, vice-chairman of TCS and chairman of the National Skill Development Agency , says the private sector must play a crucial role in enhancing cybersecurity capabilities. The IT veteran calls for hiring and training young, talented people to handle cyber attack units. Edited excerpts from an interview with ET:Private companies have a lot to share in terms of experience and in capacity building of relevant skills. The private sector has indigenised various security-related technologies and supported in building the security infrastructure of the country.Many private companies have considerable experience in cyber security. The offshoring model has matured significantly with several top-of-the-line security controls and processes.The country does require a skilled cyber-security labour force. Most countries, notably China, have started grassroots campaigns to identify technically gifted youngsters and recruit them for defending the nation.In India, too, these initiatives have been started by various agencies. However, much more needs to be done. The talent is available. We must also focus on rapid detection, containment and reaction.One statistic shows that attackers remain undetected on a network on average for 416 days! The amount of damage that can be done in this time is huge. Offensive security testing (known as penetration testing) is a wonderful way to audit the security of networks.Some companies such as Facebook Twitter and so on run what are known as “bug-bounty programs” where any hacker is invited to find vulnerabilities in their systems (without causing damage). On disclosing the flaw, they can be paid to the tune of $10,000. This is a great way to identify talent.Ultimately, it is more important to have a pool of extremely high-quality talent rather than just large numbers. A sophisticated team of even 50 top hackers is far better than 1,000 average/semi-skilled professionals. We must treat these teams like special forces.Offensive cyber-security capabilities are of great importance, as they will be the fourth branch of the defence forces. No war will be fought without taking recourse to these capabilities for intelligence and disruption prior to putting boots on the ground, ships to sea or planes in the air.The power of an offensive cyber capability cannot be underestimated, as shown by the Stuxnet virus used against Iran, and various other cyberweapons that have recently been seen such as Flame, Gauss, Wiper, Duqu, etc.Defensive capabilities in India need to be bolstered significantly. Most government IT infrastructure is vulnerable to attacks. Besides, most government officials are in no position to handle threats such as spear-phishing (e-mail spoofing fraud) or social-engineering attacks, which target them as a means of entry into the government networks.