Cyber Security: a brightest career for Engineering Students

Cybercrime is any criminal activity that involves a computer, networked device or a network. Most cybercrimes are carried out in order to generate profit for the cybercriminals, some cybercrimes are carried out against computers or devices directly to damage or disable them. A pair of thieves hack the French Telegraph System and steal financial market information, effectively conducting the world`s first cyber attack. ( 1834 — French Telegraph System).

In 2022 cyber-attacks /Internet attacks grew from 32,500,000 globally in the analyzed period of 2021 to almost 35,400,000 in 2022.20-May-2022. India reported 2,08,456 incidents in 2018; 3,94,499 incidents in 2019; 11,58,208 cases in 2020; 14,02,809 cases in 2021; and 2,12,485 incidents in the first two months of 2022.29-April-2022, Two months of 2022 saw unprecedented cyber crimes than entire 2018. The top 5 cyber crimes in 2021 were: Phishing attacks, malware attacks, ransomware, weak passwords and insider threats. The research by Cybercrime Ventures reveals that the cost of cybercrime damage could reach $6 trillion annually by 2021. The cost of cybercrime damage is expected to reach $8 trillion by 2023. By some counts, there are more than 2,200 cyber attacks per day. That equates to about one cyber attack every 39 seconds. On the 14th of May 2022 Health Service Executive – an Irish government agency – was hit by ransomware.

Colonial Pipeline attacked in the U.S  in the same month, the largest U.S fuel pipeline was hit by ran somware.59% of Americans report they have experienced cybercrime or in some way fallen into the hands of a computer hacker. That`s 152 million American consumers who have had their security compromised online in one way or another. This is why the Information Systems Audit and Control Association described cybercrime as the "fastest-growing crime in the U.S.," and the global cyber security market is expected to be worth $248.6 billion by 2023, according to Markets and Markets research. Kevin Mitnick is the world`s authority on hacking, social engineering, and security awareness training. In fact, the world`s most used computer-based end-user security awareness training suite bears his name. 

Complaint on National Cyber Crime Reporting Portal:

This portal is a part of the Government of India to facilitate victims/complainants and to report cybercrime complaints online. This portal caters to complaints pertaining to cyber crimes only with a special focus on cyber crimes against women and children. Complaints reported on this portal are dealt with by law enforcement agencies/ police based on the information available in the complaints. It is imperative to provide correct and accurate details while filing a complaint about prompt action. The victims have to contact local police in case of an emergency or for reporting crimes other than cyber crimes. The national police helpline number is 100. The national women helpline number is 181. Many of the attacks were the result of COVID-19 transformed business, ushering in a mass transition to remote work while many enterprises lacked adequate cyber security preparedness for a remote workforce.

True, the Government of India is making efforts to arrest cyber criminals through the concerned agencies. Perhaps problems lie with the capability to detect the crimes. Quality education in cyber security will surely help to weed out cyber crimes. In April 2020, cyber security professionals reported a 63% increase in cyber attacks related to the pandemic. 

 According to the Information Systems Security Association International infosec job seekers, can expect to find the following five cyber security careers in high demand over the coming years;

1. Security software developer:

Role Level: Midlevel to leader

Role type: Technical

Average salary: $75,000 per year, according to Pay Scale

A security software developer`s role is perfect for coders who are also interested in information security. By combining technical programming knowledge with product development and security analysis skills, they can create software with built-in security features to "harden," or proactively protect, it from potential attacks. For this purpose, security software developers must understand the threat landscape, which is why entry-level roles in this position are virtually nonexistent.

Software developers have to play a security role and they should be able to conceptualize tomorrow`s threats today and take action to address those threats early. They must be able to balance performance, functionality, user experience and security to avoid unnecessary trade-offs or costly errors. They will typically work with other professionals, such as software designers, engineers and testers; they must have strong communication and collaboration skills in addition to knowledge of software architecture, design and coding. Security software developers are in great demand and have plenty of opportunities on the internet and other emerging technology.

Education and skills

Midlevel roles:

Bachelor`s degree in software development or software engineering

• Secure coding practices
• Security controls
• Penetration testing (preferred but not always required)
• Advanced roles -- all the above, plus:
• Information security
• Cryptography
• Project management
• Network security
• Certifications
• CompTIA Security+
• CompTIA Cybersecurity Analyst (CySA+)
• CompTIA PenTest+
• CompTIA Advanced Security Practitioner (CASP+)
• ISACA Certified Information Systems Auditor
• (ISC)² Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager
• Cisco Certified Internetwork Expert
• Microsoft Azure Security Engineer Associate
• Table of cybersecurity career requirements
• A quick look at the job titles, educational requirements and salaries for various stages of a cyber security career.

