Ethical Hackers : Severe Shortage of talent
According to surveys conducted by cyber security firms in the country, Indian firms lost more than $4 billion in 2013 alone because of hackers.
In today’s digital era, one of the biggest threats comes from cyber criminals. Hackers were not taken seriously until a few years back. Recently, some big names in the Indian industry had to pay hefty sums of money to hackers to keep confidential information from being disclosed to the government. According to surveys conducted by cyber security firms in the country, Indian firms lost more than $4 billion in 2013 alone because of hackers.
With more and more companies entering the e-commerce ecosystem and adopting new technologies like cloud computing, the threat from imminent security breaches is clearly demanding the need for efficient information security systems. The rising threat from cyber-attacks has exposed the severe shortage of talent in this sector.
As per 2015 figures reported by Nasscom, India needed more than 77,000 white hat hackers as against only a mere 15,000 certified professional ethical hackers in that year.
Ethical hacking includes services like the following:
- Application Testing: Done to uncover flaws in the system at the very core or logical level
- Remote or war dialing: Used to test open-ended modem connections that remotely connect to a network
- Local network testing: Deals with testing of services, protocols, system devices and virtual private networks
- Wireless security: A method of measuring the level of security available in the framework as a whole
- System hardening: Done to strengthen the host and mend weaknesses
- Stolen laptop: Done using the PC of an important employee, this test examines for passwords and personal information stored in a dial-up software
- Social engineering: This type of hacking is very difficult to carry out as it involves people, personalities and employees.
The need for ethical hackers
Cyber crimes are becoming more common and attackers more sophisticated with rouge nation-states and terrorist organisations funding criminals to breech security networks either to extort hefty ransoms or compromise national security features.
Businesses are faced with the challenge of dealing with complex security requirements that need to be updated as per changing hacking tactics, handling hidden vulnerabilities and evolving technologies. Ethical hacking firms with specially trained professionals come to the rescue of businesses while ensuring effectiveness of service and confidentiality.
While many new businesses are better prepared in case of cyber attacks, traditional businesses still lack the proactive understanding of the need for ethical hacking. For example, in India, banks having faced the brunt many-a-times are hiring professional help to secure their networks. Still the investment infrastructure for banks against cybercrime is quite miniscule compared to that of banks in the US.
Hotels and other service wings of the industry seem to be lagging behind. Recently, many hotels in the country were being attacked by a malware called ‘darkhotel’ in an attempt to spy on or stalk corporate travellers and gain access through the hotel’s WIFI services.
With new worms, malware, ransomwares and viruses springing up everyday, there is a need to create more awareness among businesses and how ethical hacking can help them to safeguard their networks.
Ethical hacking as a career offers immense opportunities. A fresh certified ethical hacker could attract a salary anywhere between INR 3.5 and 4 lakh per year. Experienced professionals in this field such as security consultants, information security analysts, and ethical hacking experts can command salaries in the range of INR 9 to INR 20 lakh.
The security of an enterprise should be analysed for effectiveness from time to time. Since businesses work in a structured yet complex environment comprising of security, policies and changing technologies, involving complex interactions and interoperations, there is a need to assess the system with a holistic approach. Ethical hacking solutions are possibly the best way of examining such systems and fine-tuning any minor gaps that may lead to compromise of the entire organization.