Cybercrime is any criminal activity that involves a computer, networked device or a network. Most cybercrimes are carried out in order to generate profit for the cybercriminals, some cybercrimes are carried out against computers or devices directly to damage or disable them. A pair of thieves hack the French Telegraph System and steal financial market information, effectively conducting the world`s first cyber attack. ( 1834 — French Telegraph System).
In 2022 cyber-attacks /Internet attacks grew from 32,500,000 globally in the analyzed period of 2021 to almost 35,400,000 in 2022.20-May-2022. India reported 2,08,456 incidents in 2018; 3,94,499 incidents in 2019; 11,58,208 cases in 2020; 14,02,809 cases in 2021; and 2,12,485 incidents in the first two months of 2022.29-April-2022, Two months of 2022 saw unprecedented cyber crimes than entire 2018. The top 5 cyber crimes in 2021 were: Phishing attacks, malware attacks, ransomware, weak passwords and insider threats. The research by Cybercrime Ventures reveals that the cost of cybercrime damage could reach $6 trillion annually by 2021. The cost of cybercrime damage is expected to reach $8 trillion by 2023. By some counts, there are more than 2,200 cyber attacks per day. That equates to about one cyber attack every 39 seconds. On the 14th of May 2022 Health Service Executive – an Irish government agency – was hit by ransomware.
Colonial Pipeline attacked in the U.S in the same month, the largest U.S fuel pipeline was hit by ran somware.59% of Americans report they have experienced cybercrime or in some way fallen into the hands of a computer hacker. That`s 152 million American consumers who have had their security compromised online in one way or another. This is why the Information Systems Audit and Control Association described cybercrime as the "fastest-growing crime in the U.S.," and the global cyber security market is expected to be worth $248.6 billion by 2023, according to Markets and Markets research. Kevin Mitnick is the world`s authority on hacking, social engineering, and security awareness training. In fact, the world`s most used computer-based end-user security awareness training suite bears his name.
Complaint on National Cyber Crime Reporting Portal:
This portal is a part of the Government of India to facilitate victims/complainants and to report cybercrime complaints online. This portal caters to complaints pertaining to cyber crimes only with a special focus on cyber crimes against women and children. Complaints reported on this portal are dealt with by law enforcement agencies/ police based on the information available in the complaints. It is imperative to provide correct and accurate details while filing a complaint about prompt action. The victims have to contact local police in case of an emergency or for reporting crimes other than cyber crimes. The national police helpline number is 100. The national women helpline number is 181. Many of the attacks were the result of COVID-19 transformed business, ushering in a mass transition to remote work while many enterprises lacked adequate cyber security preparedness for a remote workforce.
True, the Government of India is making efforts to arrest cyber criminals through the concerned agencies. Perhaps problems lie with the capability to detect the crimes. Quality education in cyber security will surely help to weed out cyber crimes. In April 2020, cyber security professionals reported a 63% increase in cyber attacks related to the pandemic.
According to the Information Systems Security Association International infosec job seekers, can expect to find the following five cyber security careers in high demand over the coming years;
1. Security software developer:
Role Level: Midlevel to leader
Role type: Technical
Average salary: $75,000 per year, according to Pay Scale
A security software developer`s role is perfect for coders who are also interested in information security. By combining technical programming knowledge with product development and security analysis skills, they can create software with built-in security features to "harden," or proactively protect, it from potential attacks. For this purpose, security software developers must understand the threat landscape, which is why entry-level roles in this position are virtually nonexistent.
Software developers have to play a security role and they should be able to conceptualize tomorrow`s threats today and take action to address those threats early. They must be able to balance performance, functionality, user experience and security to avoid unnecessary trade-offs or costly errors. They will typically work with other professionals, such as software designers, engineers and testers; they must have strong communication and collaboration skills in addition to knowledge of software architecture, design and coding. Security software developers are in great demand and have plenty of opportunities on the internet and other emerging technology.
