Indian industries are already facing a shortage of skilled security professionals. The major dearth is of competent experts who understand the subject very well and can work to mitigate the risks. The shortage is going to be more acute, as demands for compliance goes up with regulations like IT Act, sectoral guidelines issued by RBI and SEBI and stringent penalties provisioned under amended UASL for Telecom sector. To deal with this challenge, a multi-pronged approach is best suited, that targets multiple levels – entry level, vocational, college/University education and on-job training.
Joint Working Group of the National Security Secretariat has recommended setting up of the Institute of Cyber Security professionals of India, to train and certify professionals in Cyber Security, very similar to how the Institute of Chartered Accountants operates. This is an excellent idea, but the success will depend on aligning the course content with industry requirements. International certifications like CISA, CISSP are preferred globally today because the courses are designed with active involvement of the industry. However, these certifications are expensive and will have a limited contribution to capacity building in India. India needs its own strategy.
Initiatives from Trade bodies like ASSOCHAM and Skill Sector Councils, under NSDC’s PPP model, are perhaps the best bet at this moment. Qualification Packs or Skill requirements are being defined for different levels of jobs in consultation with the industry. The council will have private partners who will train and certify aspiring candidates in line with requirements laid out in the qualification packs. A Skill Sector Council, specifically for Cyber Security will go a long way in assigning priorities it deserves. Currently, it is included in IT/ITES SSC.
Coordination and collaboration among different entities working in this area are important so that duplication of effort is minimized at the government and industry level. Cyber Security Integrators (India) is working towards providing specialized content to students and corporate executives through a hybrid model, with both online and classroom training bundled. With quality training, India will meet domestic as well as global needs in Cyber Security.