Archive for August, 2013


EC–Council addresses the Need for Skilled Professionals in India, To Train 40,000 Personnel in Cyber Warfare by Early 2014

New Delhi, July 31, 2013: EC-Council, the world’s largest certification and training organization in the information security domain, discussed strategies to meet global competition at a Roundtable on cyber security held in New Delhi, today. EC-Council emphasized that to elucidate the information security industry’s successes, failures, and future out of the box solutions it is essential that the cyber security industry implement, the model of the pharmaceutical industry in their fight against diseases.

The in-depth discussion was held between Mr. Jay Bavisi, Global President, EC-Council and Mr. Akash Agarwal, Country Manager- India, EC-Council on the current status of the cyber security scenario, industry and its challenges. Jay Bavisi said, “While data points show that we are losing the fight, it is clear that the solution to the plague will happen when we will inject the vaccine. It is evident that the best way to solve the cyber plague is by introducing a cyber-vaccine programme that is needed to start at all levels of society through combative education plans.”

Recent study shows that, 5.39 million local malware threats were detected on computers in India. A sensitive issue, India is lagging behind in its fight in cyber warfare. Any attack will result into financial loss, no matter how sophisticated the attack is.

Speaking about the Indian cyber security awareness, Akash Agarwal, commented, “The country needs 5 lakh cyber security professionals by 2015. In line with this requirement, EC-Council through its direst presence and efforts in India has created a capacity of 20,000+ and is well emote to double it in next 12 months’ time period.”

To address this issue, EC-Council has taken leadership position by initiating Code Uncode, India’s first ever nationwide hunt for the best secure programmer. It is a nationwide competition for students, professionals, colleges and corporate. The event will bring together existing and aspiring security enthusiasts from all fields of the infosec world from the Corporate and government bodies to academic institutions. EC-Council has hosted and funded its first competition Code-Uncode in India which is free of cost for the students.

Jay Bavisi is the Co-Founder and President of one of the largest IT Security certification bodies in the world, EC-Council, and the co-creator of the groundbreaking Certified Ethical Hacker (CEH) certification that launched ethical hacking as a mainstream career. He is also the recipient of U.S National Security Agency Colloquium 2013 awards with the 2013 Industry Leadership Award.

About EC-Council
EC-Council (International Council of E-Commerce Consultants) is one of the world’s largest certification bodies for Information Security professionals. EC-Council is a member-based organization that certifies individuals in various information security and e-business skills. It has been certified by American National Standards Institute to meet its ANSI 17024 standard. It is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs. These programs are offered in over 92 countries and over have trained over 120,000 & certified more than 60,000 security professionals through a training network of over 500 training partners globally.

Individuals who have achieved EC-Council certifications include those from some of the finest organizations around the world such as the US Army, the FBI, Microsoft, IBM and the United Nations.

For more information visit: www.eccouncil.org


Bank online with confidence

Authored by  – Anand Naik, Managing Director-Sales, India & SAARC, Symantec

Gone are the days of standing in a queue at the bank, with a token in hand waiting to make a transaction! Today, the internet allows us to perform so many banking transactions online – from checking account balances and transferring funds, to reviewing our credit reports and making bill payments. We no longer have to get in the car, drive to the bank, or communicate with a bank teller in person. For most of us, online banking offers tremendous time savings and the option to bank at our convenience. With the rapid advancement of technology, we’re now able to use our mobile devices to help take care of our banking needs, regardless of whether we are at home, at work or even on holiday!

However, there’s always a flip side to such major changes. Banking has evolved to be literally at our fingertips, but this convenience comes at a risk as the cybercriminals are continuously on the lookout to steal our money, our information and identities. The Norton Cybercrime Report 2012 found that globally, 18 adults become a victim of cybercrime every second, resulting in more than one and a half million cybercrime victims each day. The direct cost of cybercrime was an average of US$197 per victim across the world and in India, that amount was only slightly lower at US$192 or INR 10,585. Symantec’s Internet Security Threat Report XVIII reports that in 2012 mobile malware increased by 58 percent. With a 30 percent increase in the number of mobile OS vulnerabilities, consumers using banking services via their mobile devices are at a higher risk of data theft.

The Norton Cybercrime Report 2012 also revealed that 42 million Indians have been victims of cybercrime in the past 12 months, which is a 75 percent increase from the number of cybercrime victims the previous year. Some of the more common techniques cybercriminals use to steal our information are phishing and pharming. Phishing is a method by which fake emails – for example, messages that look like they are coming from our banks – are sent to users asking for their account numbers and passwords. Pharming techniques are used by cybercriminals who create legitimate-looking web pages to trick visitors into divulging these details. Both of these methods are examples of social engineering – where the users themselves are tricked, duped or lured into parting with private information.