Education and skills
Midlevel roles:
Bachelor`s degree in software development or software engineering
- Secure coding practices
- Security controls
- Penetration testing (preferred but not always required)
- Advanced roles -- all the above, plus:
- Information security
- Cryptography
- Project management
- Network security
- Certifications
- CompTIA Security+
- CompTIA Cybersecurity Analyst (CySA+)
- CompTIA PenTest+
- CompTIA Advanced Security Practitioner (CASP+)
- ISACA Certified Information Systems Auditor
- (ISC)² Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager
- Cisco Certified Internetwork Expert
- Microsoft Azure Security Engineer Associate
- Table of cybersecurity career requirements
- A quick look at the job titles, educational requirements and salaries for various stages of a cyber security career.
2. Security Analyst:
Role level: Entry to senior
Role type: Technical
Average salary: $77,000 per year
A security analyst`s role is broad, encompassing various responsibilities. More importantly, monitoring security best practices, protocols and procedures and ensuring that those practices are properly implemented and followed. They use a variety of tools to assess security reports and identify unusual or anomalous network behaviours. They also control file access, credentialing, network updates and firewall maintenance.
A well-trained security analyst will have a solid understanding of how data is stored and managed, as well as the different kinds of cyber security threats, including ransomware attacks, social engineering and data theft. They are able to perform penetration testing and vulnerability scans, and they often recommend relevant changes to improve security.
Security analysts may work in a security operations centre. This will provide a specialized environment for monitoring, detecting, containing and remediating threats. In small to midsize organizations, their role may be broader and include security analysis and intrusion detection, firewall maintenance, antivirus updates and patch updates. Since they have expertise in security risks and best practices, they can train employees on cyber security hygiene.
Education and skills
Bachelor`s degree in cyber security, information security or a related field
- Proprietary network management
- Penetration testing
- Security incident triaging
- Risk assessments
- Data encryption
- Firewall design, configuration, deployment and maintenance
- Certifications
- CompTIA Network+
- CompTIA Security+
- CompTIA PenTest+
- CompTIA CySA+
3. Penetration Tester or Ethical Hacker
Level: Midlevel to leader
Role type: Technical and reporting
Average Salary: $86,000 per year
Ethical hackers are the spies of the cyber security world. They act like the "bad guys" to understand their motives, approach and threat actions, mainly to help enterprises avoid cyber attacks. They conduct penetration testing to find vulnerabilities and gaps in security protocols for networks, operating systems, devices and web-based applications. They suggest relevant fixes before these security gaps can be exploited by threat actors.
Since they often work on highly confidential and time-sensitive projects, people embarking on careers as ethical hackers should be trustworthy and able to deal with tight deadlines and high-stakes decisions. Creativity is another key skill, and ethical hackers must also be highly organized to effectively record and track their projects.
Education and skills
Bachelor`s degree in information security or a related field
- Penetration testing methods and tools, such as Network Mapper, Wireshark and Kali
- Knowledge of Python, Golang, Bash and PowerShell
- Open Web Application Security Project`s top 10 vulnerabilities
- Social engineering
- Certifications
- Offensive Security Certified Professional
- GIAC Penetration Tester
- GIAC Certified Enterprise Defender
- GIAC Exploit Researcher and Advanced Penetration Tester
- CompTIA Security+
- CompTIA CySA+
- CompTIA PenTest+
4. Cyber Security Engineer:
Level: Senior
Role type: Technical
Average salary: $97,000 per year
Cyber security engineers build information security systems and IT architectures and implement access management controls to prevent unauthorized access and cyber-attacks. They develop and enforce security plans, standards, protocols and best practices, and build emergency plans to ensure infrastructure, applications and services can be quickly restored in case of a disaster. Proactive thinking, planning and action are critical. Cyber security engineers often spend a lot of time finding system vulnerabilities through penetration testing and figuring out how to deal with potential risks before they become serious security issues. They may also review other areas that affect IT security and recommend improvements.
