With the latest surge in e-governance and increasing transactions over the internet, cyber security audit firms are the next big trend in the offing.
'Ethical Hacking' companies will come up that will investigate and intrude a network system with the purpose of exposing the vulnerability points, said Debesh Das, minister for IT, West Bengal, at a counter-hacking workshop organised by NCS Computech in association with iViZ Techno Solutions.
Internet and IT security concerns are on the rise, given that cyber 'hacking' has evolved into an organised crime and computers around the world are systematically being victimised by rampant hacking, said Manohar Malani, chief executive officer, NCS Computech limited, the makers of the popular 'Quick-Heal' Anti-virus range.
NCS is all set to launch their new service Automatic Penetration Testing to test whether the security system is working properly, in September together with associate company iViZ Techno Solutions private limited.
There would be two kinds of services on the offer.
A one-time consultancy and the regular software service model that will check the system for possible security threats from time to time.
NCS has been doing trial-runs of the APT with corporates in the city.
This city-based agency has already roped in corporates like Ambuja Cements as their clients and has been servicing them for nearly a year now, claimed Malani.
APT will not replace the internal security system. It would be similar to a security audit.
While a manual audit of the security system involving human experts is both labour and time intensive, the APT works as an automated system requiring human intervention at a much later stage, Malani said.
Moreover, the system can be turned on anytime depending on the convenience of the client, cutting down on loss of work-hours. The cost of running an APT is around 3 to 4 times less than getting a manual audit done, he added further.
Given that now there is a non-disclosure agreement (NDA) for most of the service providers or business process outsource operations who have clients abroad, NCS and iViZ are hopeful of adding around 25 clients within the first 3 months of their launch.
"We would look at expanding to other centers in Rajasthan, Uttar Pradesh, and north-eastern states from January onwards, that is after we have consolidated our base in Kolkata," said Malani.
"We are at a stage of finalising strategic partners for our operations in Delhi, Mumbai and Pune," he added.
"The strategic partners would act as our marketing arm in the regions, while we would continue to provide back-end support," he said, refusing to name any prospective partner.
For other centers, NCS is looking at working with channel partners that would help reduce logistics costs.
As a security solutions providing company, NCS has an established network of over 1600 channel partners already.
NCS is not targeting the market in southern India as of now, as some of the existing players in Bangalore had already approached the company to provide a customised APT under their brand name, said Malani.
"We are looking at leveraging our brand value; such steps would only dilute the brand," he added.
The company is looking at tapping both the government institutions and organisations, and corporates for the APT.
"We are in talks with the ministry of finance, commercial taxes and others in the state government, and the situation is quite promising. We have been working with the Kolkata police, and are responsible for maintaining the entire internal security system of Lalbazaar for the last eight months, checking it against threats from virus and worms and other automated risks," said Malani.
They are in the process of getting the provision for APT sanctioned in their next budget, he added.
We are further advising them on measures to be adopted for content security, Malani said.
As a natural extension of their services and product portfolio, NCS has been conducting training workshops for the core security team of many corporates including state government undertaking firms like Webel Informatics.The awareness levels related to the need for cyber security measures are still quite low. Our main endeavour right now is to raise awareness amongst target groups in this regard, Malani said.