You are here: Home » Technology » IT/ITES
Business Standard

Skills in cyber security, a report

M Saraswathy  |  Mumbai 

India’s talent pipeline in information security-skills emerges at its weakest with just under a percentage of student population in engineering equipped with basic skills in information security. This report by EC-Council, the global professional certification body for IT security related programmes, looks into the skill gaps gaps and its consequences.

ALL INDIA Skill Level Analysis (in %)
Skilled 0.97
Trainable 12.74
Ineligible 86.29

In the individual skill categories too, candidates have performed poorly

Performance of the candidates in individual skill categories (in %)
Category Pass Fail
Application Architecture 38.99 61.01
Authentication & Authorisation 28.14 71.86
Code Review 29.71 70.29
Cryptography 28.23 71.77
Error Handling 25.14 74.86
File Handling 26.58 73.42
Fundamentals 35.42 64.58
Input Validation 28.96 71.04
Session Management 34.11 65.89

EC Council said that Improper handling of errors and exception makes you vulnerable to

-Disclosure of sensitive information
-Denial-of-service attacks

Distributed denial of service attacks have been used to divert security personnel attention while millions of dollars were stolen from banks, according to a security researcher

Improper authentication and authorization makes you vulnerable to credential theft, eavesdropping, brute-force and dictionary attacks, account hijacking, information leakage, disclosure of confidential data among others.

Improper input validation makes you vulnerable to cross-site request forgery, cookie manipulation, form field manipulation among others.

To fill this gap, EC-Council has comprehensive secure programming training programmes through its EC Council Certified Secure Programmer (ECSP).

Source: EC-Council

First Published: Fri, February 21 2014. 18:36 IST
RECOMMENDED FOR YOU