Executive Director IT and IS
What was your career in before you made the switch to cybersecurity?
I was heading an IT project in the Indian Navy before I switched over to cybersecurity.
Tell us about your journey transitioning from your primary career to cybersecurity.
While launching an application over a naval network in the Eastern Naval Command, the challenge was to protect information from unauthorized access. Knowing full well the implications of any loopholes, I decided to first educate and test the network myself before even seeking any external help. So, I learned ethical hacking and got myself certified by the EC Council. Then, I trained my team and secured the network before launching the application. I found the career to be very challenging, demanding, and fulfilling. As I was one of very few certified ethical hackers, I got support from my command to carry out security audits of many units. This gave me a solid foundation for my career in cybersecurity in the corporate world after my naval service.
Why did you choose a career in cybersecurity?
It was a transition phase from a manual to an automated work culture. The pace of digitization was picking up, and many channels of communication were opening. The security of data and communication was the prime challenge in the success of these products. I found the field of cybersecurity to be very demanding and fulfilling.
What did you do differently than your peers when choosing cybersecurity as your career?
Before taking help from any external vendors in securing my application and network, I thought of educating myself fully on risk and mitigation control. This gave me a complete understanding of the challenges and helped me get the most from the external vendors and experts. I volunteered for many initiatives that were required for a secure network. In this regard, my paper on indigenous firewalls was well appreciated by DRDO. The completion of this project under my guidance and appreciation by DRDO brought me to the limelight and gave me many opportunities to excel in my career in cybersecurity.
Share your views and thoughts for those who want to be part of the cybersecurity industry.
With the quick pace of digitization and the proportional threat of data theft or disruption, the cybersecurity industry is getting more traction than any other industry. Whereas security expenses used to be considered an avoidable cost, it has now become an essential element in any initiatives on digitization. Hence, there has been a paradigm shift toward the cybersecurity industry.
In your opinion, how is your old career helping you or influencing you on your cybersecurity journey?
For any career journey to be successful, basic knowledge and hands-on practice of the underlying technology is an essential ingredient. My old career gave me the opportunity to build up this foundation.
What would you like to suggest to our readers who want to start a career in cybersecurity, and how can they do so?
Thinking about cybersecurity is the first step. Then, in whatever way they are part of the digitization process, they should understand the underlying technology and the possible vulnerabilities. The gate to the next step will automatically be open.
Do you suggest that someone should be an expert in one vertical of cybersecurity, or should they be an expert in every area of cybersecurity? What is your opinion from an industry perspective?
After obtaining an understanding and expertise on network and endpoint security, they should look for vertical experience in one particular area, such as IoT, cloud security, or application security, and so on. From a job perspective, this would be preferred.
The cybersecurity landscape is ever-changing and extremely dynamic; how do you keep yourself updated? What are your suggestions for our readers?
There are many ways to remain updated. I am part of many groups and forums that are active on issues related to cybersecurity. I speak at these forums and listen to other experts. Speaking at such forums of experts and enthusiasts gives me the energy to learn more on the topic. Listening to experts provokes a thought process to learn more. Discussion groups are a good source of the latest information related to cybersecurity.
You should join or form such interest groups and start attending seminars on cybersecurity to remain updated.
In your view, what is more important: having a security certification, getting relevant security training, or gaining hands-on experience through a job?
Certification gives you the credentials for a job, whereas training and hands-on experience boost self-confidence. Hence, both are important for a career in cybersecurity.
We all agree that cybersecurity is a non-negotiable factor of today's industry. As an industry leader, in your opinion, what are those new frontiers where cybersecurity will be needed in the near future?
Cybersecurity is now part of everyday life and hence no frontier is left out. Because of the rapid automation of every aspect of life, be it in the health industry, transportation, or general governance, there will be an exponential increase in connected devices. The security of these devices is becoming one of the greatest challenges in the area of cybersecurity.
Who is Kaushal K. Chaudhary?
He has over 25 years of experience in developing IT and IS blueprints for organizations with short and long term strategies, in alignment with business objectives, encompassing IT operations, ERP implementation, help desk support, network and communication infrastructure management, vendor and service provider management, risk management, business continuity and disaster recovery planning, and compliance audits such as ISO 27001, PCI DSS, SAS70, HIPAA, SOX, and so on. He is a strategist, planner, and leader with the distinctive abilities to create value by forming effective customer relationships, coordinating with functional leaders, and mentoring teams.
He heads the IT and IS team as the group head of IT of the Lanco group of companies. He has an M.Tech.(CS-IIT), MBA, CISSP, CISA, ISO 27001 LA, ITIL, ISO 20000 LI, Dip in cyber law, and is the recipient of much appreciation from clients, employers, and industries, including having received the Greatest Corporate Leaders of India Award - 2013, the CIO100 Award - 2013, and the Top 100 CISO Awards - 2011 and 2013. He was given front-page coverage in the CIO magazine (September, 2013) and InfoSecurity magazine (August, 2013).