Career in Cyber Security & Cyber Laws

Dr. Atul Bamrara

Information Technology (IT) industry not only plays a significant role in the development of Indian Economy but also in creating new dimensions for other sectors as well. By developing software and hardware applications, technocrats are taking to new heights of speed and accuracy. Our generations heavily depend on click of mouse and touchpad to sustain their lives in the present digital scenario. Business processes might not be thought of without having heavy technical infrastructure in the cut throat competitive market. Executive Information Systems and Decision Support Systems have wholly altered the decision making theories of earlier management with recently developed Business Intelligence and Artificial Intelligence tools. Nevertheless, the security of such Information Systems (IS) is crucial and it must be considered on top priority by any organizational management to secure its data and transactions from the criminal networks hosted from any part of the globe. Every technique, tool, method, or algorithm has certain loopholes which unscrupulous elements might catch and intrude into the networks and misutilize the information to accomplish their own drives. Symantec, a leading cyber security firm reported that digital security threats may come from new and unexpected sources. With every passing moment, the number of threats as well as threat landscape gets diversified resulting into new challenges to cyber security people. The attackers work harder to discover new avenues of attack and cover their tracks while doing so.     

SCOPE AND OPPORTUNI-TIES AS A CYBER CRIME INVESTIGATOR

The heavy reliability over internet, intranet and extranet has put a challenge before Government and Business Enterprises to make these channels of information secure and safe to gain the trust and confidence of their citizens or customers by designing and implementing highly sophisticated security barriers, which might be discovered through recruiting skilled professionals at each end. According to NASSCOM report, there will be demand of one million cyber security professionals in India by 2020. The various courses running in India with the help of different public and private Institutes/ Universities/ Colleges are designed for IT Security Professionals (Network & Systems Administrators), Police & Armed Forces Professionals, Law Enforcement Professionals (Law Students and on job Lawyers), Chartered Accountants, Company Secretaries, IT Auditors, Web Designers and Developers, E-Commerce Portal Developers, IT Users, Cyber Cops, Cyber Investigators, and Cyber Detectives. Innovations are happening at a rapid pace in technology and there is a mounting requirement of skilled professionals to deal with Cyber Crime matters.

 Security Specialist

Security Specialists protect information from theft, illegal duplication and unauthorized access. They deal with protection of information on computer networks, information systems, mobile devices, payment gateways and IoT devices. They analyze the occurrence of such threats and develop strategies to defend such attacks. They fight against cyber criminals, people who use the internet and various hacking methods to steal sensitive and private information from electronic devices.  

Security Engineer

Security engineers plan, implement, supervise and improve computer security systems to protect from unauthorized access. They must have the knowledge of environment associated to software and web development, computer hardware, data gathering tools, security standards/practices and computer networks. 

Security Administrator

A security administrator needs to have experience working with the physical security layer as well as recognize how to develop a security plan, synchronize with right personnel, execute security measures, and examine the IT environment for potential threats. They must have a strong knowledge of access control, intrusion detection, encryption methods, and data integrity. Other technical expertise includes incident response and virus protection. To ensure that a business is able to achieve compliance, administrators need to stay on top of budding standards so that data security plans may be accustomed.

Vulnerability Accessor

They pay attention to details to run tests and take care of everything that may indicate a potential security threat. They apply their analytical skills to assess systems and information to identify areas of vulnerability in the existing security systems. Communication skills play a pivotal role as vulnerability accessors have to communicate their findings to ensure that problems are properly prioritized for assessments.    

Cryptographer

Cryptographers help protect confidential information and are involved in encryption and decryption of information. They analyze and decipher encrypted data to assist law and other enforcement agencies in solving crime, threat, or security concerns. They also develop algorithms to secure information from attackers.     

Security Architect

A security architect is responsible for designing, building, testing and implementing cyber security mechanism within an enterprise. He is expected to have a thorough knowledge of technology and stay updated with latest security standards, authentication mechanisms, and security protocols. Being a senior team member, they are expected to cultivate a culture of security awareness and arranging a continuing education program for users to ensure the safety of organizational IT Network.  

Computer Forensic Scientist

Forensic Scientists are expected to work in sync with law enforcement agencies to retrieve the data and information from computer systems in case of damage. Due to their mastery in forensic techniques, they are well versed in fetching information from storage devices, networking equipments, servers etc. 

Ethical Hacker

Ethical hackers are also known as penetration testers. They try to break into possible exploits in different information systems and software. Their main responsibilities include conducting formal tests on web based applications, information systems and other interconnected devices on a regular basis. They are also expected to work on the security of servers, firewalls, databases, computer systems and networks. 

Source Code Auditor

A software code audit is a detailed analysis of source code and the main idea is to discover bugs and vulnerability loopholes from programming point of view.  A source code auditor must have sound knowledge of Programming Languages like C, C++, Java, and other higher level languages. He is responsible for recommending a list of actions to legal and development teams to resolve the existing as well as expected errors.  

RESPONSIBILITIES AND REQUIRED SKILLS

Government as well as Private Enterprises recruits a variety of IT professionals to manage IT resources over the enterprise.  Depending on the internal policies of recruitment and positions might vary within Chief Security Officer (CSO), Chief Information Security Officer (CISO), Security Analyst, Security Engineer, Director of Security, Security Auditor, Security Specialist, Security/ Network/ System Administrator, IT Auditor, Cyber Detectives/ Investigators, whose responsibilities may be either -

1. Develop and patrol a secure IT based platform to run the enterprise.
2. Provide support to IT security professionals by developing effective business solutions. Develop
3. Design and upgrade the existing web portals with the latest innovations as per user requirement.
4. Prosecute the legal cases associated with cyber crime.
5. Manage the network traffic policies and security for overall network ranging from consumers to higher level executives (Decision Makers) by implementing tricky Client/ Server policies.
6. Investigate and uncover evidence of illegal activities conducted via electronic gadgets.
7. Verify compliance with legislative or regulatory requirements
8. Identify the adequacy of accounting and control systems
9. Discover and design security measures to protect electronic gadgets from intruders

List of Universities/ Institutes offering Courses

(The list is indicative only)

(The author is with the Department of School Education - Government of Uttarakhand, E-mail ID: atulbamrara@gmail.com)       

Views expressed are personal.           

(Image Courtesy : Google)