‘Salary decent, but…’: CBSE OSM whistleblower Nisarga says IIT Kanpur pay is less than what he expected
Nisarga Adhikary: IIT Kanpur Salary Falls Short of Expected Despite CBSE OSM Whistleblower Role
Salary decent but - Nisarga Adhikary, the 19-year-old cybersecurity researcher who exposed critical flaws in the Central Board of Secondary Education’s (CBSE) Online School Marking (OSM) system, has joined IIT Kanpur’s cybersecurity team. While he acknowledges the salary is decent but, Adhikary expressed some disappointment, noting that the compensation was lower than he anticipated. His work on the OSM portal's vulnerabilities sparked national conversations and raised questions about the board’s digital evaluation infrastructure.
From Class 12 to Cybersecurity Engineer: A Young Innovator's Rise
Adhikary, who recently completed his Class 12 exams, was appointed as an Open-Source Intelligence (OSINT) and threat intelligence engineer at IIT Kanpur’s cybersecurity innovation hub, C3iHub. The decision followed widespread media attention on his blog post, which highlighted security gaps in the CBSE OSM portal. Educators and experts had criticized the system for potential risks during the 2023 exams, leading to a shutdown and a reassessment of its reliability.
“The salary is decent but, I was expecting a bit more. I’m used to working on projects and with companies based in the US, and I do miss the financial advantage that comes with earning in dollars due to the USD-INR conversion,” he told HT. Adhikary’s insights into the OSM system’s code revealed vulnerabilities that could compromise student data, prompting CBSE to issue a statement clarifying that the issues were limited to the testing portal and did not affect the actual evaluation process.
Breaking the Code: How a Teen Uncovered CBSE OSM System Weaknesses
Adhikary’s journey began with curiosity after noticing heated debates about the CBSE OSM system. “When exams started in February, CBSE announced they would use OSM this year. The system was criticized across media, and people were frustrated,” he explained. He spent hours analyzing the portal’s code, which was dynamically loaded in browsers, to understand how data was processed and stored. His findings included potential security risks that could allow unauthorized access or manipulation of exam results.
“I started reading the code which was being fetched to the browser when you open the portal,” he said. His work demonstrated a deep understanding of cybersecurity principles, despite his young age and lack of formal experience. Adhikary’s parents, who work in finance, provided a supportive environment, but he emphasized that his passion for technology had driven his actions. “I didn’t do this for recognition, but to ensure the system was secure for students,” he added.
Impact of the Whistleblower: Lessons for Digital Security
Adhikary’s exposure of the OSM system’s vulnerabilities led to immediate changes. CBSE suspended the system for a week and conducted a thorough review, with the director of the board acknowledging the breach but stating that it had no major impact on the final evaluation. The incident highlighted the importance of rigorous security checks in digital platforms, especially those handling sensitive academic data. Adhikary’s role at IIT Kanpur now involves analyzing public data to uncover threats, building on his early work with the CBSE system.
Despite the salary being decent but, Adhikary remains optimistic about his future. “IIT Kanpur has a strong reputation in cybersecurity, and this role gives me the opportunity to contribute meaningfully,” he said. The institute’s director, Manindra Agrawal, praised Adhikary’s talent and potential, noting that while he may be among the youngest to join, the experience gained from his discovery will shape his growth. Agrawal also emphasized the value of hiring young minds to bring fresh perspectives to cybersecurity challenges.