsteps. Sounds like a day well-spent, right? Of course it is, till you realise that all these ‘privileges’ are also available to a hacker, who will not think twice before swindling your savings.
Growing demand for cybersecurity professionals
Dr. Yogesh Kumar Bhatt, Vice-President – IT Education and Training, Manipal Global Education Services, set the stage for the event. Over 30 crore people in India have access to the internet while there is a growing dependence on mobile devices to access internet globally. Demonetization has further encouraged digital transactions and initiatives in India.
All these factors combined have led to an exponential rise in the exchange of personal data and currency transactions, thereby bolstering the need for cybersecurity in India, which now holds a central space.
Emphasizing the growing need of professionals in the field, Dr. Bhatt stated that by 2025 there will be a need of 1 million cybersecurity professionals globally.
Foreseeing the dearth of skilled cybersecurity professionals in a next few years, Manipal Global and Deakin University recently signed a Memorandum of Understanding (MOU) for launching a data science and cybersecurity Centre of Excellence, which aims at filling this skill gap by setting forth on a long journey to offer programs in cybersecurity space and solve industry problems simultaneously.
Cybersecurity – Need and impact
Matthew Warren, Professor of Cybersecurity at Deakin University in Australia took over the stage next. Professor Matthew defined cybersecurity as the ‘preservation of confidentiality, integrity and availability of information in the cyberspace.’
He also emphasised the need of cybersecurity in today’s digital world. He pointed out the differences and similarities between Indian and Australian cyberspace and highlighted how both the nations are working together in tackling this global issue.
Having been a security consultant for several Fortune 500 companies, Professor Warren shared his knowledge about the impact of cyber threats and leaks. He explained how cyber criminals and hackers may be choking a company’s data and knowledge centres for months without the firm having any clue about it. This makes it essential to have effective safety nets and risk management systems in place.
Components of cybersecurity
Professor Warren also explained how cybersecurity impacts everyone – right from multinationals to individuals. Cybersecurity components can be divided into:
- Data security
- Software security
- System security
- Human security
- Organisational security, and
- Societal security
While most of these components are technical, factors like human and societal security also have lasting repercussions on a company’s digital security. Accidental disclosure of information is a common issue threatening the leakage of confidential company data. So be careful the next time you are cheerfully talking about an eventful day at work on social media – your business competitors may be keeping a close watch on it.
Risk analysis is an important preventive step taken in keeping digital data secure. Talking more about this, Professor Warren explained the basic steps that help with risk analysis, which are:
- Asset identification and valuation
- Threat assessment
- Vulnerability analysis, and
- Safeguarding/Counter-measuring selection
Once the risk is analysed, the next step is to deep dive into the vulnerabilities, which include:
- Find vulnerabilities – Look for weaknesses in servers, Operating System and software.
- Highlight flaws – Ensure that systems are updated, look into patch management of malware and other systems with a threat to malware.
- Find security weaknesses in existing and planned systems – Take into consideration aspects like testing existing systems for susceptibility and cost-effectiveness.
Did you know 75% of reported cyber incidences against critical infrastructure are unintentional while 25% of them are malicious threats? The aim of cyber skill development is to develop human capital, which can in turn, come up with systems to help tackle all the above mentioned cybersecurity components effectively.
Cybersecurity breaches that shook the world
Professor further discussed some of the biggest cybersecurity breaches like the WikiLeaks and the recent hacking of the Democratic Party of USA data. He explained how these incidents shook the entire world, thereby establishing the global aftermaths of such an event.
Moving over to the solutions, Professor Warren suggested splitting the issue into smaller categories and addressing each concern. So it becomes essential for organizations to analyse the risks related to each component and develop an effective cybersecurity plan, which not only protects the existing data, but also offers precautionary measures to prevent threats.
The Board too has a vital role to play in safeguarding cybersecurity. In fact, the legal implication of the Board includes ensuring compliance of cybersecurity rules pertaining to the country in which they operate.
How IT professionals can help tackle the issue?
Lastly, Professor Warren highlighted the need for qualified cybersecurity professionals who are ready to take up these challenges plaguing the domain presently. Apart from being adept in technical, organisational and soft skills, these IT professionals should also be trained in areas like core skills, professional skills and leadership skills. Professor Warren concluded his workshop with an insightful question and answer round with the participants.
Vote of thanks!
Kumar B V, Consultant at Manipal ProLearn, thanked the guests – Professor Matthew Warren and Trevor Day, Executive Dean at Deakin University, Australia for taking out their time and sharing their knowledge. He also applauded the enthusiasm displayed by the participants at the event, who were handed over a certificate of participation at the end of the workshop.