Just last year, Symantec observed attacks where phishers spoofed the Reserve Bank of India’s Web site as a ploy for a tax refund scam. The phishing site attempted to lure users by stating that the bank would take full responsibility for depositing the tax refund to the user’s personal bank account. The user was prompted to select the name of the bank from a list of eight banks and enter their customer ID and password. Through this, phishers intended to steal the confidential information of customers of several banks from a single phishing site. The following page asked for credit/debit card number and PIN number. After these details were entered, the phishing site displayed a message acknowledging that the request for the tax refund has been submitted successfully. The user was then redirected to the legitimate Reserve Bank of India site, little knowing that they had just become a cybercrime victim.

While these clever ploys by cybercriminals may lead many of us to hesitate from banking online, there are precautions we can take to ensure that our information and hard-earned money are safe regardless of the channel we use for transactions.

If we are aware, vigilant and follow some basic guidelines, we can enjoy the convenience of banking online with confidence.

Quote from Anand Naik, “Today, cybercrime is much more prevalent than people realize. Cybercriminals have moved from more traditional forms of attack such as mass distributed malware, to more targeted attacks that include social engineering to gain access to sensitive and personal information. With an increasing number of Indians banking online, the need to remain alert has never been greater. With some common rules and a comprehensive security solution in place, we can all safely enjoy the benefits of online banking.”


In an effort to improve the course and training material available to Moroccan information security professionals, IT-Gnosis has teamed up with EC-Council to reduce copyright violations.

Finding reliable training materials and courses is an important component for information security professionals looking to develop their careers. The training market in Morocco has often left professionals looking to expand their knowledge of the latest information security techniques and trends with no other option but to turn to providers whose course offerings and methods are not authorized by those who created them. In the case of EC-Council’s broad range of courses and materials, one company is joining the fight against the widespread plagiarism in Morocco. IT-Gnosis, EC-Council’s exclusive representative and course provider in not just Morocco but France, Spain, Italy, Portugal, and Malta believes in being very selective when it comes to partners. Says IT-Gnosis founder Claire Kemp, the prevalence rampant copyright violations “… is why it is important to carefully handpick partners who are committed to offering first-class, authorized EC-Council certified training to Moroccan IT professionals.”

In that spirit, EC-Council announced that with the help of IT-Gnosis, Dataprotect has been named an authorized training center in Morocco. Dataprotect, a leading IT training company in Casablanca has been accredited by many other prestigious organizations before earning this nod from EC-Council, including PCI SSC and CGEM. Claire Kemp went on to say “I have no doubt that the quality of EC-Council certified trainings offered by Dataprotect will attract the ambitious IT professionals in the Moroccan market.”

EC-Council lauded their trusted partner IT-Gnosis for their help in identifying the most qualified and trustworthy partner in a region they know very well. The unauthorized training material that has so far been widely available in Morocco comes from training centers violating copyright laws to offer training and course material they have not been authorized to deliver. Students who enroll in these courses have no guarantee that their training or the certification conferred onto them by the training centers will be recognized by EC-Council. This has led to many frustrated students who were lead to believe that they were advancing their careers through this training but only found out later that the materials they encountered at these centers are not up-to-date or accurate.

About EC-Council
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. EC Council is the owner and developer of the world-famous E-Council Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), Licensed Penetration Tester (LPT) programs, and various others offered in over 60 countries around the globe. These certifications are recognized worldwide and have received endorsements from various government agencies including the US Federal Government via the Montgomery GI Bill, and the US Government National Security Agency (NSA) and the Committee on National Security Systems (CNSS) certifying EC-Council’s Certified Ethical Hacker (C|EH), Network Security Administrator (ENSA), Computer Hacking Forensics Investigator (C|HFI), Disaster Recovery Professional (EDRP), Certified Security Analyst (ECSA) and Licensed Penetration Tester (LPT) program for meeting the 4011, 4012, 4013A, 4014, 4015 and 4016 training standards for information security professionals and most recently EC-Council has received accreditation from the American National Standards Institute (ANSI).
For more information about EC-Council, please visit www.eccouncil.org.

DataProtect is a company specialized in information security. Founded by security experts who conducted several consulting projects and integration of security solutions in Morocco and abroad, DataProtect support its bid for a unified view of information security.

About IT-Gnosis
Since 2007, IT-Gnosis has been active in many parts of Europe, including France, Morocco, Switzerland, Italy, Spain, … Its activity is dedicated exclusively to IT security related trainings. Through partnerships with training centers and schools/universities, IT-Gnosis offers vendor neutral training and certifications, supports its partners in their development, and provides course materials, licenses for online Labs and eventually provides the certified trainers to deliver these courses. IT-Gnosis is the exclusive representative of EC-Council (worldwide known creator of the CEH-Certified Ethical Hacker training, among others …) in many European countries , particularly in France, Spain, Portugal, Italy, Malta and North Africa and point of contact for IP3 (CISSP training, CCSK, and S2R events, …) for these countries and for Switzerland. There are nowadays more than 30 training companies & schools/universities partnering with IT-Gnosis in these countries.