Career in Information Security/Ethical Hacking

<h1>Career in Information Security/Ethical Hacking</h1>Author: <a title="appin" href="http://www.articlesbase.com/authors/appin/241099.htm">appin</a> What is the entry level post? Network Security Administrator Application Security Tester Forensics Tester Ethical Hacker Junior Security Auditor Security Certified Programmer Security Certified Information User -What is the starting salary? In India the starting salaries are of the range Rs 15K-50k depending on qualifications. For e.g- A person who has done B.Tech computer science along withh a security certification like MASE will normally get around Rs 30K as a starting salary and a person who has done diplomas etc with security certification like MASE will get around Rs 15K once he completes the probabation period. Then he moves on to drawing higher salaries with time and experience. Security sector is one of the highest paid sector in the world and for India it will be no different. The salaries go up to infinite range and security experts earn 15 lakh per annum and company’s CISO ( Chief Information Security Officer ) earns around Rs 25 lakhs per annum -What is the growth curve like starting as a fresher, where can he go? Network Security administrator -> Network Security Manager -> Security Officer -> Chief Information Security Officer Ethical Hacker/Penetration Tester -> Security Consultant and Manager -> Chief Information Security Officer Application Security Tester -> Application Security Developer -> Application Security Manager -> Chief Application Security Officer Forensics Tester -> Forensics Manager – > Forensics head Junior Security Auditor -> Security Auditor Secured Programmer-> Security Project Manager And many more… - What is the industry growth rate both india and world ? over 30% in India and around 21% in the world What are kinds of DATA THEFT? Theft of Intellectual Property/Softwares etc stolen - These thefts occur at 2 levels a) Ideation and Software design for the software – This means the theft occurs at a stage when the software is not made but thought of and designed. This can occur if any of your employees in the core project team leaves the company during the project and joins the competitor where he presents the same architecture. He can either have the documents of the software design or have the architecture in his mind. The theft can be prevented by implementing laws such as an employee is not allowed to leave a company midway of project, creating laws that abide him to do that ( employee contract) and heavy penalty enforced in case he does it. The theft can also occur technically by hacking into the project team’s individual laptops or computer when they are at home. This can also be prevented by processes and technical security which can be taught to them. b) Theft of the software program – This is not that easy and is done in following ways - Project is outsourced to a third party who copies the software and perhaps sell under different brand name - Software program is stolen from the core team’s computer by hacking when they might take the software home for testing, coding etc - Individual software uncompiled codes stolen which can be later combined to form the software ( E.g.- An Appin employee shares the security software code with friend from competitor company for checking the code, to prove his/her capability ) These thefts can be done intentially by your own employees for financial gain by using emails, removable devices or captured by hackers by using techniques of social engineering or technical hacking. For preventing these a team should be maintained for technical security, its up gradation comprising of security people, ethical hackers, security managers etc along with enforcement of laws and security processes within an organization. You also need to consult specialists in security, have regular training programs to stay aware about the latest threats and ways adopted. This is information age and you need to understand, implement and upgrade your information security skills, awareness programs on Information Security for everyone in the organization. Information can be leaked at all levels and hence should be secured at all levels Other kind of data thefts that happen include customers databases, confidential proposals, strategy documents and even board room meeting minutes. Some case have been reported. For e.g – A famous Data Center had some client data copying in the past, A famous gas company’s statistics were stolen, Some other internet based companies are hacked and their data is copied often, even government information has been stolen by hacking into web servers and other attacks done by countries that are against India. I will not name a company because this is classified information. They could sue us for providing this information. Top companies have been hacked like we heard the recent case of airtel. These can be prevented by taking measures as mentioned above along with special security consulting companies taking care of your information security India is it equipped? Though Indian companies has started adopting security but we still have a long way to go till it becomes a part of our psychology. We lock our houses but forget the same about digital information. We need more technical man power, companies should increase their budgets to save their reputation, clients and business secrets. We need to become a security conscious nation else our BPO and IT industry which is reputed in the world will lose its reputation and fall down on growth rates. We have to be more secured than any other nation . We are sure to achieve this if we all work together. BPO’s BPO & Data processing facilities are basically classified into different segments with respect to their capabilites, revenues , turnovers . One is a set of huge BPO’s like Convergys, Genpact, HSBC, Wipro Spectramind etc which are very secured. The problem is still we have seen thefts in HSBC, Wipro Spectramind in last couple of years. Then there is another set of BPO’s which are smaller in size and don’t have adequate security processes and infrastructure. It is very easy to copy data, leaque data etc. The reason is not that they can’t do it. They are just not aware and hence none of the employees are aware too. Then there are very small BPO’s which are ranging froma head count of 5- 100 people which don’t follow security policies at all. Thus overall Indian BPO industry needs to raise its standards in Security, take more training programs, consult experts as this is the primary industry of India and hence the reputation and revenue loss is big if a crime occursAbout the Author: Aadi Goel is working in a reputed IT firm in India. She is also an amateur writer and his write-ups mainly focus on the importance ofinformation security training and ethical hacking. For More: <a target="_blank" href="http://www.appinonline.com">http://www.appinonline.com</a> Article Source: <a href="http://www.articlesbase.com/">ArticlesBase.com</a> - <a href="http://www.articlesbase.com/security-articles/career-in-information-securityethical-hacking-1269490.html" title="Career in Information Security/Ethical Hacking">Career in Information Security/Ethical Hacking</a>

