Thursday, September 19, 2024

EXCLUSIVE: Nurturing Cyber Security Talent – Trishneet Arora Envisions India’s Future Tech-security 

TAC Security Founder stresses AI fraud monitoring, global collaboration, and user education for robust digital payment security

Introduction: This week on Industry Innovators, we feature Trishneet Arora, Founder of TAC Security, in an EXCLUSIVE conversation with Senior Journalist Mahima Sharma. Starting at 19, Arora established TAC Security, a San Francisco-based cybersecurity powerhouse. In a pioneering collaboration with a US government agency, TAC Security’s ESOF tech secured them for over three years. Partnering with Indian entities like CBI and Gujarat Police, it audits UPI apps and secures the Bombay Stock Exchange (since Nov ’22). Discover Arora’s end-to-end app security strategies and his insights on the next decade of cyberspace.

Mahima: What’s your take on the Digital Personal Data Protection Bill, 2023?

Trishneet Arora: This landmark bill marks an important step in safeguarding personal information and emphasizing the significance of privacy in today’s digital era, applicable to both individuals and businesses.

- Advertisement -

The Data Protection Bill responds to the urgent requirement for a comprehensive framework to oversee the gathering, processing, safekeeping, and movement of personal data. It acts as a strong defense against unauthorized entry, data breaches, and improper use, fostering greater trust in individuals and strengthening reliance on digital transactions. It stands as a pledge to uphold citizens’ privacy rights and cultivate a secure digital environment.

Vital elements of the Data Protection Bill incorporate rigorous measures for managing consent, anonymizing data, reporting breaches, and transferring data across borders. By establishing lucid directives and benchmarks, the bill empowers individuals to maintain control over their personal data and encourages responsible data management within organizations.

Adhering to the bill’s provisions becomes imperative for enterprises, as it guarantees the safety of customer data, amplifies transparency, and reduces the risks connected with data breaches.

- Advertisement -

Mahima: How secure are UPI payments for the end user? Can you give 5 tips for our users to prevent them from falling into a scam or cyber theft?

Trishneet Arora: Whether it is a secure access code for authorizing transactions or transaction limits to minimize losses, UPI payments have several measures in place to protect end users. I would like to share some five tips with our users for their security:

  • Avoid sharing sensitive personal information, such as social security numbers, passwords, or financial details, via email, phone calls, or text messages. 
  • Before clicking on links or downloading attachments from emails, verify the sender’s email address or contact information. Look out for signs of phishing, such as misspellings or suspicious domain names.
  • Create strong passwords, including a mix of uppercase and lowercase letters, numbers, and symbols. Additionally, use different passwords for each online account to prevent multiple accounts from being compromised if one password is leaked. 
  • Wherever possible, enable Multi-factor Authentication or MFA for online accounts as it adds an extra layer of security by providing users with a second form of verification, such as an OTP sent to their mobile device, in addition to their password.
  • Regularly educate your users about the latest cyber threats. Provide them with information on how to recognize and report suspicious activities to your organization’s IT or security team.
UPI Payment

Mahima: From India to the WORLD, UPI has set off a digital payments revolution in the world. But cyberattacks pose a significant and consistent risk to digital payment systems. What future steps must be taken be taken to enhance the security systems in India?

Trishneet Arora: UPI has been a game-changer in the Indian digital payments landscape, offering convenient and instant money transfer services. However, the growing popularity of digital payments also attracts cybercriminals, posing significant risks to the security of these systems. To enhance the security of digital payment systems in India, several steps can be taken:

  • Implementing advanced authentication methods, such as biometrics or hardware-based tokens and mandating multi-factor authentication for high-value transactions can bolster the security of UPI transactions. 
  • Developing sophisticated fraud monitoring systems powered by AI and ML algorithms will help detect anomalous patterns and potential fraud in real-time, enabling proactive responses.
  • Collaborative efforts like fostering partnerships with cybersecurity experts, researchers, and academia to stay updated on emerging threats and best practices can lead to the development of robust security solutions for the UPI ecosystem.
  • Encouraging UPI application developers to adopt secure coding practices will help them adhere to industry standards for software development. Additionally, UPI platforms should comply with relevant data protection regulations and industry standards. 

Mahima: As nation-state cyber attacks and geopolitical cyber warfare continue to pose significant threats, how does TAC Security contribute to bolstering India’s cyber defence capabilities and protecting critical infrastructure from advanced persistent threats (APTs)?

Trishneet Arora: TAC Security works in tandem with different stakeholders to contribute to bolstering India’s cyber defense capabilities. It helps Indian organizations proactively prepare for potential cyber threats by offering threat intelligence services that involve monitoring and analyzing cyber threats globally and by staying informed about emerging APTs and nation-state cyberattacks. It also provides consultation services to government bodies and critical infrastructure providers and offers expert guidance on strengthening cybersecurity posture and resilience against APTs. Additionally, the company provides cybersecurity training and offers awareness programs to organizations and their employees globally. The firm is actively involved in cybersecurity research and collaborates with government agencies, cybersecurity alliances and international partners to share threat intelligence and best practices. 

Mahima: In the face of evolving cyber threats and rapidly advancing technologies, what steps do you think need to be taken to ensure that Indian businesses and organizations stay ahead of the curve in terms of cybersecurity preparedness?

Trishneet Arora: Cybersecurity is an ever-evolving industry. Hence, to stay ahead of the curve, organizations should conduct regular cybersecurity assessments to identify vulnerabilities and potential risks. Next, they should prioritize cybersecurity efforts based on risk assessment findings and develop a comprehensive incident response plan to address cyber incidents promptly. Organizations should also invest in cyber insurance to provide financial protection in case of cyber incidents.

