Express Computer

Home  »  Interviews  »  Entry level professionals lack the right conceptual understanding of cyber

Entry level professionals lack the right conceptual understanding of cyber

InterviewsNews
By Abhishek Raval
Sunil Varkey, CISO, Wipro
0 368

With the information security domain rapidly evolving with changes in business models, technology adoption and regulatory and compliance mandates, it is time to take a new approach for building skill sets in emerging areas, says Sunil Varkey, CISO, Wipro

Please discuss the challenge of the shortage of cyber security talent in the industry ?

There is a serious shortage of quality human resource in the space of cyber security. There are reasons for the same. Engineering colleges were not offering any courses or specialization in cyber security till very recently. Now, colleges like Vellore Institute of Technology (VIT) has started specialised courses in cyber security.

Most of the available training courses were limited to product specific trainings and on maturity to courses like CISSP, CISA but were limited to role or function specific. Few years back, enterprises used to invest in their employees by spending considerably on training, to improve skill set of their security resources. Post that, few companies started poaching these trained resources, which led to high attrition levels, in companies who tried developing skills of their security resources. Overall, this resulted in a reduction in the training spend in companies.

While certifications, trainings and skill development was the key approach in improving employability, recent demand and supply imbalance in the cyber security domain opened up jobs to many without adequate experience or certifications, due to which individuals spending time on reading and upskilling also got reduced.

All this led to a situation where right quality resources with strong foundation, domain expertise, context and perspective started declining. Due to which, these resources are not trying to understand the significance of the role they play; their contribution to enterprise; functional and teams goals and objectives; regulatory and compliance regime; internal and external threat & vulnerability environment, where they are designated to be the protector. This is a global problem in our domain and not limited to India.

Can the government, corporate, academia, and start-ups come together and build a good environment around cyber security?

The issue is, everybody is waiting for a call from the other party to begin with a common objective. It may not be the right approach.

Nonetheless, compared to the earlier years, a lot of collaboration is happening on the ground. The media is also creating awareness about cyber security. Everything seems to be falling into place.
Innovation and excellence has come up in various phases from startups. It has happened only after the academia, government and corporates have come together with a common vision and goal.

What are some of the skill sets that will be in demand in terms of cyber security in the coming future?

Information security domain is rapidly evolving with changes in business models, technology adoption, regulatory and compliance mandates, threats, vulnerabilities and exploit patterns.

Overall there are around 20+ different functional roles in Information security / Cyber security domain. While the importance of the foundational concept of confidentiality, integrity, availability, accountability remains, each of these areas need specialized skill set and approach; and most of these skills cannot be built in isolation.

The emerging areas of cloud security, IoT, big data, agile scrum methodology require new learning and approach.

What are your views on the use of data analytics in cyber security ?

The AI and ML space is in an evolving stage but for sure big data has picked up its momentum. Currently, security professionals are spending a lot of time on analyzing a lot of events generated from various data sources in the enterprise. We never had the capacity or capability to analyze such volumes of data in the right manner. Now, with the advent of big data platforms, we have better understanding of the patterns, deviations, and triggers to certain events generated in our environment. This helps us in taking informed decisions at the right time.

Now with AI and ML we could get into better threat predictability modelling, which could improve the domain capabilities in a different manner.

Get real time updates directly on you device, subscribe now.

Abhishek Raval

Principal Correspondent at expresscomputer.in. Covers enterprise tech and e-governance with a focus on smart cities. He can be reached at [email protected]

You might also like More from author
Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 
Powered by Convert Plus
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image