What India Sorely Needs: Cyber Forensic Experts

CSOs across large enterprises welcome the collaborative effort of DSCI and (ISC)2 in rolling out a Cyber Forensic Certification program for Indian professionals.

Most security professionals across Indian enterprises echo a similar sentiment--that it is difficult to find trained and certified cyber forensic professionals in India. Most agree that fraud or any security incidents require forensic investigation and evidence gathering, which demand specialized skills and training--something that security teams are not equipped with.

With the huge need for cyber forensic professionals in mind, (ISC)2, the not-for-profit membership body of certified information and software security professionals (with nearly 100,000 members worldwide) partnered with Data Security Council of India (DSCI) and launched the Certified Cyber Forensics Professional – India (CCFPSM-IN) certification in India.

The CCFP is the global standard currently available for assessing experienced digital forensics professionals’ mastery of the discipline. Originally available only for the U.S. and South Korea, it was recently made available in the European Union.

DSCI, a self-regulatory and not-for-profit organization, is set up by India’s National Association of Software and Services Companies (NASSCOM) to localize the CCFP and meet the specific needs of the Indian forensics community. 

Ingredients of the CCFP Certification

According to Clayton Jones, Managing Director, Asia Pacific at (ISC)2 , the CCFP is an expert-level credential that offers a common, internationally recognized body of knowledge; it offers a comprehensive, yet advanced knowledge that today’s experienced cyber forensics practitioners must demonstrate.

Jones claims that many of the existing certifications available today are of a foundational level and focus on a narrow aspect of the cyber forensics realm. 

Dinesh Pillai@@@ CEO@@@ Mahindra SSG.Dinesh Pillai, CEO, Mahindra SSG.

After the success of its CISSP certification program for security professionals, (ISC)2 initiated the cyber forensic focused program for the Indian market. “The idea to develop the specialized program was triggered by the Research report by Poneman Institute on data breaches--which revealed a significant spike in legal defense spending, while breaches involving third-party organizations remained the most costly, due to lack of cyber forensic expertise to prevent breaches.”

Jones further added, “Customizing the CCFP certification program for the Indian market is a strategic move as we found that there were no forensic tools or solutions available which met the specialized need, and that there was a huge gap in terms of possessing forensic investigation capabilities.”

“We partnered with DSCI to get the local flavour in our course structure, as it provided subject matter expertise in identifying the nuances of legal procedures,” says Jones.

According to him, DSCI helped in terms of adding features which were compliant with Indian legal procedures and got involved in detailing facts as to how to conduct forensic exercises. “While 80 per cent of the course structure is common across all geographies, about 20 per cent would have country specific ingredients,” says Jones.

According to Vinayak Godse, Director-Data Protection, Data Security Council of India, a NASSCOM initiative, there is a critical need for developing forensic competencies among cyber forensic professionals to understand legal procedures, while presenting it in the court of law.

“As part of the localization initiative for CCFP-IN, we have incorporated local skill requirements for digital forensics professionals in India into the CCFP content. The upcoming official (ISC)2 training that DSCI will offer will benefit local cyber forensics practitioners, especially in conducting digital investigations following a breach and protection of the digital evidence trail, says Godse.

Muktesh Chander@@@ IPS@@@ Special Commissioner@@@ Delhi Police.Muktesh Chander, IPS, Special Commissioner, Delhi Police.

“We have ensured that the training modules on legal and procedural process as per the Indian IT Act are included in the content to help professionals conduct appropriate evidence management investigations,” avers Godse.

CCFP-IN is targeted at corporate investigators, government entities, IT & BPO industries, banking, financial services and insurance sectors and IPR-focused industries. The course is structured to suit:

• Digital forensics examiners in law enforcement to support cybercrime investigations; 
• Cybercrime and cyber security professionals working in the government or private sectors; 
• Computer forensics engineers and managers working in corporate information security; 
• Digital forensics and e-Discovery consultants focusing on litigation support; 
• Cyber intelligence analysts working for defense/intelligence agencies; 
• And computer forensic consultants working for management or specialty consulting firms. 
The fee structure for the program would involve cost of the study material to the tune of Rs 2,700/USD45 and a registration fee towards the certification to the tune of Rs 60,000/USD 1,000.

According to Jones, the localized courses are offered at a 50 per cent discounted fee. After every three years, they could be re-certified; every year, CCFP certified professionals need to earn continuous professional education credits by appearing for an exam.

What it means to CSOs and Cyber Professionals

Welcoming the gesture, Indian CSOs and cyber security professionals find that the CCFC program being aligned with the Indian IT Act enables their teams to develop cyber forensic capabilities and equips them to present their case appropriately in a court of law. While most agree that some of the US based institutes have developed forensic related courses, this is the first time that a cyber-forensic certification program is being introduced which is of international standards.

Muktesh Chander, IPS, Special Commissioner, Delhi Police, who faces the challenge of not finding appropriate tools and technologies to conduct forensic investigations, besides their being very expensive, finds the CCFP program ideally positioned for Indian professionals.
“There is a huge demand by government agencies for cyber forensic experts to ensure that breaches are pre-empted and prevented, backed by appropriate legal procedures,” says Chander.