Cyber security engineers also have the following responsibilities:
- Deploying and configuring firewalls and intrusion detection systems;
- Updating or implementing new security software and hardware; and
- Running encryption programs
- Responding to detected security threats
- Move data to an uncompromised location or isolate compromised data
- Help the organization recover from a data breach.
They must have strong communication skills to explain complex issues to management and articulate the best ways to implement the latest security plans and procedures. They may also have to work with law enforcement following an attack.
Education and skills
Bachelor`s degree or higher in computer engineering, cybersecurity, information security or a related field
- Secure coding practices and vulnerability detection
- Risk assessment
- Secure network design and architecture
- Firewall architecture
- Computer forensics
- Identity and access management
- Virtualization technologies
- Encryption technologies
- Defending against advanced persistent threats, malware, phishing and social engineering
- Certifications
- CompTIA CySA+
- CompTIA CASP+
- Cisco Certified Network Professional Security
- (ISC)² CISSP
- More on building a cybersecurity career
- Enhancing your cybersecurity know-how is a great way to start moving into a job on a security team. Check out these resources for some initial steps to take:
5. Network security architect
Role level: Senior
Role type: Technical and management
Average salary: $126,000 per year
Network security architects play a critical role in strengthening the security of enterprise architecture while maintaining network productivity, efficiency, availability and performance. They help translate business needs into functional systems, define appropriate policies and procedures for those systems and help train users and administrators. They also keep an eye on budgetary and operational constraints. Interpersonal and managerial skills are important for this role, in addition to technical know-how.
To ensure ongoing security throughout the network lifecycle, network security architects take both defensive measures, such as firewall and antivirus configuration, and offensive measures, penetration testing. They oversee network changes to ensure they don`t put the organization at risk. They are expected to have advanced knowledge of security tools and techniques related to firewalls, penetration testing and incident response. Network security architects must also understand computer networking requirements, including routing, switching and trust domains, as well as security best practices, technologies and industry-standard frameworks.
Education and skills
Bachelor`s degree in computer science or a related field and a Master`s degree in cyber security are preferred.
- Strategic planning
- ITIL and COBIT IT process models
- TCP/IP networking
- OSI model
- Intrusion detection systems
- Risk management
- Single sign-on identity management systems
- Virtual private network layers and connections
- Protocol encryption
- Certifications
- CompTIA Network+
- (ISC)² Information Systems Security Architecture Professional
- GIAC Defensible Security Architecture
- CREST Registered Technical Security Architect
Leading Institutions offering the programs in Cyber Security are as follows:
Mode of Cyber Security Courses (Offline)
- Indian Institute of Technology, Madras, Chennai.
- Indian Institute of Technology, Bombay, Mumbai.
- Indian Institute of Technology, Kharagpur.
- Indian Institute of Technology, Delhi, New Delhi.
- Indian Institute of Technology, Kanpur.
- Indian Institute of Technology, Roorkee.
- Indian Institute of Technology, Hyderabad.
Cyber Security Courses
Multiple options are available for candidates prospecting their careers in Cyber Security. Candidates can pursue a degree, PG course, diploma and certification Cyber Security courses at UG & PG levels.
Degree Cyber Security Courses:
- Candidates can obtain BTech or BSc degree in Computer Science (CS) & Cyber Security after completing class 12th.
- BTech degree programmes are of 4 years while BSc in CS/ Cyber Security has a 3-year course duration.
Diploma Cyber Security Courses:
- Candidates can pursue a diploma in Cyber Security courses at both UG & PG levels.
- The duration of UG & PG Diploma courses ranges from 10 months to 1 year.
Cyber Security Certifications:
- Certification courses in Cyber Security are basically short-term courses majorly offered online
- The course duration can range from three to six months.
Mode of Cyber Security Courses (Online & Offline)
Offline Cyber security
- Candidates can pursue Cyber Security courses full-time, part-time or online.
