Home » Security Bloggers Network » Information Collection in Cybersecurity

Information Collection in Cybersecurity

by Howard Poston on March 27, 2019

The NICE framework is designed by NIST to provide a common vocabulary and definitions for various cybersecurity jobs and skill sets. Within the framework, various different jobs are defined, and the associated tasks and skill sets are outlined.

An important task within cybersecurity is collecting and analyzing data. In this post, we’ll describe some of the job roles that perform this task within the cyber-domain, the necessary knowledge and skills to do so and how to obtain this knowledge and skill set.

Who Does Cyber-Information Collection?

Within the NICE framework, NIST defines three different job roles that perform cyber-information collection: exploitation analyst, target network analyst and cyber-operator. While these jobs can perform very different duties, they use many of the same tools, techniques and procedures in the data collection stage of their work.

An exploitation analyst is a cybersecurity practitioner that focuses on identifying weaknesses and potentially exploitable vulnerabilities in a target network. Their data collection is focused on gathering useful data about the target network, analyzing it with an eye for weaknesses and determining whether or not a potential attack vector exists.

A target network analyst takes advantage of technology to collect data about and track a human target. This type of analyst will use open-source data and anything that can be collected from the target’s devices to build a profile about an individual and determine their usual patterns, networks and more.

Sponsorships Available

A cyber-operator is similar to an exploitation analyst but focuses on breadth rather than depth. The goal of a cyber-operator is to collect data from a variety of sources to find, track and exploit potential targets. The majority of this role is data collection and processing; however, they might perform exploitation actions if necessary.