[ISN] 99% of future IT workforce does not understand basic concepts of secure coding: Jay Bavisi

Forwarded from: security curmudgeon Says the man running EC-Council, who’s web site was defaced multiple times this weekend. On Mon, 24 Feb 2014, InfoSec News wrote: : http://businesstoday.intoday.in/story/secure-coding-jay-bavisi-ec-council-nasscom-hcl/1/203605.html : : By Manu Kaushik : Business Today : February 22, 2014 : : The National Cyber Security Policy released by Indian government last year : aims to create a workforce of 500,000 cybersecurity professionals in the next : five years and build a training infrastructure through the : public-private-partnership (PPP) model. Malaysia-based Jay Bavisi, President, : EC-Council, a company that is involved in training and certification of : cybersecurity professionals, says that the situation is worrisome for India as : far as cybersecurity is concerned. The US-based EC-Council came into the : limelight last year when reports emerged that Edward Snowden, the man who : turned whistleblower against the National Security Agency and revealed its : global spying programme, was trained at one of its training institute in New : Delhi in 2010. Edited excerpts: : : : Q. How prepared is India against growing cybersecurity threats? : : A. The problem that we are facing with hacking actually stems from the : inability of coders to actually code securely. In India, we ran a competition : where we partnered with more than 100 colleges, NASSCOM, HCL and several other : large corporations. The results showed that almost 99 per cent of the future : IT workforce in India does not understand the basic concepts of secure coding. : : We think that a better model is that every single developer, before he/she : touches a code, has to be security-conscious. In India, the financial sector : is extremely vulnerable because of the sheer risk associated with the sector. : Then come defence, IT and telecom. But I think the risk is sector-agnostic. : There’s a major risk for India simply because it’s a leading exporter of : software in the world. : : : Q. You are working with various government departments in India. What has your : experience been? : : A. We are working with at least 15 government departments. We have trained law : enforcement agencies, defence communities and peripheral agencies. Our : engagement with government agencies is something we would not like to discuss : due to confidentiality issues. : : […] : : : :