- While a majority of cyber security courses are offered as full-time programmes by the government and private colleges,
- Cyber security certifications are more popular among prospective students.
Online Cyber security
- Online cyber security courses are offered by various educational agencies
- This will equip a learner with the skills needed to defeat all online threats including advanced hackers, trackers, malware, cybercriminals, etc. to protect infrastructure, data, information, architecting cloud-based security and much more.
- These courses include online-demand video, e-learning content and a certificate upon course completion.
Online Cyber security
The list of online cyber security courses offered by different agencies;
Certification
|
Duration
|
Fees
|
Certified Risk and Information System Control by Udemy
|
3 years
|
Rs 2,240
|
Certified Ethical Hacker by Udemy
|
3 months to 2 years
|
Rs 10,560
|
Cisco Certified Network Professional
|
3 months to 1 year
|
Rs 11,250 to Rs 26,250
|
Cisco Certified Information Security Expert
|
3 months to 1 year
|
-
|
ISACA Certified Information Security Auditor
|
-
|
$575 for members and $760 for non-members (vary based on membership status and personal preference for study materials and training selections)
|
Certificate in Information Security by Simplilearn
|
3 months to 1 year
|
Rs 84,499
|
ISACA Certified Information Security Management
|
-
|
$575 for members and $760 for non-members (vary based on membership status and personal preference for study materials and training selections)
|
ISC Certified Information Systems Security Professional
|
-
|
$125
|
Regular Cybersecurity Courses
The details of regular cybersecurity available at the undergraduate and postgraduate levels can be seen below.
Degree
|
Duration
|
Fee
|
BTech/ MTech in Computer Science Engineering with Cyber Security
|
BTech: 4 years, MTech: 2 years
|
BTech: Rs 12 Lakh (vary from college to college)
MTech: Rs 4 Lakh (vary from college to college)
|
BTech/ MTech in Computer Science Engineering with Cyber Security & Quick Heal
|
BTech: 4 years, MTech: 2 years |
BTech: Rs 12 Lakh (vary from college to college)
MTech: Rs 4 Lakh (vary from college to college)
|
BTech/ MTech in Computer Science Engineering with Cyber Security & Forensics
|
BTech: 4 years, MTech: 2 years |
BTech: Rs 12 Lakh (vary from college to college)
MTech: Rs 4 Lakh (vary from college to college)
|
BTech/ MTech in Computer Science Engineering with Certified Cyber Security Investigator
|
BTech: 4 years, MTech: 2 years |
BTech: Rs 12 Lakh (vary from college to college)
MTech: Rs 4 Lakh (vary from college to college)
|
BTech/ MTech in Computer Science Engineering with Networking & Cyber Security
|
BTech: 4 years, MTech: 2 years |
BTech: Rs 12 Lakh (vary from college to college)
MTech: Rs 4 Lakh (vary from college to college)
|
BE in Information Technology with IBM
|
4 years |
Rs 8 Lakh (vary from college to college) |
BSc in Information Technology Management and Cyber Security
|
3 years |
Rs 90,000 to 4.3 Lakh |
BSc in Cyber Security
|
3 years |
Rs 1,40,000 (vary from college to college) |
BCA with Microsoft Cloud Computing and Cyber Security
|
3 years |
Rs 1,00,000 (vary from college to college) |
BCA Hons. In Cyber Security
|
3 years |
Rs 1,00,000 (vary from college to college) |
Cyber Security Specialisations
- Cybersecurity courses in India are offered across various specialisations.
- Given below is a list of Cyber Security Specialisations candidates can choose when willing to take up a course in Cyber Security.
Specialisations in Cyber Security
|
Degree
|
Certification
|
IT Management & Cyber Security
|
Cyber Expert and Investigator
|
Computer Science with Cyber Security & Quick Heal
|
Information System Auditor
|
Information Security with IBM
|
Information Security Management
|
Computer Science with Cyber Security & Forensics
|
Information Systems Security Professional
|
Computer Science with Cyber Expert Investigator
|
Security Professional
|
Computer Science with Networking and Cyber Security
|
Certified Systems Engineering
|
Cyber Security Syllabus
The syllabus for Cyber Security varies for various courses. Take a look at the generic course curriculum for Cyber Security courses.
