An interaction with Mr. Rajat Khare, CEO of Appin Technologies, a company that offers security services as well as training for students.
Q. Tell us something about yourself. How and why was Appin Technologies formed?
A. I am a guy next door who was inspired by people who changed the world Entrepreneurs. I entered IIT Delhi Computer Science not to become just an engineer but to set the right base to launch a revolutionizing business. Personally, entrepreneurship is my passion, writing is my hobby and adventure is my diversion. My vision is to make a name for myself and India in the world.
Appin stands for “approaching Infinity” and was formed to make Innovation reach infinity which means never ending and always improving. Our motive is to revolutionize the research of security in India and be a leading provider of security services / products/ training in India and export it in the world.
Q. What does Appin focus on? Do you provide security services as well? Tell us about some of your clients.
A. Appin focuses on information and communication security product, development, services and training. Our clients include almost all defense and paramilitary forces, policing, ministries, PSU’s and corporations. Some of the pioneer clients include the Indian Army, Navy, Air force, CBI, Ministry of External Affairs, Delhi airport, Hyderabad airport, Bangalore airports and the State Bank of India. These clients range from security audit, security implementation, security management services/ products including special services only provided to the government, and not to consumers.
Q. How serious are companies and the government in India about security today?
A. The government has become serious about security after the November 2008 attacks. Also with Chinese cyber warfare strategies, everyone is on their toes. However the private corporations are slow in implementing security due to recession but have picked up after market improvements.
Q. How insecure are e-commerce sites and companies in general? Is cyber terrorism a threat to them?
A. Our evaluation about this is that e-commerce sites in India face a lot of threats and have been victims of cyber terrorism and are still insecure. We need to take steps of 24/7 security monitoring and implement anti-hacker methods to secure them.
Q. What is the syllabus for ethical hacking courses and what is their future?
A. Ethical hacking course covers all aspects of penetration testing and some aspects of exploitation over web, networks, and servers. The objective is to help access real security threats, prioritize threats and counter them. A student typically takes the job of security auditor/ penetration tester or security administrator
Q. In the 90s, there were an increasing number of youth getting into hacking as a fun thing/hobby? Do you think it should be encouraged, or is hacking be a big no-no, or has that phase passed already?
A. I think a right balance is required. However, ethics need to be imbibed for using hacking to secure. It’s like saying, should nuclear technology be developed? The answer is Yes. Should it be used for energy production the answer is Yes. Should it be used for destroying cities like Hiroshima, the answer is No. Similar, is hacking. It’s a great art if used for the right cause.
Q. Are there any other companies training their employees in ethical hacking?
A. Yes. In fact recently a lot of our alumni were hired by IBM, Religare, Verizon etc.
Q. What is the demand of ethical hackers in the country? What kind of remuneration can one expect? What are the areas that are most in demand?
The demand is increasing but should be coupled with knowledge of security. Most of the ethical hackers are not taught security. What Appin does differently is that we teach information security and ethical hacking together. It gives person the right perspective. A person who understands both is in high demand and one can expect salaries beginning from Rs. 12,000-50,000 depending on the profile, and their background. Most important areas are penetration testing, ISO 27001 implementation and auditing, network security and managed security.