Sanil Nadkarni Interview
This is the first interview in the IExpertSecurity Magazine interview series where we interview renowned professionals from the cybersecurity community.
This is the interview of Mr. Sanil Nadkarni about his recent book ‘How to make a successful career in information security’.
Mr. Nadkarni is the Chief Information Security Officer of SLK Global. He has over 15 years of experience in this community and has now written his first book ‘How to make a successful career in information security’.
Interviewed and Transcribed by Mr. Priyam Shukla (Cyber Journalist)
Q.1/Priyam: How was your start in the field of Information Security and what problems did you face?
Sanil: I started in the field of information security about 15 years back. At that point in time, Information security was in very predominant stages as IT itself was dynamically evolving. Back in those days, information security was not taken very seriously by organizations. It was after security breaches started occurring at a large scale that the law enforcement agencies and organizations drew their attention towards Information Security. Since I was working with Symantec which is a pioneer in security, I got to know about security ahead of time and that’s how I segued into the field of Information security.
I started my career at a point in the timeline where I was seeing everything growing from the grassroots level. Subsequently, there wasn’t much of an Information Security environment in India so I had to learn most of it by reading on my own. I remember back in those days, I used to talk to people from the field in the US, China, Indonesia over Yahoo Messenger, often late in the night. The availability of learning material and a suitable environment was somewhat missing from India back then. Although things have changed and it’s much better now. I’ve written about these experiences in the book as well.
Q.2/Priyam: What is the audience of your upcoming book ‘How to make a successful career in Information Security”?
Sanil: I kept in my mind the audience that had to be reached while writing the book. I have kept the scope as wide as possible. The audience is deemed to be comprised of both, technical and non-technical people. Technical people from almost any subfield would find the use of Information security and the book can guide them to the same. Since the field is converging with most of the non-technical fields as well, information security also finds a place in Law, used by Chartered Accountants, auditing, information services, polity, etc. The book is more of a practical nature than an academic one, so it would guide the technical people to new leads and non-technical people to new learning levels.
Q.3/Priyam: How and why did the idea of writing a book come to your mind?
Sanil: I have been in this field for more than 15 years. Over the period of time, I have got the hang of how this field works, the inside out of Information Security. It felt, at this point in time, that I should share my experience back with the community and work for the development of new individuals who are stepping into information security. I saw that there wasn’t really any book about getting into information security that could cater to non-technical people as well. Since I have been associated with many firms in my professional career, I have put out the content of the book from an industry point of view as well on how to not only get a job but have a fulfilling career in information security. While I was making my way into this field, there was a lack of such guidance and by writing this book, I feel that I could fill a certain amount of this void for the upcoming generation.
Q.4/Priyam: How important are the skills other than the knowledge of Information Security to get what you need in this field?
Sanil: This is a very crucial question and I have observed in my course of a career that many people aren’t able to achieve their potentials because they lack some crucial non- technical skills. Mere knowledge of technology isn’t enough to reach heights in this field. You have got to present your work to the non-technical people as well. Skills like report writing, oration, professionalism, negotiation, etc. are equally important. Sometimes, you have to talk to very senior people in the field, often you have to explain the security vulnerabilities to non-technical people as well. Making a personal image in the field is equally important and people often lack doing that. I have elaborated upon these skills, their importance and how to develop them in the book.
Q.5/Priyam: What is the future of Information Security in India and the world?
Sanil: The future of Information Security is bright. With evolving technology and changing risk landscape – the need for information security is more than ever in the last 2 decades.
With a high abundance and volatility of information, security is becoming a big concern amongst organizations and governments. The efforts towards the localization of data are being made in India, which would be creating more jobs in InfoSec, the General Data Protection Regulation by the European Union and Data Protection Bill in India are some more steps being taken to resolve the problems. There was a report by Herjavec group that there would be 3.5 million UNFILLED jobs in Information Security in 2021 as compared to 1 million in 2014. The future is very bright and demanding at the same time.
Q.6/Priyam: You have written a book after such a dynamic growth in your career. You have still many more professional working years. What next?
Sanil: One of my long term wishes of writing a book is finally fulfilled now. I am happy that I was able to complete it and I hope it does well amongst the audience. As far as my next moves are concerned, I am a still learning professional. I still haven’t given up on my curiosity. I’ll probably be writing another book in the upcoming future and contribute back to the community at large by sharing knowledge.
Q.7/Priyam: What is the Single set of advice which you would like to give to the budding students and professionals?
Sanil: Curiosity and learning – Never stop these two things. Keep refining your craft and keep learning. You would automatically maximize your working potential in the same.
Apart from that, I’d say that there are some mistakes that the starting professionals do and those mistakes should be prevented. I have learned from my past experiences and have carefully written down what to do and what not to do in my book.