Sanjay Bavisi, president of the global professional certification body EC- Council, said he wouldn’t either confirm or deny US National Security Agency whistleblower Edward Snowden’s claim that he recieved a certificate in ethical hacking from the organisation in 2010.
Speaking to Express, Bavisi, better known as Jay Bavisi, said he couldn’t disclose the information because of a confidentiality clause.
“I cannot deny or confirm it. But if he is certified and prosecuted for an illegal act, then we will have to de-certify him.” Bavisi said.
The resume of the whistleblower currently holed up at the Moscow airport reportedly boasts of a certificate in ethical hacking.
Bavisi said that when one becomes a certified ethical hacker, he or she signs an agreement with the EC-Council that the skills will be used only for defence purposes.
“We are teaching people to be cyber bodyguards but if you decide to become an assassin, then I think law will have to deal with you,” Bavisi added.
Born in India, Bavisi founded the EC-Council following the 9/11 attacks in the US, with an aim to addressing issues of cyber terrorism.
The organisation, which runs various cyber security programmes in 92 countries, believes that “to beat a hacker, you need to think like one”.
The organisation has trained people from the FBI, US Army, United Nations and is recognised by the NSA.
Bavisi said India is vulnerable to cyber attack and the government will have to take cyber security issue more seriously. With so many stakeholders and ministries involved, the process of securing cyber infrastructure is moving slow. He said India doesn’t have a proper cyber command and blue print for defence and counter cyber-attack.
“We have some capabilities but the size of infrastructure is so huge that we need huge numbers of cyber security experts.”
Bavisi also said India would need to look at cyber vaccination programmes via secure code education. “It’s like quarantining our networks from attacks via firewalls, intrusion detection system and intrusion prevention system. India produces millions of programmers but they are not trained in secure codes. We need to create a talent pool.”