2. Security Analyst:

Role level: Entry to senior

Role type: Technical

Average salary: $77,000 per year

A security analyst`s role is broad, encompassing various responsibilities.  More importantly, monitoring security best practices, protocols and procedures and ensuring that those practices are properly implemented and followed.  They use a variety of tools to assess security reports and identify unusual or anomalous network behaviours. They also control file access, credentialing, network updates and firewall maintenance.

A well-trained security analyst will have a solid understanding of how data is stored and managed, as well as the different kinds of cyber security threats, including ransomware attacks, social engineering and data theft. They are able to perform penetration testing and vulnerability scans, and they often recommend relevant changes to improve security.

Security analysts may work in a security operations centre.   This will provide a specialized environment for monitoring, detecting, containing and remediating threats. In small to midsize organizations, their role may be broader and include security analysis and intrusion detection, firewall maintenance, antivirus updates and patch updates. Since they have expertise in security risks and best practices, they can train employees on cyber security hygiene.

Education and skills

Bachelor`s degree in cyber security, information security or a related field

• Proprietary network management
• Penetration testing
• Security incident triaging
• Risk assessments
• Data encryption
• Firewall design, configuration, deployment and maintenance
• Certifications
• CompTIA Network+
• CompTIA Security+
• CompTIA PenTest+
• CompTIA CySA+

3. Penetration Tester or Ethical Hacker

 Level: Midlevel to leader

Role type: Technical and reporting

Average Salary: $86,000 per year

Ethical hackers are the spies of the cyber security world. They act like the "bad guys" to understand their motives, approach and threat actions, mainly to help enterprises avoid cyber attacks. They conduct penetration testing to find vulnerabilities and gaps in security protocols for networks, operating systems, devices and web-based applications. They suggest relevant fixes before these security gaps can be exploited by threat actors. 

Since they often work on highly confidential and time-sensitive projects, people embarking on careers as ethical hackers should be trustworthy and able to deal with tight deadlines and high-stakes decisions. Creativity is another key skill, and ethical hackers must also be highly organized to effectively record and track their projects. 

Education and skills

Bachelor`s degree in information security or a related field

• Penetration testing methods and tools, such as Network Mapper, Wireshark and Kali
• Knowledge of Python, Golang, Bash and PowerShell
• Open Web Application Security Project`s top 10 vulnerabilities
• Social engineering
• Certifications
• Offensive Security Certified Professional
• GIAC Penetration Tester
• GIAC Certified Enterprise Defender
• GIAC Exploit Researcher and Advanced Penetration Tester
• CompTIA Security+
• CompTIA CySA+
• CompTIA PenTest+

4. Cyber Security Engineer:

Level: Senior

Role type: Technical

Average salary: $97,000 per year

Cyber security engineers build information security systems and IT architectures and implement access management controls to prevent unauthorized access and cyber-attacks. They develop and enforce security plans, standards, protocols and best practices, and build emergency plans to ensure infrastructure, applications and services can be quickly restored in case of a disaster. Proactive thinking, planning and action are critical. Cyber security engineers often spend a lot of time finding system vulnerabilities through penetration testing and figuring out how to deal with potential risks before they become serious security issues. They may also review other areas that affect IT security and recommend improvements.

Cyber security engineers also have the following responsibilities:

• Deploying and configuring firewalls and intrusion detection systems;
• Updating or implementing new security software and hardware; and
• Running encryption programs
• Responding to detected security threats
•  Move data to an uncompromised location or isolate compromised data
•  Help the organization recover from a data breach.

They must have strong communication skills to explain complex issues to management and articulate the best ways to implement the latest security plans and procedures. They may also have to work with law enforcement following an attack.

Education and skills

Bachelor`s degree or higher in computer engineering, cybersecurity, information security or a related field

• Secure coding practices and vulnerability detection
• Risk assessment
• Secure network design and architecture
• Firewall architecture
• Computer forensics
• Identity and access management
• Virtualization technologies
• Encryption technologies
• Defending against advanced persistent threats, malware, phishing and social engineering
• Certifications
• CompTIA CySA+
• CompTIA CASP+
• Cisco Certified Network Professional Security
• (ISC)² CISSP
• More on building a cybersecurity career
• Enhancing your cybersecurity know-how is a great way to start moving into a job on a security team. Check out these resources for some initial steps to take:

5. Network security architect

Role level: Senior

Role type: Technical and management

Average salary: $126,000 per year

Network security architects play a critical role in strengthening the security of enterprise architecture while maintaining network productivity, efficiency, availability and performance. They help translate business needs into functional systems, define appropriate policies and procedures for those systems and help train users and administrators. They also keep an eye on budgetary and operational constraints. Interpersonal and managerial skills are important for this role, in addition to technical know-how.

