As the world shifts to telework practically overnight on account of the Covid19-induced curbs on public movement and interaction, the need for cybersecurity awareness is becoming more critical than ever.
The intensity of cyber attacks has increased manifold, as “work from home” pushes many to use their devices to connect to their office systems. With office infrastructure becoming more vulnerable as a result, hackers are finding it easier to deploy malware and compromise systems.
An out-of-job IT professional from Mumbai was recently cheated of Rs2 lakh (about A$3,810) by a work-from-home job racket. Soon after he had uploaded his résumé on a job search portal, he got a call from someone offering him a work-from-home assignment for a firm in another city. Once he agreed, he was sent a website hyperlink, a consumer ID and a password to undertake the required online data entry work for the corporate. Within days, however, he received messages purportedly from firm officers, who claimed he had submitted misleading entries into their system, and his errors had caused monetary losses to the company.
Though he denied their charge and requested them to re-check his work, he received similar calls from a man claiming to be the company lawyer. The man threatened legal action unless he paid a hefty fine. Terrified of being trapped in legal problems, he paid up, but when he received further calls demanding additional fines, he approached the police.
Investigations are on, but the police informed him about similar rackets that are exploiting those like him who have lost their jobs. Another modus operandi of cyber fraudsters has been to call people to ask them to update their “Know Your Customer” information for their e-payment platforms. The police have warned against downloading any apps on the instructions of unknown people or sharing OTPs (One Time Passwords) with them.
With employers, employees, students and others working increasingly online from home, this quick change in the corporate environment is creating opportunities for cyber criminals to take advantage of the expanding online activity and the inconstant security that many people have in their homes.
This is raising demands for cybersecurity professionals at a time there are not enough skilled candidates to fill crucial security roles. Security teams are consequently understaffed and strained for time, rendering online operations vulnerable and opening avenues for cybercriminals. Many intrusions or breaches that are now occurring can be partially attributed to a gap in cybersecurity skills.
Such a cyber skills gap affects organisations worldwide and, ultimately, the digital economy. Globally, businesses, government and academic institutions are finding it imperative to collaborate in order to address this issue. Sunnyvale-headquartered cybersecurity major, Fortinet, is positioning itself to address the cyber skills gap.
As a founding member of the Centre for Cybersecurity of the World Economic Forum (WEF) and Cyber Threat Alliance, Fortinet collaborates with both the private and public sectors to deliver a response to the growing sophisticated cybersecurity threats.
Fortinet has set up the Network Security Expert (NSE) Training Institute that reaches out to job seekers and career changers to develop new skills, reskill or upskill to transition into a career in cybersecurity. Through its Corporate Social Responsibility initiatives, it is seeking to create more cybersecurity career pathways by opening up its NSE self-paced security training courses for free to anyone who is interested, including the Fortinet Security Academy Programme (FSAP).
The 2019 ISC² (International Information System Security Certification Consortium) Cyber Security Workforce Study points out that while there are 2.8 million professionals working in cybersecurity globally, there is need for an additional four million trained workers to close the skills gap and properly defend organisations. A Forbes Insights survey commissioned by Fortinet finds that Chief Information Security Officers (CISOs) are looking for more talent and better training for employees.
Fortinet claims that organisations of all sizes can benefit from its turnkey information security awareness and training service that educates workforces about today’s cyber threats, such as phishing, social engineering, and ransomware attacks, and how to protect against them. It also has no-cost non-technical courses for educating teleworkers and their families about proper security protocols to keep themselves and their organisations’ networks safe.
FSAP focuses on creating a diverse pipeline of security professionals, by partnering academic institutions and non-profits worldwide. These comprise over 300 Authorised Security Academies in more than 80 countries where these institutions have incorporated the programme’s NSE training and certification content into their curricula.
In India, these academies include 19 new universities, such as Annasaheb Dange College of Engineering & Technology, Bennett University, Institute of Advance Management & Research, Shri Venkateshwara University, SASTRA Deemed University, Seacom Skills University, St. Xavier Catholic College of Engineering, Sri SaiRam Engineering College, and Sri SaiRam Institute of Technology.
“For years, Fortinet has been committed to closing the cybersecurity skills gap through our NSE Training Institute programmes,” remarks Rajesh Maurya, Fortinet’s Regional Vice President for India & SAARC. “By supporting these leading universities in India, we are arming the next generation of security leaders with the skillset and knowledge the industry so desperately needs.” He says that the 19 universities will now be able to prepare students for career success in network security, allowing them to obtain both theoretical lectures and hands-on laboratory practice offered through FSAP.
Dr Deepak Garg, Professor and Head of Bennett University’s Department of Computer Science Engineering (CSE), mentions that by providing industry-recognised certification as part of its curriculum, Bennett will ensure that its students gain the required expertise to become part of an elite group of skilled security professionals for whom there is a great demand.
Cybersecurity and IT professionals, and teleworkers can opt for Fortinet’s self-paced curriculum of cybersecurity training courses at no cost, until the end of 2020. The courses span basic cybersecurity awareness training to advanced training on security-driven networking, dynamic cloud security, AI-driven security operations and zero-trust network access. Completion of these courses will help cybersecurity professionals defend their networks against the widest range of ever changing threats.
For those interested in training options beyond self-paced, Fortinet has a network of Authorised Training Centres (ATCs) around the world providing training in a variety of formats, including live virtual instructor-led.
“Knowledge in cybersecurity is a skill that is sought out by many employers in India and around the world,” observes Dr. V.S. Shankar Sriram, Associate Dean for Computer Science and Engineering & In-charge IT Services, SASTRA Deemed University. “The NSE certifications that are part of our FSAP curriculum which our students now have access to will help them be better equipped to launch their career in cybersecurity.” He indicates that SASTRA consistently provides the IT market with quality technology professionals, and Fortinet’s programme helps it further its mission by introducing this globally recognised certification.
Seacom Skills University chairman Anish Chakraborty concurs. “In the face of mounting cybercriminal activity and increasingly sophisticated forms of attacks, companies are looking out for cybersecurity professionals to defend against cyber threats,” he says. “Through FSAP, students can expand their skill levels for a career in cybersecurity, and this collaboration will help Seacom to assist in creating a more educated workforce by helping our graduates to transit quickly into skilled cybersecurity professionals and fill the skill gaps in the industry.”
