Cybersecurity is a growing issue. The greater frequency of attacks and their higher sophistication require companies to utilize the services of true subject matter experts readily available to apply best practices for securing business assets. Many are the professional figures sought nowadays to help secure networks, but lately, Cybersecurity Analysts are in high demand.
The role of Cybersecurity Analyst (CSA) is similar to other jobs in the profession, positions like Information Security Analyst, Computer Systems Analyst, Malware Analyst and Information Assurance Analyst, whose duties, in general, also comprise of studying the best ways to safeguard data in systems or files using analysis programs to identify threats, but a CSA “specializes in issues related to vulnerability discovery, exploitation techniques, and reverse-engineering attacks,” says Paul Mehta, a Senior Research Scientist in an interview for Wired magazine; the analyst can take on different roles to ensure appropriate security controls are in place for the protection of computer networks and information.
Often cybersecurity analysts are assimilated to information security analysts, and, in effect, the two positions titles are often interchangeably used. Differences are subtle but can be identified thanks to standard definitions: according to NISTIR 7298 Revision 2, in fact, cybersecurity is “the ability to protect or defend the use of cyberspace from cyber-attacks.” The cyberspace is defined as “a global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.” This is a more focused domain if compared to Information Security defined as “protection of information systems against unauthorized access to or modification of information, whether in storage, processing, or transit, and against the denial of service to authorized users, including those measures necessary to detect, document, and counter such threats.”
In a nutshell, cybersecurity analysts ‘unique role involves analyzing and assessing vulnerabilities in the IT infrastructure (software, hardware, networks) and report on any intrusion attempts and false alarms with the aim to help develop a stronger security posture by internal procedures. Cybersecurity analysts assist in resolving or prevent cybersecurity-related crimes by detecting system and device attacks, by analyzing evidence and by conducting a risk analysis of the facilities network infrastructure. By performing ongoing vulnerability management activities and gaining network visibility, they assess potential threats or control and mitigate them. These skilled professionals, then, not only can help identifying possible attacks and protect websites and networks from cyber threats such as malware, denial-of-service attacks, and viruses but can also be tasked to devise better ways of securing systems to avoid costly intrusions: They provide consulting services, establish security technologies, can advise and provide a security architecture to protect data from threats, and review newer technologies to ensure that they conform to the company’s security policies and information systems infrastructure. Furthermore, they can also assess any damages to the data/infrastructure as a result of security incidents.
It is evident, though, that the focus of the cybersecurity analyst’s role is prevention more than post-incident response. The ultimate goal is to provide rapid response to cyber intelligence alerts when necessary, to be able actually to derail breaches before they even happen. In line with this objective, these professionals use techniques to probe the cybersecurity threat landscape; the analyst may elect to use penetration testing and ethical hacking techniques and methodologies to validate that security systems are working properly so the clients can do what they must to manage risks in computing and network environments. What’s more, they can utilize standard security analytic tools in the trade, like SIEM (security information and event management) for monitoring activity; these tools allow analysts to inspect the organization’s network traffic in real time to uncover malicious events; the analyst then, works in close collaboration with the clients so that a company can instantly get the context they need to make fast, effective decisions. The cybersecurity analyst may work independently or as part of a SOC team unit responsible for analysis; in doing so, he or she can be part of an in-house team or an external consulting company.
The role of the Cybersecurity Analyst is to produce “timely, actionable, and accurate analysis on a cyber issue,” says Angela Horneman, Network Intelligence Analyst, CERT Division. She tells how significant is the analyst’s role in adding perspective, context, and depth to a security issue to help decision-makers make better judgments and quicker choices on how to execute security measures aligned with industry best practices to shield the organization’s computer systems and networks from infiltration and cyber attacks. This explains how these professionals are more and more an essential figure in any mid or large company’s organogram.
Having the right cybersecurity analyst on board, then, is critical to many companies. They should have a combination of hard and soft skills that can make his or her presence more valuable within a security team: Hard skills for a cybersecurity analyst involves not only technical proficiency and knowledge acquired on the job or in books but also the ability to perform data analysis; whereas, soft skills focus on attributes and personality traits, like persuasion and communication.
