It's the first interview of PureVPN's Cyber Aware series. In this series, we will be interviewing people from cybersecurity world to bring exclusive insights for our readers.
PureVPN is eyeing towards making this interview series a beacon for the average internet user to highlight the importance of cybersecurity and online threats, privacy issues and fight against cyber crime.
PureVPN spoke to Nipun Jaswal on cybersecurity. Here's the interview:
1. Hello Nipun, Thank you for taking out the time for a discussion. Can you please tell our readers a little bit about yourself and share your career history?
Hi, My name is Nipun Jaswal, I am currently the Technical Director of Pyramid Cyber and Forensics Pvt. Ltd.
I am also an author of three books (3 English with 2 Chinese translations) on cybersecurity: Mastering Metasploit (2014), Mastering Metasploit Second Edition (2016) and Metasploit Bootcamp (2017).
Academically, I completed my Masters in computer engineering (LPU) and other certifications including C|EH, ITIL, OSWP, etc. I have been working in the cybersecurity domain for around 11 years, and my first job after passing out from the university was with the Armed forces in the Middle-East region (Third party).
After 1.5 years, I shifted back home and was made the director of cybersecurity. I have also been awarded the Award of Excellence from National cyber defense and research center. I have extensive experience in Vulnerability Assessments and Penetration Testing, Wireless & RF, Exploit Development, Malware Research and the offensive side of cybersecurity.
2. What inspired you to select cybersecurity as a career and what challenges did you face initially & how did you tackle the problems?
A movie called ‘The Net’ inspired me to join the cybersecurity domain. Initially, it all felt like an impossible challenge, and everything seemed very complicated.
However, I focused on building strong basics and google helped me with this. Having the basics right, I started focusing on individual domains within cybersecurity such as web applications, network vulnerability assessments, wireless and exploit development.
3. Which cybersecurity expert influenced you the most? Who do you follow?
I believe there are many. However, the best influencers have been H.D Moore, Samy Kamkar and Vivek Ramachandran (Security Tube).
4. People have seen a lot of cyber incidents this year. Which particular event, according to you, should be a wakeup call for everyone that takes cybersecurity lightly?
I guess WannaCry outspread was one such event that caused significant chaos across various nations and should be considered a wake-up call for everyone.
5. What do you think were the most common security flaws that gave way to such attacks to be successful?
Lack of security and protection, outdated/cracked software and operating systems, insecure configuration of firewalls, open ports and lack of cyber awareness.
6. According to BBC, there were an estimated 3.6 million cases of fraud and two million computer misuse offenses this year. Why do you think this is happening? Is it because people and organization don’t take online security seriously or have hackers finally got the upper hand?
Hmm… That’s a tough one. I believe as the technology has evolved over the past few years, there has been a massive increase in cyber attacks. Initially, there weren’t enough hackers since the knowledge sharing was limited.
However, today, just search “crack md5 online, ” and you will find a dozen of sites offering online brute forcers. You can easily see enough YouTube channels, forums, courses on ethical hacking and cybersecurity and even courses exist on developing malware. All these resources have made it very easy to learn about cyber security which is suitable for learning and exploration, but there are masses, who use these resources for quick cash, money laundering, and malicious purposes.
Hence, not just the number of attacks has increased with advances in technologies, the number of resources of hacking and exploiting newer technologies has also increased.
People do not take online security seriously. They don’t know that sometimes even browsing a particular website can get their entire system compromised and they can end up serving their whole data to attackers. This lack of awareness allows malicious actors to gain the upper hand on their targets on an any odd day.
7. People don’t usually update their antivirus and OS, and this is the reasons why people get attacked by ransomware and malware. Do you think PureVPN’s enterprise-grade security, powered by server-level antivirus, IPS/IDS, content filter, web filter, and app blocker will provide users the extra protection they need?
I have always been a big fan of VPN technology and have used a variety of VPN services from various vendors in the market. I firmly believe that the level of protection PureVPN provides is merely unmatchable. As you said, people do not update their AVs and OS, and the statement is entirely correct.
Using PureVPN has not only provided filtering on web and content which will keep malicious files and content away but made me feel that my entire system is secure since it acts as a gatekeeper to all malicious IP-based attacks, malicious documents and automatically prevent malicious applications from running in case you have something malicious already in your system. PureVPN has allowed me to browse the internet cleanly, while also protecting my identity and IP details.
Let’s have a rapid-fire round. I’ll hurl a quick burst of rapid-fire dual-choice questions, and you just need to choose one of the answers in the blink of an eye.
8. Tea or Coffee?
9. Mac or PC?
10. iOS or Android?
Android with Nethunter.
11. Reddit or Quora?
12. Apparently, everyone wants some me time. What do you prefer doing in your leisure time? What are your other interests outside of the world of technology?
I am a Biker and love going on rides on my KTM Duke, and If you don't see me on my bike, you will find me gyming, painting or cooking.