What is the entry level post?
Network Security Administrator
Application Security Tester
Forensics Tester
Ethical Hacker
Junior Security Auditor
Security Certified Programmer
Security Certified Information User

-What is the starting salary?

In India the starting salaries are of the range Rs 15K-50k depending on qualifications. For e.g- A person who has done B.Tech computer science along withh a security certification like MASE will normally get around Rs 30K as a starting salary and a person who has done diplomas etc with security certification like MASE will get around Rs 15K once he completes the probabation period. Then he moves on to drawing higher salaries with time and experience. Security sector is one of the highest paid sector in the world and for India it will be no different. The salaries go up to infinite range and security experts earn 15 lakh per annum and company’s CISO ( Chief Information Security Officer ) earns around Rs 25 lakhs per annum

-What is the growth curve like starting as a fresher, where can he go?

Network Security administrator -> Network Security Manager -> Security Officer -> Chief Information Security Officer
Ethical Hacker/Penetration Tester -> Security Consultant and Manager -> Chief Information Security Officer
Application Security Tester -> Application Security Developer -> Application Security Manager -> Chief Application Security Officer
Forensics Tester -> Forensics Manager – > Forensics head
Junior Security Auditor -> Security Auditor
Secured Programmer-> Security Project Manager

And many more…

- What is the industry growth rate both india and world ?

over 30% in India and around 21% in the world

What are kinds of DATA THEFT?

Theft of Intellectual Property/Softwares etc stolen -

These thefts occur at 2 levels

a) Ideation and Software design for the software – This means the theft occurs at a stage when the software is not made but thought of and designed. This can occur if any of your employees in the core project team leaves the company during the project and joins the competitor where he presents the same architecture. He can either have the documents of the software design or have the architecture in his mind. The theft can be prevented by implementing laws such as an employee is not allowed to leave a company midway of project, creating laws that abide him to do that ( employee contract) and heavy penalty enforced in case he does it. The theft can also occur technically by hacking into the project team’s individual laptops or computer when they are at home. This can also be prevented by processes and technical security which can be taught to them.

b) Theft of the software program – This is not that easy and is done in following ways
- Project is outsourced to a third party who copies the software and perhaps sell under different brand name
- Software program is stolen from the core team’s computer by hacking when they might take the software home for testing, coding etc
- Individual software uncompiled codes stolen which can be later combined to form the software ( E.g.- An Appin employee shares the security software code with friend from competitor company for checking the code, to prove his/her capability )

These thefts can be done intentially by your own employees for financial gain by using emails, removable devices or captured by hackers by using techniques of social engineering or technical hacking. For preventing these a team should be maintained for technical security, its up gradation comprising of security people, ethical hackers, security managers etc along with enforcement of laws and security processes within an organization. You also need to consult specialists in security, have regular training programs to stay aware about the latest threats and ways adopted. This is information age and you need to understand, implement and upgrade your information security skills, awareness programs on Information Security for everyone in the organization. Information can be leaked at all levels and hence should be secured at all levels

Other kind of data thefts that happen include customers databases, confidential proposals, strategy documents and even board room meeting minutes. Some case have been reported. For e.g – A famous Data Center had some client data copying in the past, A famous gas company’s statistics were stolen, Some other internet based companies are hacked and their data is copied often, even government information has been stolen by hacking into web servers and other attacks done by countries that are against India. I will not name a company because this is classified information. They could sue us for providing this information. Top companies have been hacked like we heard the recent case of airtel.
These can be prevented by taking measures as mentioned above along with special security consulting companies taking care of your information security

India is it equipped?

