Interview Of K K Mookhey

KK-MookheyAbout K K Mookhey

Well-regarded expert in the field of IT Governance, information risk management, and worked with prestigious clients such as the United Nations WFP, Dubai Stock Exchange, Saudi Telecom, Capgemini, Royal Sun & Alliance, and many others.

He is the author of two books (Linux Security And Controls by ISACA, and Metasploit Framework, by Syngress Publishing), and of numerous articles on information security. He has also presented at conferences such as Blackhat, Interop, IT Underground and others.
Interview Of K K Mookhey

Can you tell us about your experience of IT security and auditing in Government agencies, healthcare institutions, hands on financial and international companies?
I started the company in 2001 as a one-person operation with the aim of providing security services to organizations in India and across the globe. Since then we have grown to a team of over 60 people and operations in 5 locations. My experience has been most fulfilling and challenging working with banks, financial institutions, IT/ITES firms, telecom companies, dotcoms and government clients.

What instigated your interest as an information security firm?
When I was looking around for an idea to start a company on, cyber security seemed like a most interesting field. And thankfully the bet has now paid off, with information security becoming one of the most in-demand fields for an IT professional.

Your say on Information security’s challenges in today’s world?
Cyber security is a very difficult problem to solve the technology most organizations use become quite complex over a period of time, attacks are becoming more insidious and multi-pronged, and priorities are not always clear with regards to information security. These factors are today’s biggest challenges when it comes to information security.

Does government systems have a persistent threat from today’s multifaceted attacks?
Yes, of course. Not just government websites, but critical national infrastructure is under a potential threat and we need to work hard to ensure we enhance our national cyber defence capabilities significantly.

Tell us about your recent research.
Our teams are constantly involved in security research. We release security advisories on an almost monthly basis. Last week, we were given credit by Oracle for a vulnerability discovered in Oracle applications. Similarly, in the past 12 months we released a number of advisories in Microsoft Excel, RealPlayer and other such software. We follow the policy of responsible disclosure, so a number of other security vulnerabilities discovered by our team are not in the public domain, since the vendors are still fixing them. If you visit the innovation section of our website, you will note that we have a number of activities such as writing articles, speaking at conferences, and presenting new ideas.

In today’s altering world of Cyber security which is the most severe national security challenge for many countries?
Not having a coherent cyber security strategy with a high-powered team given a clear mandate to develop significant offensive and defensive capabilities is our biggest national concern right now. We must focus on this single-mindedly and protect our infrastructure.

What is your observation about updates and threats increasing tremendously since past few years?
Threats have now spread to almost any type of technology and attackers are more motivated and highly skilled. They are mainly motivated by financial or nationalistic objectives. This trend is only going to increase every year.

Would you like to inform about future releases of your book?
Yes, I am currently writing a book on CISSP and this will be released in 4-5 months from now.

What does NBC Award mean to you?
We are most pleased to have received this award and look forward to accepting this honour.

A message for our readers in a tweet, please.
Its a very prestigious award, I am receiving.

By Cattechie