Syllabus for Cyber Security Courses
|
Introduction
|
Overview of the course
|
Economics of information goods
|
A brief history of the field: why study cybersecurity as an economics problem
|
Security engineering for economists
|
Economics for Engineers
|
-
|
Measuring Cyber Security
|
How to measure cybersecurity?
|
Data collection and processing
|
Metric in practice
|
Case study: security metrics for botnet mitigation by ISPs
|
Security Investment & Management
|
Security strategies
|
Optimal information security investment
|
Risk management
|
Operational security management
|
Market Failures & Policies
|
Public Goods
|
Externalities
|
Information asymmetries
|
-
|
Policy Interventions to Correct Market Failures
|
Ex-ante safety regulation/ex-post liability
|
Information disclosure (trust seals, certifications
|
Indirect Intermediary Liability
|
-
|
Case study: cooperation and information sharing
|
Phishing takedown
|
The role of intermediaries
|
The Human Factor
|
Introduction to behavioural economics
|
The heuristics and biases of tradition
|
Applying behavioural economics: consumer behaviour and deception
|
The behavioural economics of privacy
|
Security economics and policy
|
-
|
Online Cyber Security Course Syllabus
Online Cyber Security Course Syllabus
|
Introduction
|
Welcome and Introduction to the Instructor!
|
Security Quick Win!
|
Goals and Learning Objectives - Volume 1
|
Study Recommendations
|
Course updates
|
Cyber Security and Ethical Hacking Careers
|
The Threat and Vulnerability Landscape
|
Theory and Practical
|
Goals and Learning Objectives
|
Protect What You Value
|
What are Privacy, Anonymity and Pseudonymity
|
Security, Vulnerabilities, Threats and Adversaries
|
Asset Selection
|
Threat Modeling and Risk Assessments
|
Security vs Privacy vs Anonymity - Can we have it all?
|
Confidentiality, Integrity and Availability - (Security Attributes)
|
Defense In-Depth
|
The Zero Trust Model
|
The Current Threat and Vulnerability Landscape
|
Goals and Learning Objectives
|
Why You Need Security – The Value Of A Hack
|
The Top 3 Things You Need To Stay Safe Online
|
Security Bugs and Vulnerabilities - The Vulnerability Landscape
|
Hackers, crackers and cybercriminals
|
Malware, viruses, rootkits and RATs
|
Spyware, Adware, Scareware, PUPs & Browser hijacking
|
Spamming & Doxing
|
Social engineering - Scams, cons, tricks and fraud
|
CPU Hijackers - Crypto Mining Malware and Cryptojackers
|
Darknets, Dark Markets and Exploit kits
|
Governments, spies and secret stuff part I
|
Governments, spies and secret stuff part II
|
Regulating encryption, mandating insecurity & legalizing spying
|
Trust & Backdoors
|
Censorship
|
Cyber Threat Intelligence – Stay Informed
|
Encryption Crash Course
|
Goals and Learning Objectives
|
Symmetric Encryption
|
Asymmetric Encryption
|
Hash Functions
|
Digital Signatures
|
Secure Sockets Layer (SSL) and Transport layer security (TLS)
|
SSL Stripping
|
HTTPS (HTTP Secure)
|
Digital Certificates
|
Certificate Authorities and HTTPS
|
End-to-End Encryption (E2EE)
|
Steganography
|
How Security and Encryption Are Really Attacked
|
Setting up a Testing Environment Using Virtual Machines (Lab)
|
Goals and Learning Objectives
|
Introduction to Setting up a Testing Environment Using Virtual Machines
|
Vmware
|
Virtual box
|
Kali Linux 2018
|
Operating System Security & Privacy (Windows vs Mac OS X vs Linux)
