1. What is cyber security and the different aspects/areas under cyber security?

In the globalized world today, everything relies on computers and the Internet now - communication (email, cell-phones), entertainment (digital cable, mp3s), transportation (car engine systems, airplane navigation), shopping (online stores, credit cards), medicine (equipment, medical records), and the list goes on.

There are many risks, some more serious than others. Among these dangers are viruses erasing your entire system, someone breaking into your system and altering files, someone using your computer to attack others, or someone stealing your credit card information and making unauthorized purchases. While you perform various daily activities through the internet, a lot of personal information is stored either on your own computer or on someone else's system. Your data or corporate information may get compromised by different security threats already perennial and evolving with greater space.

In simple words, Cyber Security is defined as the protection of data and systems in networks that are connected to the Internet.

The main areas of cyber security are:

• Information and Data Protection
• Application Security
• Systems Security
• Network Security
• Channel Security - Wired and Wireless
• Client or Endpoint Security
• Email and Message Security
• Access Control - Authentication and Authorization
• Transaction Security
• Threat Management - Malware Protection
• Security Monitoring and Testing

2. What is the demand for cyber security professionals in India?

The greatest need for cyber security professionals is in IT/ITES, E-commerce and BFSI since they have realized that vulnerability to internet crimes and any misuse/loss of data may result into losing clients. Stringent privacy and security legislation in the US and EU and ballooning concerns on security issues in outsourcing are compelling Indian companies to implement security of information. The RBI Internet Banking Guidelines and consequent security services requirements of banks make security professionals much sought after.

IT (Amendment) Act 2008, passed by parliament would contribute significantly the security job market in India as cyber crime and data protection is widely addressed by the amendment. This will drive investment in security by Indian organizations.

Moreover internal compliance requirements such as PCI-DSS (Payment Card Industry- Data Security Services) demands stringent security requirements, and more recently it is driving security programs of organizations here in India and at international level.

Moreover, in view of the recent augmentation in the cyber crime, hacking incidences and criminals using difficult to track technology (e.g. “remailer” service used by Mumbai terrorists to send anonymous mail along with GPS navigators, satellite phones, Blackberries, CDs holding high resolution satellite images and cellphones with switchable SIM cards), it has become tough for security agencies to keep themselves updated with advancement in technology.
 
Cyber threats are growing, and the trend is moving towards information stealing. With the growing number of sophisticated hackers, implementing firewalls and anti-viruses is no longer sufficient. The country needs more information security practitioners with hands-on knowledge rather than product- centric experts to curb such cyber attacks.

So, the future of cyber security profession is very bright as there services will be needed to organizations, critical infrastructure establishments, finance institutes, public sectors and government organizations.

At present, there is no data available to support the demand of cyber security professionals.

3. What are the different profiles/certifications/trainings that are available in this domain?

Security provides opportunities at different layers and areas. Every security profile created falls in either of the two categories - one that helps organization to strategies, implement, manage and operate the security and other that helps to assess, audit, monitor and test security for its effectiveness.

There are some professional certifications offered by internationally recognized organization. They are recognized by industry and even regulatory bodies across the globe as authentic certifications for performing security audit and consulting work. Important among them are CISA (Certified Information System Auditor) and CISM (Certified Information Security Management) offered by ISACA (Information System Audit and Control Association); CISSP (Certified Information Systems Security Professional) by the International Information Systems Security Certification Consortium commonly known as (ISC)².

Some of the sample Profiles are listed below:

• Chief Information Security Officer (CISO)
• Security Director
• Security Program Manager
• Compliance Program Management
• Security Architect
• Security Consultant
• Security Auditor
• Forensic Experts
• Cyber Crime Investigator
• Cyber Law Experts
• Security Manager
• Security Administrator
• Network Penetration Tester
• Application Security Tester