Though Indian companies has started adopting security but we still have a long way to go till it becomes a part of our psychology. We lock our houses but forget the same about digital information. We need more technical man power, companies should increase their budgets to save their reputation, clients and business secrets. We need to become a security conscious nation else our BPO and IT industry which is reputed in the world will lose its reputation and fall down on growth rates. We have to be more secured than any other nation . We are sure to achieve this if we all work together.

BPO’s

BPO & Data processing facilities are basically classified into different segments with respect to their capabilites, revenues , turnovers .
One is a set of huge BPO’s like Convergys, Genpact, HSBC, Wipro Spectramind etc which are very secured. The problem is still we have seen thefts in
HSBC, Wipro Spectramind in last couple of years.

Then there is another set of BPO’s which are smaller in size and don’t have adequate security processes and infrastructure. It is very easy to copy data, leaque data etc.
The reason is not that they can’t do it. They are just not aware and hence none of the employees are aware too.

Then there are very small BPO’s which are ranging froma head count of 5- 100 people which don’t follow security policies at all.

Thus overall Indian BPO industry needs to raise its standards in Security, take more training programs, consult experts as this is the primary industry of India and hence the reputation and revenue loss is big if a crime occurs

Aadi Goel is working in a reputed IT firm in India. She is also an amateur writer and his write-ups mainly focus on the importance ofinformation security training and ethical hacking. For More: http://www.appinonline.com

Rate this Article:

0 / 5 stars - 0 vote(s)

Re-Publish

Related Videos
Related Articles
Ask / Related Q&A

Play

How to Secure a Local to Remote Connection

Play

How to Prevent Business Data Loss

Play

Hacking Wireless Networks Made Easy - FrugalTech

Play

A Dangerous IT Security Risk - FrugalTech

Play

How to Hack with Google

Latest Security Articles
More from appin

Get In Touch With Norton Antivirus

By: James | 31/12/2009
Antivirus has become one of the most essential software these days. Norton antivirus is considered as the most reliable antivirus software. There are many people who want to contact Norton antivirus before buying one. It can be quite easy to get in touch with them either through website or via phone.

Rising demand for Investigating services

By: Sleuth India | 30/12/2009
The changing life style reveal the secret. Life today has gained such a tremendous pace that people rarely have time for themselves. This ultra-busy lifestyle coupled with extremely tense job requirements make people very impatient and intolerant. No wonder smallest of issues today lead to major differences.

Advice On Protecting Your Netbook

By: Mark Walters | 30/12/2009
Useful information and advice on netbooks. Find out how to make a netbook as safe and secure as possible.

Tutorial to Unlock Windows XP Administrator Password!

By: Fiona | 30/12/2009
The Windows XP administrator passwordis the password used to access the "Administrator" account. This account usually doesn't show up on the logon screen and most people don't know it exists. Usually that's okay because you won't need to use your computer under this account very often. There are a few times when you will need this password! When you're accessing the Windows XP Recovery Console or you're trying to boot into Windows XP Safe Mode, you'll need this password before you can contin

Lost or Forgot Computer Password? Reset Windows XP password!

By: Fiona | 30/12/2009
If you have lost or forgotten your password for logging in to a computer running the Windows XP operating system, there are a few different options

Tutorial to Unlock Windows Vista Administrator Password!

By: Fiona | 30/12/2009
Windows Vista administrator password is the password to an account configured with administrator level access in Windows Vista. There doesn't actually have to be an "Administrator" user account. What you need is the password to any account that can act as an administrator. You may need an administrator password in Windows Vista if you're trying to run certain types of programs or access certain Windows Vista password recovery tools.

Find out Windows 7 Password! Reset Windows 7 Password!

By: Fiona | 30/12/2009
There are a few times when you will need this password. You may need an Windows 7 administrator password if you're trying to run certain types of programs or access certain Windows 7 recovery tools.

Tips to Find the Windows Administrator Password

By: Fiona | 30/12/2009
There are several ways to find your administrator password in Windows.