In the wake of Stay Smart Online Week, Beenu Arora shares his passion for information security
The first week of June saw the celebration of the inaugural Stay Smart Online Week, formerly known as the National Cyber Security Awareness Week. This year, the theme of the event, “On the Go,” drew attention to safety and security while using mobile devices. Celebrations kicked off early for cyber security expert Beenu Arora, who was last month announced by AusCert as one of the top three Information Security experts in Australia.
The AusCert Information Security Awards recognise individual and organisational excellence in information security. Beenu, who has been working in the cyber security industry since 2006, was anonymously nominated for the 2014 Individual Excellence award.
He admits that being selected as a finalist was a pleasant surprise.
“It is an honour and I’m grateful to the AusCERT panel,” he told IndianLink.
“I have been in Australia nearly four years now, after I migrated from India in 2010, and this achievement is special from both a personal and professional perspective”.
Beenu studied software engineering in New Delhi at a time when cyber security was not a topical subject. He had developed an interest in cyber security before university when he would study open source software in order to find issues or gaps.
Beenu then progressed into ethical hacking, which attempted to exploit system vulnerabilities on behalf of system owners.
He now works as a cyber security professional at a highly-reputed professional services consulting firm in Melbourne, where his job involves assisting all types of organisations with various information security issues.
In his free time, Beenu also researches new variations of malicious software, or malware as it is called, and publishes his findings on his website.
Beenu believes that it is his ability to resolve complex problems through simple, innovative solutions and then providing these solutions to the open security community, that led him to the achievement.
However, like most high achievers, he has faced several challenges along the way.
Aside from the obvious difficulty of having to explain complex technical problems to both non-technical employees and customers alike, Beenu’s area of expertise is in a state of constant change. For example, he believes malware attacks were redefined after the Stuxnet virus that damaged Iran’s nuclear facility only four years ago.
“Stuxnet made people realise that physical systems can be successfully attacked from cyber space,” he said.
In addition, Beenu’s work spans across different industries, each with different levels of risk, and accordingly, different security requirements.
For instance, the security risks associated with a retail company are different from an energy sector organisation.
However, Beenu identifies common threats that apply to information security across all industries, including cyber-espionage, state-sponsored cyber attacks, inside threats, organised crime and activists.
Beenu’s talent of being constantly informed and aware of the latest malware trends was exemplified at the end of May, when he encountered a spam campaign that was targeting Australian users and email addresses. The emails purported to contain an energy bill from a utility company, providing victims with a link to download the “bill”.
Instead, however, the link downloaded ransomware, a type of malware which attempted to extort money from its victims either by refusing them access to their files and folders, or locking the computer altogether.
As part of his research into the scam, Beenu collated the behaviours of the malware in order to identify impacted machines, which is a critical step towards remediation.
Beenu has high hopes for the future of information security.
“There are challenging and exciting assignments in the pipeline,” he said.
“In the last couple of years, I have greatly expanded my horizon within the cyber security space and I’m looking forward to gaining more exposure and experience on this journey. I truly believe in the late Steve Jobs’ mantra, ‘Stay hungry, stay foolish’,” he stated.
For budding cyber security experts, Beenu has some clear advice.
“Have a firm focus; make sure you set clear direction and goals – this will fundamentally help to grow one’s career in any field, including cyber security. Cyber security is a rapidly changing domain and skill is the key. I’d encourage individuals to keep learning and refining their skills and align them to industry demand. My dad used to say, ‘Follow the challenge, success will follow you!’”
Success has indeed followed Beenu, and there’s no doubt it will continue following him in the years ahead.