The right professionals use technical expertise to help respond to threats and emergency security incidents promptly. They employ analytical skills to analyze the data collected through security information and event management (SIEM), system tools for monitoring, perform data/logs examinations and screen alerts generated by automated IDS tools. As well, they’ll use assessment skills to understand the strategic implications of cyber incidents and apply techniques and methodologies to get to the appropriate resolution to protect information systems against hackers and cyber attacks.
However, interpersonal skills are also of great importance. In fact, they are asked to be able to effectively communicate security information to all stakeholders, from fellow analysts and team members to customers; therefore, strong verbal and written communication skills are essential. They use their communication and persuasion skills to make recommendations for the firm to enable expeditious remediation. Given that, they also need to be resolute in making sound decisions and to be able to help develop solutions or improvements to prevent malicious activity independently.
The career prospective for cybersecurity analysts are expected to be very favorable in the near future. In fact, any company that handles sensitive data will eventually need the services of information security professionals such as cybersecurity analysts whether as in-house employees or as part of an external team of consultants. The U.S. Bureau of Labor Statistics, in fact, expects the need of such pros to be “very high” in many different sectors, including education, healthcare and financial. However, government and security are also going to be major employers in the field also considering the plans the Department of Defense announced in 2015 to hire 3000 cyber professionals for the U.S. Cyber Command.
Therefore, opportunities are great for professionals that are thinking of entering the cybersecurity field now. As Jon Oltsik, CSO, mentioned, while “27% of organizations say they have a shortage of security analysts […] CISOs are recruiting at the entry level…” Employment is projected to grow significantly for those interested in pursuing this occupation and those who have the right experience, skills and background in the field are sure to attract employers that look to hire cyber-security professionals with analytic capabilities.
Ethical Hacking Training – Resources (InfoSec)
So, it’s a good time to be in this line of work. Cybersecurity as an identifiable degree field is still in its infancy, as mentioned in the CSEC2017 Joint Task Force on Cybersecurity Education (JTF). Many Cybersecurity Analyst (CSAs) enter the profession also after pursuing generic degrees in Computer Science. According to CyberSeek cybersecurity analysts are mid-level professionals who are asked to have a variety of skills from general information security knowledge to cryptography, network security, but also in project management, general business expertise, and security operations. These professionals are formed not only through formal college studies but also through on-the-job training, industry or vendor-neutral certifications in security analysis. Hands-on and on-the-job training, even using internships, are also essential to acquire practical experience.
Cyber security analysts, at a minimum, need a bachelor’s degree in information systems, computer science, programming or a related field. Many employers require some level of experience working in IT or as a systems, network or database administrator. Master’s Degrees are not essential, but some companies prefer candidates who have attained a Master of Science in Information Assurance and Cybersecurity in addition to practical experience.
Certifications such as the CSA+ certification (that fills the gap between the entry-level Security+ credential and the master-level CASP) set the benchmarks for what a cybersecurity analyst needs to know, and is an excellent way to acquire specialized knowledge, plus be guided towards understanding all topics that such a professional in the field should master and, most importantly, prove employers current, up-to-date skills and education. The CompTIA’s CSA+ certification, a vendor-neutral cybersecurity cert that focuses on the application of behavioral analytics to improve the overall state of IT security, validates foundation-level knowledge and expertise found essential for such a role. Certifications can also give a boost to pay. According to Glassdoor, in fact, the national average Cyber Security Analyst salary is $70,000. An entry-level certified CSA+ Cyber Security Analyst, according to PayScale, “earns an average salary of $75,118 per year” while others can earn as much as $124,357 with mid-career experience.
In the cyber realm, analysts are the go-to professionals for alert triage and event analysis. So, what it takes to become a cybersecurity analyst? A suitable candidate will have formal education in IT, computer science, or cybersecurity; he or she will also have on-the-job experience and, preferably, professional certifications.
