Tag Archives education

Follow KITTEN to avoid your next cyber security incident

By Posted on 0 Comments3min read134 views

This pic of the kitten looks cute & cuddly but can you imagine a funny cat picture can destroy your data?

Life of Information Security Analysts and Engineers was hell last year, given last year what we have in Internet Security; Rise of Ransomware, Inside Threats, Heartbleed, DirtyCOW and so on. Security Engineers, Analysts and Auditors work so hard to secure organisation; They try to test each and every system on the network, share best practices, share newsletters for do’s and don’t; despite all these efforts, people do some silly thing by ignoring the common sense.

Let’s dissect some of those bad choices, with the help of our little kitten friend

K is for Kiosk Charging

We have all seen those charging stations at conferences, airports and even on aeroplanes, enticing you just to plug in and relax while devices charge. In the old days, power and data flowed through separate cables, but modern mobile devices require that both charging and data flow through a single cord. Without seeing what’s on the other end of that charging kiosk, plugging your phone in can mean that you are allowing access to the data on your phone and possibly even the injection of malicious code, which is known as juice jacking.

To protect yourself, carry a USB charger and plug into an electrical outlet, invest in a USB prophylactic that will allow power flow but block data flow or charge only through a power bank.

I is for Installing Patches Late

Nearly 75 percent of cyber attacks use publicly known vulnerabilities in commercial software, but only about 10 percent of organisations have the capacity to apply patches on the same day they are released. Do your best to be part of that 10 percent, for catnip’s sake!

T is for Thoughtless Clicking

There are many wonders to behold on the Internet. Whether it is an email with a link proclaiming “cutest kitten picture ever!” or a click-bait headline on social media, think before clicking.

Do you know the sender of the email? Is the destination site or publication a reputable one? At best, you have wasted time clicking through to another weird corner of the Internet, and at worst, you are clicking through to a malware host for a drive-by download. Think before you click.

T is for Third-Party Access to Personal Data

Do you know why that game app needs access to your contacts? Alternatively, why that navigation app wants access to your health data? Be mindful of the permissions you grant to apps on your mobile devices and what data they may be sharing on your behalf. If you are suspicious of an application and its need for permissions, compare it to others in the same category to see if there’s consistency for a particular permit type or if it is an indicator of data gathering for potentially illicit purposes.

E is for Egregious Password Practices

Password hygiene continued to be problematic and was one of the key factors cited in the X-Force Threat Intelligence Quarterly as contributing to insider threats. Whether it is multi-user accounts, easy passwords or passwords that never expire, this lack of accountability on user provisioning and privileges is leaving significant holes in corporate networks.

Even with adequate termination procedures, having shared admin accounts or unexpired passwords leaves doors open to disgruntled ex-employees if they take advantage of remote administration tools like LogMeIn or TeamViewer before their departure.

N is for ‘Not Me’ Thinking

There’s a certain haughtiness that an information security analyst and others in the industry can adopt in thinking that they are too well-versed in security practices to ever be the victim of an attack. Social engineering has evolved to such levels of sophistication that even the most seasoned practitioner can fell for it.

No universal security karma prevents those of us in this industry from being infected; It is just your common sense and active that can reduce the risk or avoid any major incident if you are lucky.

Source: Security Intelligence



Engineers : Face of unemployment in India

By Posted on 1 Comment7min read126 views


Engineering; A degree every K-12 student studying science dreams to have without giving a second thought about understanding whether they have the potential to be a good engineer; this is the sole reason that we are churning out around 1.5 million engineering graduates every year and only 20% of them are employable. One of the major problems with fresh graduates is their insufficient understanding of basic concepts and the lack of in-depth understanding of technical information. People often argue that we are making more engineers than there are jobs in Industry but what I have found on ground that there are enough jobs available but candidates lack required skills for the jobs. In my personal experience recently I had interviewed around 200 candidates for the job of python developer and only 3 were able to pass basics programming test containing questions like making a CSV parser. Most of the candidates I come across are engineering graduates; they are not engineers, they just crammed the contents that was in the book, have no practical knowledge, know absolutely nothing more than definitions and will put their life on line to argue rather than seeing what is true by practically doing it.

Shivam Saluja CEO of BaseZap, a Web Hosting Company says “When we go for hiring engineers we find that most of them don’t have hands-On experience of solving the problems they are going to face, because they haven’t faced any. In short words they don’t have any practical exposure.”

The IT services industry is not growing at the same pace as before and the growth of entry-level jobs is diminishing. Companies are now looking for hiring candidates who already have decent expertise in programming. Secondly, IT services companies today realize that within two years of the job, the candidate will have to communicate with international customers. As these trends catch up across industry, the employability for IT services sector, which is the largest hirer in engineering, will diminish further. To remain competitive in the job market, colleges and students need to have a fresh focus towards programming and English (both written and spoken).

According to the HRD ministry in July 2016, India has 6,214 engineering and technology institutions which are enrolling 2.9 million students. Around 1.5 million engineers are released into the job market every year. But the dismal state of higher education in India ensures that they simply do not have adequate skills to be employed.

Where being an engineer was once used to be a matter of respect now is in such shambolic and deteriorating condition that Indian Engineering graduates are applying for jobs of peon :/ what makes me more worried that eligibility criteria for this job was just class 5th. If we look at India employability report by Aspiring Mind, a research firm; we can clearly come to a conclusion that condition of technical education in India is abysmal. As per the report the employability of candidates for IT Industry related role lies between 3-10%. So now the questions what exactly we are doing wrong?

