Today we have one of the most experienced person of Information security domain who has rich experience of working with security professionals and the persons playing key roles in this industry. He has been advising various IT security firms to manage and enhance their services. Hackers Interview team had a valuable discussion with him where he shared his experience and knowledge with us to survive and pursue a successful career in this filed.
So let’s have a look on his interview :
Team Hackers Interview : Hello Mr. Dinesh, please introduce yourself to our readers.
Dinesh Bareja : I am an Information Security professional, presently working in areas like Cyber Insurance, Managed Services and helping organisations build their SOC and security practice.
Team Hackers Interview : Why you’ve decided to pursue Information Security as your career option?
Dinesh Bareja : I found the IS domain to be fascinating and decided to pursue this as the application of the skill is endless. I was surprised that it needs common sense and no one has thought about applying this uncommon item for security and, as a result, we see endless demonstrations of breaches, hacks, and crimes which are unique. Now it has been more than 12 years since I started looking at getting work in this domain and the excitement keeps me going.
Team Hackers Interview : How you had started your journey in cyber world?
Dinesh Bareja : My journey started on the BBS services sometime in 1992/93 – I was searching for the means to reach out through the wires and found the bulletin board services to be a great medium. Then I started my online business in 1995 (gift delivery services all over India through Pacific Gift Service) and when VSNL offered internet services in August in the same year, it gave me the opportunity to learn more and learn faster and expand my online business to other countries like UK, USA, Italy, Turkey etc. You can search for the website on the wayback machine! It was a simple one page HTML site and there was no worry about web app security (however, a couple of times someone did try to use a stolen card)
Team Hackers Interview : Tell us about your experience in this field.
Dinesh Bareja : Over the years I have worked abroad and in India in various consulting assignments covering ISO, business continuity, VA/PT, Application Security, IT infrastructure, incident response, forensic response and designing IS enterprise security strategy.
Team Hackers Interview : What are your major contribution in this field?
Dinesh Bareja : It is difficult to think of one “major contribution” so I shall let that pass because every assignment has brought about a sense of accomplishment learning and joy. So every assignment is a major contribution to my own growth and to the growth and well being of the organisation for which it was done.
Team Hackers Interview : What advice will you give to our readers to stay safe online?
Dinesh Bareja : Use common sense and try not think you are too smart! Many people think they know everything and that is the first problem, just stay away from discussion (or arguments) with such people. Live life online as you would in real life – this means you behave or speak nicely and make sure your maintain your values and ethics.
Team Hackers Interview : What do you think what are the myths general public may have about Ethical Hacking?
Dinesh Bareja : Only one myth – that hackers are upto no good! I believe that hackers are good and intelligent folks, but I do not like that they want to be called Ethical Hackers. I mean how did you assume you are ethical? Who told you or gave you that certificate! In any case, if you are a hacker you will just hack and find out how things work and I do not think you will want to be told you are ethical or not.
In any case, my request is that you live up to being called a hacker and do some good research (don’t just forward messages of research published overseas) – work at discovering how things work and how it can be made better. There is much more to being a hacker than being a VAPT or AppSec professional !
Team Hackers Interview : What certifications will you suggest to newbies which may help them in growth and enhancing their knowledge in Information Security?
Dinesh Bareja : The only suggestion is to work hard and learn from any and all online sources as well as from your mentors and peers offline. Certifications do not teach you anything and you should start looking for getting certifications once you have some years of work experience.
Team Hackers Interview : Do you think Indian Government should implement some new rules or laws to prevent cyber crimes? If Yes, then kindly mention what it should be?
Dinesh Bareja : There are so many rules that it is a challenge! The government should increase the law enforcers (police and judiciary) and these folks should understand cyber security. Plus government should continuously look at upcoming technologies and threats to be prepared for the new risks and crimes.
Team Hackers Interview : What measures or provisions will you suggest to Indian Government for fighting against cyber crimes?
Dinesh Bareja : Too many to list here… but one of the points I have already mentioned above.
Team Hackers Interview :Do you think cyber security plays a special role after the Digital India initiative taken by Mr. Narendra Modi Ji.
Dinesh Bareja : Digital means digital and if we think of this as ‘only’ digital tech there is a big problem. So, security has be built-in and technology has to be usable and secure so that Digital India is delivered and is resilient. And, that Digital India does not fall down at the hands, whims and fancies of some unknown malicious player.
Team Hackers Interview : What do you think, how serious is government about cyber security since you have rich experience of working with government officials.
Dinesh Bareja : Government is increasingly becoming more and more serious about cyber security, but, the pace is slow. There are a number of challenges, and I am sharing a few here – there is (or seems to be) a lack of collective strategy to address cyber security and this is another fault; departments are hypnotised by foreign products, solutions and people leaving out the Indian entrepreneur with little support; senior people across government entities are technology-challenged and become road blocks for security ennoblement; many organisations have been created with big budgets but no department has done any solid work in creating the workforce (or the professionals who shall head these organisations)!.
In 2013 I wrote a paper on the Top 5 challenges for India in Information Security (Government, Enterprise, People) and this is still valid – your readers can search and find the document on the internet.
“Thanks Dinesh for giving your precious time to our readers.”
Author: Yogesh Prasad
Ethical Hacker | Information Security Consultant | Cyber Security Expert