Cyber Analysis: The System Detective
Analytics… defined as “the method of logical analysis” by Merriam-Webster, but that definition has changed significantly with the addition of technology. Analytics is no longer associated with just intelligent evaluation and interpretation of quantitative and qualitative data, but with technological systems themselves.
Cybersecurity analytics is one of the most important roles within the cyber field. They are responsible for the monitoring of all systems, widespread company communication, identifying cyber threats and vulnerabilities, and working with IT professionals to mitigate possible attacks on their critical systems.
Now that seems like quite a spectrum of tasks doesn’t it?
Well yes in reality, Computer Systems Analysts (CSA) are burdened with a heavy load as the first line of defense when it comes to protecting and securing systems. CSA’s must be on watch at all times, ready to analyze the system for minute changes and go on the defensive at the drop of a hat. Essentially a CSA does not have the traditional 8-9 hour workday, but a constant responsibility of being the watchful eye, a security officer, a detective, an investigative reporter.
So how does one obtain the intelligence and dedication to become a CSA professional?
Like with any job, Cyber Analytics starts with education…
Unlike certain positions in the cybersecurity field, most Computer System Analyst positions require a 4 year degree in cybersecurity, mathematics, computer science, programming or anything relating to the IT field. This means to start investing in your future, you must show employers you have the fundamental understanding of how computers work, and the dedication to complete hours and years of training to perfect that understanding.
After graduation though, the learning does not end…
Certifications. The holy grail of learning for a cybersecurity professional. The more you have the stronger your are as a candidate, so let's take a look at some of the most sought after Certifications for a CSA:
The CompTIA security+ certification is an entry-level certification that proves to employers that you have the baseline knowledge and skill any cybersecurity/information security specialist should be privy to. This certification covers topics such as identifying vulnerabilities, threats, and attacks, implementation of management and access control in systems, identifying common tools and techniques that address potential security issues, risk management (cybersecurity policy and action plans), understanding application development/deployment, understanding basic concepts in cryptography and public key infrastructure. This certification is offered by the Computing Technology Industry Association (CompTIA). There are a total of 90 questions on this exam with the allotted test time of 90 minutes. This also includes a performance based section where you will work hands-on with real world problems in a virtual or simulated environment. In order to pass you must score a minimum of 750 out of 900 possible points.
This certification is popular within many fields and is probably the first certification you are going to want to go after to solidify your fundamental knowledge of computer systems and how to manage their security.
The Certified Information Systems Security Professional (CISSP) certification is one of the most common certifications for an IT security professional to obtain covering a range of topics from engineering to managing information security programs. This certification is administered by the International Information System Security Certification Consortium (ISC)^2 and is considered an intermediate-level certification due to its level of requirements; it is a standard certification to let employers know the level of understanding and capability you bring to the cybersecurity and IT security field. The exam is between 125-175 multiple choice computerized adaptive test questions with an allotted test time of 4 hours. In order to pass you must obtain a 700 out of a possible 1000 points.
Administered by ISACA, the CISM (Certified Information Security Manager) certification is for those who are looking to prove their credibility as manager of information security for a business/program. It includes understanding and testing on knowledge involving information risk management, information security management, information security program development, and information security incident management. It is a 150 question multiple choice exam with a score range of 200-800, a passing score for this exam is a 450 or higher. This is considered an advanced-level certification
There are a plethora more certifications that can help get a leg up for aspiring CSA’s (of which Crest has more information on: here) but these three are extremely important to obtain for competitiveness in a constantly evolving field.
Now that you’ve received your educational experience, here's more on how the day to day workplace experience will be:
Developing policy and action plans for protecting critical data and systems, as well as procedures for how to combat threats and attacks on the system
Strategizing with personnel from all departments of the organization, training them on awareness of predatory messaging/phishing attacks, communication with IT professionals to establish the best course of security.
Constant watch over computer systems and code for possible changes and malicious actors
Staying up to date with evolving malicious activity and current threats plaguing computer systems
Staying up to date with relevant intelligence pertaining to your organization’s field
Apply the correct encryption, firewalls, antiviruses and other security measures to compensate for system vulnerabilities
Using intelligence information to create comprehensive solutions for possible future threats
These are the generalities of what a CSA will be doing, but the list can go even further than that depending on your value to the organization.
If that task list has you a little bit intimidated, here's the reasons why dedication to the career of a CSA is beneficial:
The number one reason of course is always going to be the financial lucrativeness, with entry level analysts making a mean of $93,000 a year, increasing with the level of education and experience you bring to the employer.
CSA’s are the heartbeat of the organization, giving not only specialized knowledge and advice to the IT department, but providing cyber security safety and expertise to the entire workplace. If you are hands on; if you don’t like to sit in one place; if you are interactive and like to be involved in all forms of an organization’s success, this is the job for you.
CSA are crucial to the success and security of every single organization in existence, so if your company doesn’t have one, it's time to evaluate how to fit one into the culture of your business.
To learn more about how Crest provides robust Cyber analysis, visit the service tab of our webpage, and remember…
Without security, success is not guaranteed!