Here with help of a few good friend I have tried compiling a list of things which I think need serious improvement.

Outdated Syllabus and Learning Culture: Whatever the reasons might be for the poor show, I believe it is sad that India’s best universities are nowhere in the Top 100 in the world. The best India could do as of now: The Indian Institute of Science (IISC) in Bengaluru is at 152 and the Indian Institute of Technology (IIT)-Delhi is at 185 in the QS World University Rankings.

Indian curriculum is behind times as far programming languages are concerned. Where Institutes like MIT have replaced C with Python for teaching computer concepts we are still stick to C and Turbo C++ compiler as standard which is dead from a long time. Apart from it; students lack logical thinking ability to solve complex problems. The course contents do not focus on areas which will actually help in the job industry after employment. There is a big gap between what the market needs and what Indian education equips its future employees with. Despite exponential changes in science and technology round the world, the syllabus is hardly ever updated. The traditional education sector in India has not evolved at the same pace as the industry. The expectations that the companies have from their candidates and the skills that engineering graduates bring in, do not match

Theory vs Practical: Most Indian engineering graduates, fail when they are expected to apply basic principles to solve real-world problems. With neither the requisite analytical skills nor a commendable command of the domain, they flounder. They need “specific” training. That’s an expense that not everyone in the industry wants to incur. Most of the engineering colleges never think of providing a quality time on PRACTICAL approach for students. Hands On experience & Real time applications is something not seen in most of the engineering colleges. Universities need to bridge this gap and soon. For instance, they can encourage participation in coding challenges that companies like HackerEarth and CodeChef conduct and introduce IT engineering students to competitive programming or hackathons.

Lack of Quality Teachers: As there are more than 6000+ colleges granting engineering degrees one point is clear that There are not enough quality teachers for all of these educational institutes. After multinational companies, the IT big shots of India, and the smaller engineering companies have had their pick, many from the remaining engineering graduates go on to get a PhD and join as faculty at engineering institutes. Thus, unlike other parts of the world, the Indian faculty is not comprised of the very best of the industries who have the skills to create brilliant students. Most educated engineers join teaching as a profession not because of passion, but because they have to earn a livelihood. The few good professors prefer administrative positions because of lower intellectual demands coupled with higher pay packages.

Lack of innovation and research: Students need to be motivated enough to innovate or think for themselves. As the new HRD minister Prakash Javadekar recently said, “Why do we lack innovation in India? Because, we don’t allow questioning. We don’t promote inquisitiveness. If a child asks questions in school, he is asked to sit down. This should not go on. We need to promote inquisitiveness, children should ask questions.” Students must be given the space and scope to think and innovate, to question and come up with solutions. This applies to both school education and higher education. Such are Indian students trained right from their primary education that they never learn to question or innovate. Rote learning instils in students a sort of complacency for more than 12 years of education and they are unable to make the shift from un-questioning learners to innovators in the job market.

Lack of skill-based education: Skill-based education is another immediate need. Engineering students need to have hands-on training on the basis of the problems they are likely to encounter in the real world.  While the vast numbers of engineering students in the country study their textbooks, give their exams and collect their degrees, it is only when they encounter the real world problems do they realise their shortfall. By then, they have to take extra time in order to skill themselves or suffer unemployment.

Lack of exposure: Given that the end goal of technical education is a placement in a college, the amount of exposure given to students about the industry is also very little. It is not until the final year of their college that they begin to understand what the industry really wants. An early exposure to industry can give students an idea of what is relevant in the industry, which they can learn in their own time.

Lack of Career Counselling: Most people who score high in 12th take up engineering as a career, without realizing that good marks do not equal engineering aptitude. Due to this, many of such students are unable to “get” the concepts or secure a job. Over the years, the lucrative opportunities that a professional life in the technology industry has provided, has made engineering sciences the de-facto choice for graduate studies. Whether or not the student has the aptitude for the stream is not taken into account, resulting in uninterested engineering candidates, who haven’t taken to their subjects as much as they should have, making them irrelevant to the industry.

Lack of Proper Language skills: The Aspiring Mind Employability reports attributes the lack of English communicative skills, which they found in 73.63 per cent of candidates, and low analytical and quantitative skills, which they discovered in 57.96 per cent of candidates to be other main reasons for unemployment. Even the IT sector requires employers who are fluent and well versed in English, as within around two years of experience on the job, they would have to communicate with international customers. Thus, if the quality of engineering graduates do not improve, IT sector hiring will also go down.

Lack of Soft Skills: Soft skills have become very important in the present job industry, but they are routinely ignored in educational institutes. This is perhaps the trickiest issue. The lack of ability of the individual to deliver his views effectively at the interview leads to rejection of even the most brilliant candidate. This is because training institutes do not make an effort to ensure that the candidates develop their skills in a wholesome manner which can contribute towards client-handling and team communication skills.

Incapability to learn major subject in the respective stream: Most of the students who choose their stream as Computer science engineering will find it difficult to write a simple program. Student has to do 2 projects and submit in the final year semester. Instead of doing these projects on their own, they buy the project from coaching institutions submit it in the college.

I am sure you can think of so many more reasons why our engineering graduates are feeling the pinch of rising unemployment more than ever. These problems have been around for a while now and if they still haven’t changed, I don’t expect them to change either.

Note: This article is a result of a proper internet search and inputs from some my friends from academia and industry.
Sources: – HackerEarthIndia TodayQuoraQuora.