Jain Temple

Hot Spots

India Links
Call Home


Art & Culture
Book Shelf



About Us

Contact Us
About Us

Article by Mohan Babu


Information security industry awaits boomtime

The security industry is poised for the kind of growth witnessed in IT during the nineties, as most global organisations today consider enterprise network security as a strategic priority, writes Mohan Babu

Even with the downturn in the tech sector, information security is perhaps one area that has shown tremendous potential. Information security has received a renewed focus after September 11. The different areas of info security including the design, development and deployment of systems that enhance physical security have gained prominence. With most businesses and organisations regarding enterprise network security as a strategic priority, the security industry is poised for the kind of growth witnessed in IT during the nineties.

Companies have already tightened access to their systems and core applications, and are scrambling to ensure that they restrict access to the applications without hindering the free flow of information across the organisation. Securities of systems need to go hand-in-hand with a focus to customers’ wants and a customer who has gone through a number of levels of security is likely to be disgruntled. However, this also means that customers have to be educated about the need for security, working as partners to the business. What exactly comprises the nascent area of information security? I am no expert in this area, but as a keen student of emerging technology, I decided to interview a few peers and gathered the following basic facts:

  • Information security includes network security and firewalls: It also includes a study of advanced TCP/IP, security fundamentals, security implementation, router security and attack methods.
  • A secure defence is the best line of attack and includes network defence and countermeasures: Risk analysis, firewalls, intrusion detection systems, security policies and virtual private networks.
  • Information security is a vast area: Security includes user interface security, including PKI and biometrics concepts and planning, cryptography fundamentals, digital signatures, biometrics fundamentals, PKI fundamentals, PKI standards, strong authentication, sign-on solutions, file encryption solutions, certificate server deployment, PKI solutions and applications, secure émail implementation and network forensics.
  • Information security begins at home: A system is only as secure as its weakest link. Even the best systems can be hacked by someone who has access to the physical machine/network/box. Hence physical security of a system is as important as the logical security of the systems and networks.

Given the focus on this area of IT, there are a number of bodies that are gaining prominence in the area of ‘Information System Security’. Foremost among them is (ISC)2 that conducts a number of certification programmes (like CISSP). Needless to say, there are also a number of academic programmes offered by universities in the US, UK and elsewhere. I was recently corresponding with Manoj Kumar, a networking and security engineer working for Vinciti Networks in Bangalore, who wrote to me about the impending boom in this sector (in India). He talked about a few consultants and institutions starting to provide courses in information security there, and went on to add that a number of smaller institutions and players are waiting to wet their feet. I was not surprised by the ingenuity of domestic players in this sector. However, having seen the boom and bust in tech economy recently, I don’t see a successful proliferation of B and C players who will jump in and start providing training in ‘security’ to eager students wishing to fly out to the US, UK or elsewhere.

If information security is so hyped up, will the demand for Indian software/networking professionals specialising in security see a boom? Probably not, this is because most countries are becoming extremely security conscious, and will think twice before they “import” foreigners to work on their internal security systems. Even though Indians are known around the world for their technical prowess, they will find it hard to break into the Cosa Nostra, inner circle, in foreign countries, especially in the current security-conscious climate. For instance, the US government has a policy in place to allow only citizens (not even Green card holders) to work on their internal government systems, that too after thorough whetting in the form of “security clearance and verification”. The government is also extremely wary of letting systems pertaining to national security that includes core business areas, out of the preview of its governing bodies. For instance, even during the dotcom boom, the American government realised the significance of Internet and commercial data that was riding on the Net. The government nudged businesses to create fault-tolerant systems that would enable the systems to function even during worst case hacker attacks.

If Indians will not be employed by companies and governments in foreign countries to work on their security systems, what future do Indians who wish to get into this nascent area have? My guess is as good as yours, however, given the world-wide reach of technologies and systems being deployed, national boundaries will have a lesser role in defining the role of technologies and systems adopted around the world. What this means is that multinationals operating around the world will have to customise their systems to suite the requirements of local countries where they operate, providing the right amount of security required by local customers. In order to do this, they will have to employ locals in domestic markets where they operate. As Indian companies start maturing by going global, they will start looking for world-class professionals to help them secure their systems in the international marketplace. I see a growth in the domestic market for security professionals, especially those trained in western encryption and networking technology.

Indian companies that develop world-class software and security products confirming to recognised global standards would also do well. Case in point: a number of Israeli companies have already gained a foothold in the area of commercial systems security, acquiring global patents for their products. They are poised to reap the benefits of globalisation of security systems around the world. With the best brains working on R&D, with vision and insight from NRIs in the US, UK and elsewhere, even Indians can reap the benefits.




About the Author

  • A Bio and profile of the author, Mohan Babu, can be found at his homepage
  • Mohan has authored a book on Offshoring and Outsourcing (Publisher McGraw Hill, India), a link to which can be found here
  • Mohan has also authored an Online book on "Life in the US," available for free download.
  • Sponsored Advert

    Advert: Visitor's Travel Insurance

    Click for free online Quotes


    For FAQ, Trivia and Information on Life in America, visit the Ask-A-Desi section

    ©Mohan Babu: All Rights Reserved 2005

    Mohan Babu is an international consultant trying to find the ‘sweet spot’ where IT meets business. E-mail: mohan He is also the author of a recent book on "Offshoring IT Services"

    All rights are reserved. Mohan Babu ("Author") hereby grants permission to use, copy and distribute this document for any NON-PROFIT purpose, provided that the article is used in its complete, UNMODIFIED form including both the above Copyright notice and this permission notice. Reproducing this article by any means, including (but not limited to) printing, copying existing prints, or publishing by electronic or other means, implies full agreement to the above non-profit-use clause. Exceptions to the above, such as including the article in a compendium to be sold for profit, are permitted only by EXPLICIT PRIOR WRITTEN CONSENT of Mohan Babu. 

    Disclaimer: This document represents the personal opinions of the Author, and does not necessarily represent the opinion of the Author's employer, nor anyone other than the Author. This Article was originally published in Express Computers


    GaramChai® 1999-2005