“Undergoing the CCFP program will throw up lot of job opportunities for the certified,who would feel much empowered; it would also influence other stakeholders in changing the existing mind-set and culture,” reiterates Chander.

Vishal Salvi@@@ Chief Information Security Officer@@@ ISG-Information Security Group@@@ HDFC Bank Limited.Vishal Salvi, Chief Information Security Officer, ISG-Information Security Group, HDFC Bank Limited.

Vishal Salvi, Chief Information Security Officer, ISG-Information Security Group, HDFC Bank Limited, believes that the CCFP initiative has come at the right time--when there is demand by the government’s IT Act law to get teams trained and certified.

“With the increase in cyber-crime, there is definitely a dire need for trained and certified forensic professionals, who can now be equipped to confront cyber fraud in a systematic and logical manner,” says Salvi.

“I would encourage and sponsor my team to undergo the CCFP program and have those teams with the right profiles and those who handle incident management within the bank,” confirms Salvi.

“Since forensic is part of any incident management strategy, my team would be in a position to conduct internal and external investigations along the lines of a proper chain of custody,” points out Salvi.

Vishal is of the opinion that globally, less than 20 per cent of the professionals are trained in cyber forensics, and that this initiative will build the teams’ credentials in handling cyber fraud.

Parag Deodhar, Chief Risk Officer, Vice President--Process Excellence & Program Mgmt with Bharti AXA General Insurance Co Ltd, India, argues that the new certification will prepare and certify Indian computer forensic professionals in the skills required to investigate cybercrimes and fraud and collect the required evidence in a manner admissible in the court of law in India. “Though this subject is part of forensic studies in courses at a few universities, we did not have any specific professional certification for it in India,” affirms Deodhar.

Deodhar currently has team members certified in fraud investigations and computer security, but this will be a specific certification for cyber forensics and for him. It would be good to have it for his forensic team. Doedhar comments, “This certification will have international best practices, tools and techniques for cyber forensic investigation. At the same time, since it is customized for India, it will help investigators gather evidence which is in line with Indian laws and regulations. Since it envelops Digital Forensics, Application Forensics & Hybrid & Emerging Technologies and also covers the latest technologies like Cloud, Mobile etc., it makes sense to encourage the team to go for it,” says Deodhar.

Parag Deodhar@@@ Chief Risk Officer@@@ Vice President--Process Excellence Parag Deodhar, Chief Risk Officer, Vice President--Process Excellence & Program Mgmt with Bharti AXA General Insurance Co Ltd.

Welcoming the joint effort of DSCI and (ISC)2 , V Rajendran, Advocate and Cyber Law Consultant, and  President, Cyber Socie ty of India (an NGO engaged in spreading awareness about security vulnerabilities in banking transactions), says that India faces the biggest challenge of lack of knowledge and forensic capabilities among stakeholders.

“Courses like CCFP will make our job easy in terms of spreading awareness about cyber crime and security risks and reaching out to the masses, backed as we would be by qualified professionals,” says Rajendran.

Dinesh Pillai, CEO, Mahindra SSG says that this is a good initiative to impart domain specific knowledge while keeping regional fraud risk landscape and challenges in consideration.

According to him , earlier, the study on Forensics was one dimensional and focused only on narrow aspect of the cyber forensic realm. With globally renowned player like ISC tweaking the certification to meet the requirements of Indian landscape, it will benefit local cyber forensics practitioners to conduct investigations digitally.

“We at MSSG deal with many assignments on fraud incidents which have digital origin and thus this certification would help in strengthening our capabilities further,” says Pillai.

He argues that the cyber threat landscape in India and around the world is changing rapidly and our fraud risk management vertical has built up core capabilities in various proactive and reactive services to help our clients in dealing with IT and Cyber related frauds. “We have a state of the art forensic lab which is equipped with advanced tools, technologies and trained human resources. I see this certification helping to further bolster our client confidence in our capabilities.” He informs.

What impressed most for Pillai is that customization, a key feature and the focus on cloud forensics which is appreciable. “I see this risk featuring more prominently in coming future. When a player like ISC coming into India, it is so very easy for them to provide their existing offerings to us as it is. However, it is their understanding of the local needs and making it convenient for the Indian professional to learn the International standards in Indian way is what makes the certification all the more important,” says Pillai.

Whenever there is a certification on International standard is on the offering, you expect the fees structure to be slightly on the premium side. One needs to keep in mind that the certification is the tried and tested global best practices tailor made to suit the Indian requirements.

Jones vouches for the program adding significant value to CSOs in terms of enabling them to take a systematic approach in the investigation process, bench marked against local requirements.

“Forensic teams will be imparted training in the best forensic techniques in digital evidence management, in conducting administrative investigation and IP related breaches and handling forensic investigations in all aspects related to social networking, virtual infrastructure, and big data and so on,” says Jones.

Add new comment