To ensure ongoing security throughout the network lifecycle, network security architects take both defensive measures, such as firewall and antivirus configuration, and offensive measures, penetration testing. They oversee network changes to ensure they don`t put the organization at risk. They are expected to have advanced knowledge of security tools and techniques related to firewalls, penetration testing and incident response. Network security architects must also understand computer networking requirements, including routing, switching and trust domains, as well as security best practices, technologies and industry-standard frameworks.

Education and skills

Bachelor`s degree in computer science or a related field and a Master`s degree in cyber security are preferred.

• Strategic planning
• ITIL and COBIT IT process models
• TCP/IP networking
• OSI model
• Intrusion detection systems
• Risk management
• Single sign-on identity management systems
• Virtual private network layers and connections
• Protocol encryption
• Certifications
• CompTIA Network+
• (ISC)² Information Systems Security Architecture Professional
• GIAC Defensible Security Architecture
• CREST Registered Technical Security Architect

Leading Institutions offering the programs in Cyber Security are as follows: 

Mode of Cyber Security Courses (Offline)

• Indian Institute of Technology, Madras, Chennai.

1. Indian Institute of Technology, Bombay, Mumbai.
2. Indian Institute of Technology, Kharagpur.
3. Indian Institute of Technology, Delhi, New Delhi.
4. Indian Institute of Technology, Kanpur.
5. Indian Institute of Technology, Roorkee.
6. Indian Institute of Technology, Hyderabad.

Cyber Security Courses

Multiple options are available for candidates prospecting their careers in Cyber Security. Candidates can pursue a degree, PG course, diploma and certification Cyber Security courses at UG & PG levels.

Degree Cyber Security Courses: 

• Candidates can obtain BTech or BSc degree in Computer Science (CS) & Cyber Security after completing class 12th. 
• BTech degree programmes are of 4 years while BSc in CS/ Cyber Security has a 3-year course duration.

Diploma Cyber Security Courses: 

• Candidates can pursue a diploma in Cyber Security courses at both UG & PG levels. 
• The duration of UG & PG Diploma courses ranges from 10 months to 1 year.

Cyber Security Certifications: 

• Certification courses in Cyber Security are basically short-term courses majorly offered online
• The course duration can range from three to six months.

Mode of Cyber Security Courses (Online & Offline)

Offline Cyber security 

• Candidates can pursue Cyber Security courses full-time, part-time or online. 
• While a majority of cyber security courses are offered as full-time programmes by the government and private colleges, 
• Cyber security certifications are more popular among prospective students.

Online Cyber security

• Online cyber security courses are offered by various educational agencies
•  This will equip a learner with the skills needed to defeat all online threats including advanced hackers, trackers, malware, cybercriminals, etc. to protect infrastructure, data, information, architecting cloud-based security and much more. 
• These courses include online-demand video, e-learning content and a certificate upon course completion.

Online Cyber security

The list of online cyber security courses offered by different agencies;

Regular Cybersecurity Courses

The details of regular cybersecurity available at the undergraduate and postgraduate levels can be seen below.

Cyber Security Specialisations

• Cybersecurity courses in India are offered across various specialisations.
• Given below is a list of Cyber Security Specialisations candidates can choose when willing to take up a course in Cyber Security.

Cyber Security Syllabus

The syllabus for Cyber Security varies for various courses. Take a look at the generic course curriculum for Cyber Security courses.

Online Cyber Security Course Syllabus

Private Colleges/ Universities: These institutions offer Master`s in Cyber Security

1. K L University, Belagavi 
2.  Amity University, Jaipur
3. Digital University Kerala 
4. Ganpat University, Mehsana-Gozaria North Gujarat,
5. The LNM Institute of Information Technology - Jaipur
6. Marwadi University Rajkot
7. Sharada University, Greater Noida,
8. Amity University, Noida
9. Shanmugha Arts, Science, Technology and Research Academy, SASTRA University, Thanjavur district, Tamil Nadu.