|
Goals and Learning Objectives
|
Security Features and Functionality
|
Security Bugs and Vulnerabilities
|
Usage Share
|
Windows 10 - Privacy & Tracking
|
Windows 10 - Disable tracking automatically
|
Windows 10 - Tool: Disable Windows 10 Tracking
|
Windows 10 – Cortana
|
Windows 10 – Privacy Settings
|
Windows 10 - WiFi Sense
|
Windows 7, 8 and 8.1 - Privacy & Tracking
|
Mac - Privacy & Tracking
|
Linux and Unix “like” Operating systems
|
General Use Operating Systems (Windows, MacOS and Linux)
|
General Use Operating Systems With a Security and Privacy Focus (Debian, Arch)
|
Pure Security Focused Operating Systems (QubesOS, Subgraph OS, Trisquel OS)
|
Anonymity-Focused Operating Systems (Tails and Whonix OS)
|
Penetration Testing and Ethical Hacking Focused Operating Systems
|
Mobile Operating Systems with Security & Privacy Focus (LineageOS, Sailfish)
|
Linux - Debian 8 Jessie - Virtual box guest additions Issue
|
Security Bugs and Vulnerabilities
|
Goals and Learning Objectives
|
The Importance of Patching
|
Windows 7 - Auto Update
|
Windows 8 & 8.1 - Auto Update
|
Windows 10 - Auto Update
|
Windows - Criticality and Patch Tuesday
|
Windows 7, 8, 8.1 & 10 - Automate the pain away from patching
|
Linux - Debian - Patching
|
Mac - Patching
|
Firefox - Browser and extension updates
|
Chrome - Browser and extension updates
|
IE and Edge - Browser and extension updates
|
Auto-updates - The Impact on privacy and anonymity
|
Reducing Threat Privilege
|
Goals and Learning Objectives - Removing Privilege
|
Windows 7 - Not using admin
|
Windows 8 and 8.1 - Not using admin
|
Windows 10 - Not using admin
|
Social Engineering and Social Media Offence and Defence
|
Goals and Learning Objectives
|
Information Disclosure and Identity Strategies for Social Media
|
Identify Verification and Registration
|
Behavioural Security Controls Against Social Threats (Phishing, Spam) Part 1
|
Behavioural Security Controls Against Social Threats (Phishing, Spam) Part 2
|
Technical Security Controls Against Social Threats (Phishing, Spam, Scam & Cons)
|
Security Domains
|
Goals and Learning Objectives
|
Security Domains
|
Security Through Isolation and Compartmentalization
|
Goals and Learning Objectives
|
Introduction to Isolation and Compartmentalization
|
Physical and Hardware Isolation - How to change the Mac Address
|
Physical and Hardware Isolation - Hardware Serials
|
Virtual Isolation
|
Dual Boot
|
Built-in Sandboxes and Application Isolation
|
Windows - Sandboxes and Application Isolation
|
Windows - Sandboxes and Application Isolation - Sandboxie
|
Linux - Sandboxes and Application Isolation
|
Mac - Sandboxes and Application Isolation
|
Virtual Machines
|
Virtual Machine Weaknesses
|
Virtual Machine Hardening
|
Whonix OS - Anonymous Operating system
|
Whonix OS - Weaknesses
|
Qubes OS
|
Security Domains, Isolation and Compartmentalization
|
Private Colleges/ Universities: These institutions offer Master`s in Cyber Security
- K L University, Belagavi
- Amity University, Jaipur
- Digital University Kerala
- Ganpat University, Mehsana-Gozaria North Gujarat,
- The LNM Institute of Information Technology - Jaipur
- Marwadi University Rajkot
- Sharada University, Greater Noida,
- Amity University, Noida
- Shanmugha Arts, Science, Technology and Research Academy, SASTRA University, Thanjavur district, Tamil Nadu.