Saturday, 14 May 2016

On 03:52 by admin   No comments
It is a huge privilege to be granted an interview with Nitin Pandey, a cyber security expert whose contributions are acknowledged by government and private sectors. 

Nitin Pandey, holding Masters in Computer Application and a security enthusiast. He is Chairman of DEFCON Lucknow | OWASP Lucknow Convention, Former OWASP India Leader and also the Founder of Hackers Day. He also likes penetration testing and web app developing whenever, he gets time.

1. As a renowned cyber security expert, can you give us a brief background on when and how your interest in cyber security sparked ?

I stepped into this field few years back when I was pursuing my bachelors in Computer Application. So, Instead of attending classes I ended up having stuck to my computer at home and learning more and more about hacking. As I belong to Uttar Pradesh, being most populous state it packs together a huge percentage of unaware internet users. That was the main reason to start DEFCON Lucknow. Then I conducted first ever InfoSec conference in my state.

2. You are recognized for your works. In your personal point of view, what is your greatest contribution to the industry ?

In my personal point of view I think my greatest contribution to InfoSec Community is establishing this platform for new and young talented security researchers to showcase their talent. I have noticed that most of the time new faces get ignored which is completely unfair. Everyone deserves equal chance to share their knowledge. Before that I had conducted an individual research work and it revealed the fact that Uttar Pradesh government websites were damn vulnerable to attacks. The databases were out dated the least secured ones. That's why I decided to spread awareness.

3. Can you describe the impact and results of the Cyber Security Conferences you have conducted ?

Well, in today’s cyber world security is no more “a good to have” but “a must have”. The impact of DEFCON Lucknow is mind-blowing. I hadn't expected that within 2 years it will become India's one of the biggest security conferences. I personally believe that the best solution to secure IT domain is Awareness. It is a critical component in protecting an organization’s most important asset - its data. Training users to identify and avoid risks and make good judgments online are critical elements of network security in which we got succeeded twice. 

So many talented youngesters get ignored by other security organizations as they keep repeating their loved ones but new researchers are coming out with their precious knowledge and potential through DEFCON Lucknow and many more will come. I am highly thankful to people who supported and helped me a lot to work for the betterment of the nation. 

4. Based on experience, what are the most difficult cyber security issues that you encountered ?

There are plenty of issues in cyber security nowadays. Online frauds are increasing day by day. Web or Software developers are unaware of security stuffs (especially in government sector) that’s why Indian government sites get attacked often. Governments need to provide incentives for industry to invest in security at a level that is not justified by corporate business plans. India has so many skilled and potential young security guys but the problem is lack of scope in security. More employment in security domain is primary requirement.

5. How do you perceive the state of cyber security in the next 10 years ? What should we prepare for ?

Cyber attacks happen daily which clearly shows the importance of security. I would just like to say that Cyber Security is going to be “Fifth Dimension of Security” in upcoming years. We need to spread awareness as much as we can. Police, Web or Software developers must be well trained. Developers should always follow OWASP guidelines whi;e developing Web applications. People are trained to perform their jobs in technology, accounting, sales, etc. but lack the basic knowledge of how to protect company data from the outside. You can’t assume that everyone knows the rules, cautions and dangers. Attackers are getting better and better at disguising their methods, it’s not always obvious.

6. What Role Does Local Government Play In Cyber Security ?

Well frankly speaking, state government has nothing to do with cyber security. Of course they have established cyber cells in few cities but what about district cyber cells? Recently I visited a district cyber cell and what I saw was shocking. Cell officers were totally untrained and even they don’t know how to turn on the system. Are they capable to solve cyber crime cases? That’s the ground reality. I oftentimes see such cases when people become victim of cyber frauds but can’t do anything. Talking about Central Government, in an order to create participative, transparent and responsive government, Prime Minister launched the much ambitious “Digital India' program recently which is a great initiative and an appreciative step towards making India a powerful Cyber Secured nation.

7. In terms of computer / web security, what are the countries that show preparedness for cyber terrorists ?

Working on the improvement of cyber security will reduce the chances of success for all classes of attackers.

8. What are your future plans ?

I am planning to conduct “HACKERS DAY” conference in New Delhi probably in July and AppSec India in November this year. Hackers Day is basically a youth oriented Information Security Organisation for promoting, demonstrating & spreading awareness regarding the field of Information Security. The main motive to establish this community is to spread awareness about the real insights of Hacking and Security.


Post a comment