According to CSEC 2017 Report in the Computing Curricula Series, Joint Task Force on Cybersecurity Education, “by all accounts, the world faces a current and growing workforce shortage of qualified cybersecurity professionals and practitioners. In fact, both government and non-government sources project nearly 1.5 million cybersecurity-related positions going unfilled by 2020. The workforce demand is acute, immediate, and growing.” New education guidelines are being devised to help shape the IT workforce of the future, a workforce in line with the needs and requirements of the market. The CSEC2017 curricular volume is the first set of global curricular recommendations in cybersecurity education for global academic institutions seeking to develop a broad range of cybersecurity offerings at the post-secondary level, as noted by the Joint Task Force, a collaboration between major international computing societies: Association for Computing Machinery (ACM), IEEE Computer Society (IEEE CS), Association for Information Systems Special Interest Group on Security (AIS SIGSEC), and International Federation for Information Processing Technical Committee on Information Security Education (IFIP WG 11.8).
With the growing need for intrusion prevention and data collection for intelligence, many of the new professionals formed for the new IT era are bound to be cybersecurity analysts. Protecting the integrity of data and the security of the systems are a vital necessity for any organization, and that is why the need for cybersecurity analysts will surge in the next few years.
CompTIA, Inc. (n.d.). CompTIA CSA+. Retrieved from https://certification.comptia.org/certifications/cybersecurity-analyst
CultureFit. (2016, October 10). Cyber Security: In-Demand Jobs for Professionals with the Right Skillsets. Retrieved from http://culturefit.com/cyber-security-demand-jobs-professionals-right-skillsets/
Cybersecurity Ventures. (2017). Cybersecurity Market Report. Retrieved from http://cybersecurityventures.com/cybersecurity-market-report/
Daly, J. (2016). Mitigating Risk: A Day With a Cybersecurity Analyst. Retrieved from https://www.wired.com/brandlab/2016/11/mitigating-risk-day-cybersecurity-analyst/
Florida Tech. (n.d.). Cybersecurity Analyst Career Guide. Retrieved from https://www.floridatechonline.com/blog/information-technology/cybersecurity-analyst-career-guide/
Horneman, A. (2017, July 17). How to Think Like an Analyst. Retrieved from https://insights.sei.cmu.edu/sei_blog/2017/07/how-to-think-like-an-analyst.html
InfoSec Institute. (n.d.). How to become a Security Analyst. Retrieved from http://resources.infosecinstitute.com/job-titles/security-analyst/
Joint Task Force. (2017, June 12). Computing Curriculum: Cybersecurity 2017. CSEC2017 v. 0.75. Retrieved from https://docs.wixstatic.com/ugd/895bd2_e3443415db4c432da8a66b59d076e151.pdf
Kauflin, J. (2017, March 16). The Fast-Growing Job With A Huge Skills Gap: Cyber Security. Retrieved from https://www.forbes.com/sites/jeffkauflin/2017/03/16/the-fast-growing-job-with-a-huge-skills-gap-cyber-security/#5ab8b30b5163
Kissel, R. (2013, May). Glossary of Key Information Security Terms. NISTIR 7298 Revision 2. http://dx.doi.org/10.6028/NIST.IR.7298r2
Nanduri, P. (2017, June 30). Skill Gap Affects Cybersecurity. Retrieved from https://www.hrtechnologist.com/articles/candidate-search-and-sourcing/skill-gap-affects-cybersecurity/
Oltsik, J. (2016, May 10). High-demand cybersecurity skill sets. Retrieved from http://www.csoonline.com/article/3068177/security/high-demand-cybersecurity-skill-sets.html
O*NET OnLine. (2017). Computer Systems Analysts. Retrieved from https://www.onetonline.org/link/summary/15-1121.00
PayScale, Inc. (n.d.). Cyber Security Analyst Salary. Retrieved from http://www.payscale.com/research/US/Job=Cyber_Security_Analyst/Salary
Smartrecruiters.com. (n.d.). Cybersecurity Analyst – Internship. Retrieved from https://www.smartrecruiters.com/PurpleBoxInc/103338884-cybersecurity-analyst-internship
This is a Security Bloggers Network syndicated blog post authored by Daniel Brecht. Read the original post at: InfoSec Resources