Vikas on Security

Gartner Security and Risk Management Summit , Mumbai 01- 02 Sep 2016. Why I attended this Summit In my quest for enhancing my information security knowledge and remaining in touch/keeping abreast with latest trends in this field, I was advised by various InfoSec professionals to attend the Gartner Security and Risk Management Summit. This annual summit was held in India for the first time in 2015 in Mumbai and was held this year in 2016 on 01 st and 02 nd September in JW Marriott in Mumbai. Gartner is leading research and advisory company whose analysts research and present papers on latest trends in various IT related fields. The Security and Risk Management fields deals with various information security related developments and their impact on business. It aims to equip security professionals with knowledge to solve business problems and make security an enabler to business. My feedback about the summit this year is given below. Registration As my registration...

Most persons active on internet for the last decade or two have a Yahoo email account. While many amongst us may have graduated to Gmail, some retain Yahoo as their primary email account and quite a few have it as their secondary account. Recently, Yahoo announced that 500 million user accounts had been compromised. The large number of records means that 10% of internet users’ email accounts have been affected. The data includes users' names, email addresses, telephone numbers, dates of birth and encrypted passwords. Yahoo claims that this was supposedly done by a nation state actor and the breach had been done way back in 2014. What implications does it have for individual users and what lessons can be learned from this ? What is the effect? The most alarming thing about the breach was that two years had passed since the breach and it took so much time for them to detect it, go public and announce it. Yahoo has conveniently deflected the blame from its security failure...

I recently received a query from a fellow veteran on value and requirement of getting certifications in Cyber Security. I have appended the question and my reply for others who are planning to delve into an information security career. Dear Vikas, Have gone through your linkedin profile. You are a highly qualified officer having even done CISM & PMP. I'm a ____ but have a fair amount of exposure in IT having done ADP(SAP), ADP(SYS) & two appts in IT Field ! However, I do understand practically a whole lot of things having executed & handled network projects, cyber security etc. I wish to ask you if it is worth getting certified in CISM, PMP & CISSP or not !! Thanks & regards, XYZ Dear Sir Being certified or not is a personal choice and there are number of arguments both for and against  getting certifications. My perspective is based on my requirements and aspirations which I will be outline below. For an Army Off...

While exploring and researching job options outside the Army on the Internet, I came across a reference to a Book called “What Colour in your Parachute ?”. This book can loosely be described as a Job Hunting Guide. However soon after I had ordered the book on Flipkart and started reading, I believe that it is the single most important reference every one of us in this group, who is either contemplating, in the process or already plunged into the civvy street, should read and use gainfully. The biggest fear which most Faujis have is that of job insecurity or unemployment Richard Bolles author of this book asks his reader to deal with this fear by having hope. He states that key to hope is have at least two alternatives. Two alternatives to describe ourselves, two ways to find/hunt for a job, two kinds of jobs to look for, two types of companies to go after, two places to work in and so forth. This is just one of many techniques which Richard deals with in his book for searchi...

As we buy bigger and more expensive cars in India I always wonder that for most people their car insurance costs would be a significant amount. On an average every car owner in India spends 5,000 to 20,000 rupees on insurance. This expense is governed and necessitated by need to offset the damage by regulation to your vehicle in case of an accident and also by regulation. Similarly there is a need to wear helmets and have cars with Airbags and ABS to prevent injury to the passengers. Now when we look at the large number of transactions we do and money we spend online do we similarly try to protect ourselves or offset our losses in case of an accident involving theft, impersonation or attack. As online sales and banking, transactions rise the probability of theft and fraud is increasing rapidly. However at the individual level most people are not concerned with the protection of their online transactions by taking necessary safeguards and countermeasures. Most individuals in In...