Telangana Addresses Skills CrisisLaunching New TASK Program to Create Security Jobs
The Telangana state government has initiated discussions with academic institutions and research bodies to chalk out a framework to launch a new cybersecurity training programme for creating jobs in the state.
This is the first time any Indian state has considered such a programme to address the information security skills shortage.
"We are actively looking at launching a cybersecurity programme under TASK (Telangana Academy of Skill and Knowledge), and are in talks with institutions such as IIIT to chalk out the framework," says A S Ramesh, Telangana's IT, Electronics & Communications Department director. "We believe there is a huge opportunity to create jobs by imparting training in this area."
In support of the initiative, thought-leaders say Telangana should involve all stakeholders - academia, business, government and law enforcement - to help create the curriculum and develop new talent.
The initiative is part of the state government's skills development programme for the next academic year, 2015-16, where training and placements for engineering and degree colleges will be routed through TASK.
Ramesh emphasizes that the state's chief minister, K Chandrashekar Rao, is personally reviewing the skills development programmes under TASK and insists on developing a cybersecurity curriculum framework along the lines of United States homeland security to prevent growing cybercrime.
The initiative is in response to India's own growth in breaches and the shortage of necessary skills to prevent such intrusions. Cybercrime has increased risk for various industry sectors and elements of critical infrastructure.
Ramesh believes the state IT department is mandated to follow the guidelines of Deity's cybersecurity policy to protect information and information infrastructure in cyberspace; build capabilities to prevent and respond to cyberthreats; reduce vulnerabilities; and minimize damage from cyber-incidents through a combination of institutional structures, people, processes, technology and cooperation.
"Since India requires 500,000 professionals in cybersecurity in the next five years, we think it is a great opportunity to build capacity," Ramesh says.
As part of this initiative, Ramesh says, the government plans to tap unemployed youth and transform them into cybersecurity professionals through training.The plan is to partner with institutions such as C.R. Rao Advanced Institute of Mathematics, Statistics and Computer Science (AIMSCS), IITs and research institutes to develop the necessary course curriculum and training methodology, train undergraduates and postgraduates and make them readily employable.
"Training will be in the area of cybersecurity in general and protection of critical information infrastructure in particular for actions related to cyberthreats, vulnerabilities, breaches, potential protective measures, and adoption of best practices," Ramesh says.
While government representatives lack clarity on how many students must be trained or the number of jobs to be created, they have the mandate to identify potential students, trainers and finalise the curriculum in three months.
"We will have short-term and long-term courses," Ramesh says. "We are yet to work on the nitty-gritty of the program; we'll follow the telecom industry standard guidelines in designing it."
Telangana's initiative drew reaction and advice from a variety of interested parties.
The Computer Society of India, an industry body that has been undertaking research and prescribing courses and certifications in information security, believes the state government has to get aggressive in bridging the skills gap.
"Any initiative concerning cybersecurity must be driven as a pilot project to test the waters for acceptance of the program," says Gautam Mahapatra, chairman of Hyderabad-based CSI.
As a systematic approach, the Telangana government should partner with the educational directorate to spot students and create awareness about the courses, the importance and prospects, Mahapatra says. The government must involve various stakeholders, not only from academia, but also from the industry, research and law enforcement agencies, to define the course structure and its impact.
"This will help design the curriculum as per the state's and industry's needs and create scope for better employability," Mahapatra says.
Hyderabad-based BLV Rao, chief technology officer and consultant to multinational companies, believes that the government should take a holistic approach toward the role of the InfoSec professional.
"It is vital to define the roles that these prospects will perform: how to handle security from a business point of view; or to comprehend threats as an analyst and take appropriate measures; or to offer specialisation in different aspects that can address cybersecurity at large," Rao says.
Rao is optimistic about good trainers being available to train prospects. But the government must be open to input on the program and instructors.
"The government should consult IT companies, security practitioners, law enforcement groups, regulatory bodies in not only identifying the need and experts, but prescribing the right course structure," Rao says.
What's at Stake
Timing is critical, says Telangana's Ramesh, saying the future could be catastrophic if the right skills are not developed now to prevent cybercrime.
His words echo those of Telangana Chief Secretary Rajiv Sharma, who recently stated that data security is a major concern for the state government because of the rise in cybercrime, and that it is important to develop the right skills to address the peril.
"Hackers have gotten so sophisticated," Ramesh says. "Any encroachment into the major sectors and into their systems in any form could be akin to a nuclear bomb."