A SECURE CYBERSPACE: KEY ASPECTS OF CYBERSECURITY

Sreenath Gopinath

Chairman, TBH-TechByHeart

Sreenath Gopinath, a celebrated young entrepreneur and recipient of Kerala’s prestigious Youth Icon Award, delves into the dynamic world of cyber security. As an Associate Member of the National Cyber Safety and Security Standard, New Delhi, and Co-founder & CMO of INTERN CAN and Techbyheart Gopinath shares insights on this booming career field

Cyber security is the safeguarding of devices and systems, networks, and data from attacks and unauthorized access. In today’s digital age, the importance of cyber security cannot be overstated. As our dependence on technology grows, so do the threats we face. Phishing, for example, is a common tactic where attackers deceive individuals into revealing sensitive information. Scams like the Bank OTP scam exploit vulnerabilities to steal financial data. In regions like Jamtara, the “phishing capital of India,” these risks are particularly prevalent and have grown to a scale that is hard for us to comprehend. Additionally, social media platforms like Instagram are not immune, with issues such as morphed photos leading to identity theft. Effective cyber security measures are essential to protect against these evolving threats, ensuring the integrity and confidentiality of our data, and maintaining trust in our digital space.

Cyber Attacks in a Glance

My work with various companies has provided me with invaluable insights into the cybersecurity landscape in India. Working with different companies across various industries has highlighted the diverse range of cybersecurity threats faced by organizations. From ransomware attacks targeting financial institutions to phishing campaigns impacting healthcare providers, each sector faces unique challenges. Cyber-attacks come in various forms, each with distinct methods and objectives.

• Phishing: This is when attackers send fake emails or messages that look like they are from a trusted source, tricking people into giving away personal information like passwords or credit card numbers.
• Malware: Malware is malicious software, like viruses or ransomware, that can harm your computer, steal your data, or take control of your system. For example, ransomware locks your files and demands money to unlock them.
• Distributed Denial of Service (DDoS): In a DDoS attack, hackers overwhelm a website or server with too much traffic, causing it to crash and become unavailable to users.
• Man-in-the-Middle (MitM) Attacks: This happens when attackers secretly intercept and possibly alter communication between two parties. For instance, they might eavesdrop on data sent over an unsecured Wi-Fi network.
• Database Injection: This attack targets websites that use databases. Hackers insert harmful code into the website’s database, allowing them to access, change, or delete data.
• Zero-Day Exploits: These attacks exploit unknown vulnerabilities in software or hardware that software developers have not yet identified and fixed. They can be particularly dangerous because there is no defense in place at the time of the attack.
• Credential Stuffing: This involves using stolen usernames and passwords from one breach to try to access other accounts. Since many people use the same password for multiple sites, attackers can often gain unauthorized access.
• Insider Threats: These attacks come from within the organization, usually from employees who have access to sensitive information. They misuse their access to steal data or cause harm.

Approaches by Companies

Many companies are emphasizing enhancing their cybersecurity due to the increasing frequency and sophistication of cyber-attacks. Protecting sensitive data, maintaining customer trust, and complying with regulations are crucial for business and reputation. Cyber- attacks can result in significant financial losses and damage to a company’s image, making strong cyber security measures essential.

The rise of companies providing cyber security solutions is driven by the growing demand for specialized expertise to combat these threats. Many businesses prefer to outsource their security needs to experts who can provide advanced protection, help them navigate regulatory requirements, and respond quickly to incidents. This allows companies to focus on their core activities while ensuring their data and systems are secure.

When my friend Sajad Chemmukkan and I founded ‘Tech by Heart’ five years ago, we recognized the vital importance of cyber security and are committed to initiatives that go beyond corporate interests, focusing on social responsibility and community engagement.

‘Kerala hack run,’ a recent campaign of TBH which was conducted in association with Malayala Manorama Red FM and with the support of the Kerala police concluded triumphantly in February 2024, and showcased an inspiring alliance between academia, media, and law enforcement. 

TBH has also launched the ‘Cyber Smart India 24’ initiative, aiming to enhance cyber security awareness across 10 states. This initiative has already made significant strides in Kerala, offering free sessions at colleges, schools, and community centers. These initiatives underscore that the efforts of TBH are not just about business; they are about addressing a critical need of the times.