They should stay updated on cybersecurity regulations and compliance requirements and meet the necessary standards. Recruiting and retaining skilled cybersecurity professionals will help them understand security needs and effectively respond to emerging threats. Providing ongoing cybersecurity training to all employees will further help create a security-aware culture within the organization. Additionally, companies should train developers to identify and remediate security vulnerabilities early in the development process.

Organizations should enforce secure coding practices throughout the software development lifecycle and the use of MFA for accessing critical systems and sensitive data. Assessing the cybersecurity posture of third-party vendors and partners who have access to the organization’s data or systems will ensure they comply with relevant regulations. Additionally, organizations should encourage collaboration with industry peers, cybersecurity organizations, and government agencies to share threat intelligence and best practices.

Mahima: Cybersecurity skills shortage is a significant challenge worldwide. How must India address this issue to nurture talent within the nation and bridge the industry’s skills gap?

Trishneet Arora: Addressing the cybersecurity skills shortage in India requires a multi-faceted approach to nurture talent within the nation and bridge the industry’s skills gap. Encouraging the integration of cybersecurity education into formal academic curricula at various levels will create a strong foundation for nurturing cybersecurity talent from a young age. Establishing specialized cybersecurity courses and training programs in collaboration with industry experts and academic institutions will be pivotal in producing skilled professionals. 

Cyber secutity

The government’s support in the form of financial assistance and incentives to individuals pursuing cybersecurity education and certifications can also be integral in bridging the talent-skill gap. Organizing national-level cybersecurity competitions and challenges will further help identify and nurture deserving talent. Such initiatives will also give a platform to students and professionals to showcase their skills and learn from real-world scenarios. Launching public awareness campaigns will be integral in promoting cybersecurity as a career option and raising awareness about the importance of cybersecurity in today’s digital world. 

Fostering collaboration between academia and industry will help meet the evolving needs of the cybersecurity landscape. Promoting the use of online learning platforms offering cybersecurity courses and certifications will further provide flexibility for individuals to learn at their own pace and acquire new skills. 

Mahima: What kind of skill set a future security expert would need to have to keep pace with AI and other such tech-advancements?

Trishneet Arora: To keep pace with technological advancements as a future security expert, one should possess a diverse and evolving skill set that combines technical expertise, adaptability, and a deep understanding of emerging threats. Here are some key skills a future security expert should have:

Security experts should be capable of using AI/ML algorithms for threat detection and improving incident response. Having hands-on experience in ethical hacking and penetration testing will be vital in identifying vulnerabilities in systems, networks, and applications. 

As organizations increasingly migrate to the cloud, a future security expert should have in-depth knowledge of cloud security architecture and best practices. Security experts should also be well-versed in secure coding practices and have the ability to review code for potential vulnerabilities. Understanding cryptographic principles will be vital for implementing secure communication channels and data protection.

Security experts should be proficient in configuring and managing firewalls, intrusion detection/prevention systems, and other network security tools. Proactive threat-hunting capabilities and incident response expertise will be integral in detecting and mitigating advanced threats. Additionally, soft skills, the zeal to learn and adapt continuously, and data analysis and visualization are other key traits professionals should have to make a mark in the field of cybersecurity in the future. 

About Trishneet Arora

Trishneet Arora, Founder & CEO of TAC Security, a San Francisco-based Cybersecurity and Risk Management Company. Trishneet graced St. Gallen Symposium’s Top 200 “Leaders of Tomorrow” twice (2018, 2022), and Fortune India’s 40 Under 40 list twice, the youngest both times. A two-time honoree on “Top 100 Great People Managers List” (2020, 2021) and Entrepreneur of the Year 2020 (Security Services). His influence spans Forbes 30 Under 30 Asia 2018, GQ’s 50 Most Influential Young Indians 2017, and Mayor Javier Gonzales declared “Trishneet Arora Day” in 2017. Under Trishneet’s guidance, TAC Security’s ESOF Vulnerability Management Solution safeguards Fortune 500 companies globally. Invited alongside top leaders, he addressed Prime Minister Narendra Modi’s event during his US visit.

Disclaimer: The opinions expressed within this interview are the personal opinions of the protagonist/protagonists. The facts & statistics, the work profile details shared by the protagonist/ protagonists do not reflect the views of TechThirsty or the Journalist. Neither TechThirsty nor the Journalist hold any responsibility or liability for the same.

- Advertisement -
Mahima Sharma
Mahima Sharma
Mahima Sharma is an Independent Senior Journalist based in Delhi NCR known for her multi-niche news reach. She has been in the field of TV, Print & Online Journalism since 2005 (earlier additional three years in the allied media). With a rich professional history at CNN-News18, ANI - Asian News International (in collaboration with Reuters), Voice of India, and Hindustan Times, Mahima is also the Founder & Editor of The Think Pot. Recipient of various awards for different works beyond journalism as well, Mahima Sharma was conferred with the REX Karmaveer Chakra (Silver) 2023, presented by iCONGO in partnership with the United Nations. Known for her Digital Media Strategy skills, in 2022 she was assigned the pivotal role of Entrepreneurship Education Mentor at Women Will, a Google-backed program in collaboration with SHEROES.

Related Articles

Stay Connected

2,814FansLike
179FollowersFollow
1,600SubscribersSubscribe
- Advertisement -spot_img

Latest Articles