Using computers and Internet technologies without understanding the basics of cybersecurity is akin to driving a car without seatbelts. Though Information Technology as a discipline has been popular for decades, cybersecurity as a structured curriculum is a relatively recent phenomenon.
Although India has emerged as a software services-based power, the country is on its way to reinventing itself as a software product-making power as well. At the same time, as a major economy consistently recording one of the fastest growth rates, notwithstanding COVID-19, coupled with the large-scale digitisation of various modes of governance and administration, the imperative to upgrade our cybersecurity cannot be overstated. As such, the world’s second largest Internet-connected country needs to train a sufficient pool of cyber warriors to deflect and deal with the rising threats posed to its IT-driven product and service infrastructure and systems.
Clear the confusion
Often there is confusion between cybersecurity and network security. Although both are a subset of the broader information security, traditionally network security, which is a regular part of the IT curriculum, can be considered closest to the growing field of cybersecurity. As part of B. Tech or BE, M.Tech and MSc courses, along with topics such as software engineering, software testing, network engineering, hardware assembly, testing, network security as a separate topic was taught in colleges and universities.
The difference between the two is that, while the network has been envisaged to secure the integrity of the IT infrastructure including hardware and software of an organisation, cybersecurity pertains to protecting Internet-connected systems and networks from digital attacks to access, alter, or sabotage sensitive information; extort money; or interrupt normal business processes, according to Cisco. Therefore, while the former involves provisioning and administration of components such as network-monitoring tools, firewalls, switches, routers and virtual private networks (VPNs), the latter entails monitoring of networks to detect security breaches, installation and updating of safety software and simulation of attacks to identify vulnerabilities.
The difference in the definitions and the scope of work therein is fairly self-explanatory and clarifies the need for a separate and more structured course on cybersecurity. Furthermore, as the sheer volume of traffic on the Internet multiplies with the recent burst of Internet of Things (IoT) and the enhanced uptake of smartphones, the need to fortify cyber defences has become even more pressing.
Although not quite enough to meet the surge in demand, there has been a flurry of specialised and standalone courses on cybersecurity introduced by the government and private players. Ranging from part-time and distance learning to online mode, with varied provisions for certificate, diploma and degree programmes, these courses are popular among students and professionals. The pandemic-driven shift to online education and the subsequent rise of online education portals and the rising cybersecurity threat during the lockdown has given a renewed impetus to this trend. Apart from top universities, some of the foremost IT companies are also offering courses and programmes in cybersecurity.
According to a popular education sector tracking website, there are 204 colleges, both government and private, that offer programmes in cybersecurity at the undergraduate and postgraduate levels. The government has instructed the National Institute of Electronics and Information Technology, a body under the aegis of Ministry and Electronics & Information Technology, to launch courses on cybersecurity. Some other government-backed initiatives include an online PG diploma programme in cyber law and crime investigation and digital forensics by the National e-Governance Division in partnership with National Law Institute University, Bhopal. The Indian Institute of Information technology and Management, Kerala, also runs a programme under the aegis of the state government. In April this year, IIT-Madras launched Certified Cyber Warriors v.3.0 course. The themes include security architecture, web and mobile application security, ethical hacking fundamentals, web technologies, cloud security, remote work security, smart devices security, IoT security, online shopping security, cyber fraud, cyber pornography, cyber terrorism, among others.
Need for more cybersecurity professionals
However, against an estimated demand for a million cybersecurity experts, India has less than 10,000 professionals. Therefore, it is time that cybersecurity as a specialised discipline becomes an integral component of any IT syllabus being taught within our university systems as well as outside. At the same time, we also need to strengthen the foundations of our human resources by improving the quality of our STEM graduates.
The writer is Founder and CEO, Lisianthus Tech