India still vulnerable to Information Security Threats, says EC-Council

Intending to identify major gaps in the present-day skill situation, EC-Council Foundation has unveiled the second phase of their report “Talent Crisis in Indian Information Security”, at a roundtable held in New Delhi. The report clearly showcased talent levels in nine crucial segments of information security, the implications of which could impact handling of cyber threats in industries such as Banking and Economy, Defence, Healthcare, Information, Energy and more.

The methodology used involved the studying and understanding of data assembled during the EC-Council’s Code-Uncode contest which saw over 10,000 students from various colleges across India, participating.

The report also revealed that meagre 28 per cent participants understood the process of Authentication and Authorization, a skill crucial to data protection and an essential skill needed by programmer.

Akash Agarwal, Country Head, India, EC-Council, said, “The first phase of our report was an analysis of the secure programming skills of students across India, but with this second phase, we have come across a serious talent crisis and skill gap in vital areas of programming. We cannot afford to lag behind from the rest of the world. It is fair to say that there are only proven ways of continuously managing the risks and getting the younger lot trained with right skills and knowledge is our best preparation for the future.”

Only approximately 29% participants were adept in the area of Input Validation. While 66% displayed poor handling skills in Session Management, only around 36% were equipped with sound fundamentals of secure coding knowledge. 28% participants displayed the ability to be good cryptographers and a lukewarm 39% proved eligible to efficiently handle prospective Application Architecture risks. Only 30% were well prepared to take on roles in Code Reviewing.