Excerpts of interview with Akash Agarwal, country head, EC council. EC-Council is the world’s largest certification body for Information Security professionals. Agarwal handles EC Council’s business operations in the area of information security, trainings and certifications for business acceleration. Here he talks about the threat of online (in)security and how knowledge about them should necessarily start an early age.
Ideally when should the training for cyber security start?
People should be trained to safeguard themselves from the very beginning; right from the school level. One solution to the problem is that you invest a lot of money for building infrastructure and resources; that is machine and there is no limit to it. However, the basic solution is to teach and equip people to better use technology and not become victims of cyber threat.
Please understand it is not about a mobile or a tablet or a single device. Just wait for another year; you would be wearing glasses, which would have the chip. You would be wearing watches, which would connect you to the world. In one year, everything that you have on your body as an accessory would be computerised. And young people would be using these devices; hence cyber security is not about the government or the industry but has to be holistic.
How should one overcome the shortage of trainers in cyber and network security?
Online training can multiply the number of teachers presently available for cyber security training. There are online modules for working professionals where they can take the relevant training modules on cyber security. People need to be trained to understand security and privacy in their everyday lives. They should be trained to check the mails they receive. For example, I never open email whose senders I do not recognise. I go by the adage, “If the message is so important, the sender will call me.”
Do you think India is ready to train sufficient number of professionals in cyber security?
The concepts are great in India but the implementation is lagging. What we need is the change in mind-sets. I have seen the change, but it is very slow. We are almost at the threshold when we would be providing almost 70-80 percent of all cyber security professionals in the world. However, for that to become a reality, a lot of agencies have to work together. PPP mode in cyber security capacity building has not taken off. There is no plan or investment for the same. Though the budget of cyber security has been increased to Rs 1,000 crore, it is still peanuts compared to the global scenario. Speed of implementation is slow.
Are we blowing the cyber security problem out of proportion?
125 crore people today carry important data on their mobiles; people can be maligned using that data and people with personal enmity have now a plethora of options for personal vengeance. The problem gets intensified if you bring into issues of national security and what data theft could do to the sovereignty of the country.