Why Cybersecurity Careers?

Learning cyber security is an excellent choice for several reasons:

• Little to No Programming skills required: Cybersecurity courses typically do not require prior programming or coding skills, making them accessible to beginners.
• Open to All Students: Students from any academic background can study cybersecurity. Whether you are in computer science, economics, business, or any other field, you can pursue a career in cyber security.
• Diverse Career Opportunities: Cyber security offers a wide range of career paths, including roles such as risk assessment, cyber consultancy, and compliance. Graduates from non-IT fields, like economics, can find good jobs in this field.

• High Demand: With the increasing frequency and sophistication of cyber threats, there is a growing need for skilled cybersecurity professionals across all industries.
• Excellent Job Prospects: Cybersecurity offers competitive salaries, job stability, and numerous opportunities for career advancement. Organizations are investing heavily in security measures, creating a strong job market for trained professionals.

To summarize, learning cyber security provides a pathway to a dynamic career, accessible to students from any background and offering strong job prospects and career growth opportunities.

Different Career Paths 

In the field of cybersecurity, there are several career paths that offer great opportunities, I can broadly explain a few:

• Ethical Hacking: Ethical hackers find and fix security weaknesses in computer systems to help keep them safe from cybercriminals. With technology becoming more complex, this job will stay in demand for sure.
• Security Analyst/Incident Responder: These professionals monitor and respond to security threats in organizations.
• Security Operations Centre (SOC) Analyst: SOC analysts watch over computer networks in real-time to catch and stop cyber-attacks.
• Security Consultant: These experts help companies understand their security risks and find solutions to protect themselves.
• Cybersecurity Architect: Cybersecurity architects design and set up security systems to keep data safe from hackers.
• Forensics: The demand for skilled professionals in digital forensics is increasing in recent times. There is a high demand for skilled individuals in both governmental as well as non- governmental areas.

Apart from these, there are a lot of paths and deviations that you can take in the career journey in cyber security. I firmly believe that internships are crucial for securing future job opportunities across all fields. InternCan, as an online internship training and facilitation platform, provides rigorous, job-oriented learning experiences tailored to the student community. Through internships, students gain practical, hands-on experience that complements their academic studies. This real-world exposure is invaluable, as it allows them to apply theoretical knowledge to actual workplace scenarios, developing critical skills and competencies. Also, internships offer unparalleled networking opportunities, enabling students to connect with industry professionals and potential mentors. This combination of practical experience and professional connections makes students more competitive in the job market, significantly enhancing their employability and paving the way for successful careers in their chosen fields.

 Skills You Need to Excel in the Field

For young individuals aspiring to pursue careers in cybersecurity, I say, First and foremost, it is essential to approach your aspirations with dedication. As Mahatma Gandhi said, ‘The future depends on what we do in the present.’ By working towards your goals with focused effort and commitment, you can build a successful career in whatever field that you are looking to excel in.

It is important to acknowledge that the path to a cybersecurity career may involve challenges and obstacles. However, it will help you to develop resilience. Embrace the journey, and view setbacks as opportunities for learning and growth. In terms of education and training, consider pursuing certifications such as Certified Ethical Hacking, Certified Security Analyst (CSA), or Security Operations Centre (SOC) Analyst. These certifications provide valuable skills and credentials that are highly sought after in the cybersecurity industry. Also, internships can provide invaluable hands-on experience and networking opportunities. Look for internship programs that offer certifications, as these can enhance your resume and increase your employability. Overall, the cybersecurity field offers a wealth of opportunities. By staying focused on your goals, and continuously expanding your skills and knowledge, you can pursue a fulfilling and rewarding career in cybersecurity.

For aspiring cybersecurity professionals, I would also recommend pursuing certifications and training programs that offer comprehensive and practical learning experiences. Certified Ethical Hacking, Certified Security Analyst, and SOC Analyst courses are excellent choices, and it provides essential skills in threat detection, incident response, and vulnerability assessment. Look for certifications accredited by reputable organizations like EC- Council, as they carry weight in the industry and demonstrate your expertise to employers. Also, do not underestimate the value of gaining hands-on experience through internships. Internship certificates not only showcase your practical skills but also increase your chances of securing job placements. By investing in these certifications and practical opportunities, you will be well-equipped and ready for industrial needs.