Who is the CyberSecurity Specialist?
This article and those that follow will be my attempt to answer these questions.
The CyberSecurity Specialist certification is designed specifically for the Network Security Analyst Role. This person is responsible for monitoring network traffic, identifying potential threats, investigating threats, mitigation and reporting. Now, first let me start by saying that I am fully aware that there are females in this industry, but for the sake of ease and clarity I will continue to use the pronoun 'he'. This area of IT is confusing enough with the lack of clear definitions that we deal with, lets not make it worse and please do not accuse me of neglecting women in the field. After all, I have an autographed copy of Shon Harris's CISSP AIO guide and I treasure her contributions.
What is a cyber security specialist like? Well, what is cyber? That one
word has more definitions than yo can shake a stick at. Do a Google
search for the word and you will see about 287 million references. So
what is the best definition for the term? I like the first definition
that Wikipedia gives; ' - a common prefix'. Yeah, that sums it up. Just
tack the word onto the beginning of anything; cyber-this and cyber-that.
For us, it means some very specific things. I believe that we can
agree, that cyber is the way everything is going, with or without a
clear definition. Let us say for our purposes as it applies to the noun,
'Security', that it means any technology that needs to be steered or
governed into a security stance that takes into account all the
variables that affects that same technology. By applying that technology
to any other technological or even non-technological item, it can fall
to a security vulnerability. So where does it tie together? What becomes
the combining force? The CyberSecurity Specialist is the glue. It is
the specialist that keeps up to date on the latest threats, the latest
methods of attack, the latest and greatest one size-fits-all security
solutions. The Specialist needs to be able to tie all of it together
into a cohesive presentation and for that, a very special mindset is
required.
One of
the key differences I notice about the CyberSecurity Specialist is the
mind-set. It seems to be a mind that does not easily accept the first
answer. One that does not see an end to learning. The one that seeks a
role in this area is one that appreciates the smaller details and finds
that is where the answers lie. After all, how many friends have you made
that can find their way through a packet capture and explain it? How
about a syslog that is generated by NetFLow? Looking at traffic and
knowing it isn't right. More than a network admin and the server admin,
we have to know the application level down to the physical. Know it and
know it good. Only by having a good foundation in how things are
supposed to work, will we be able to discern when something is out of
tune. Makes me think of an episode of Star Trek:TNG where Capt Picard
recognizes that the engines are out of phase by the feel of the engine's
hum under his feet. He knew that ship so well and that is the level of
familiarity that we need to have with all the many aspects of data and
how it flows from the very top to the bottom. We have to know where the
vulnerabilities are within those areas as well. Where is the weakness
that can be exploited? What can protect that vulnerable spot? How do we
do it without doing harm on the network? And finally how do we get it
paid for and supported from the top level of management? Without that
support the subject of security will not be brought up and will not be
laid down for the users to follow. Awareness being a key point that has
to be provided by security SME's. We have it, lets share it.
Look for part 2 to follow
Question: How do we determine targeted counter-measures to targeted threats by the internet-enabled world?
- What is he like?
- Who is he?
- What must he do to keep up to date?
- Where does he gather information?
- What skills are needed?
The CyberSecurity Specialist certification is designed specifically for the Network Security Analyst Role. This person is responsible for monitoring network traffic, identifying potential threats, investigating threats, mitigation and reporting. Now, first let me start by saying that I am fully aware that there are females in this industry, but for the sake of ease and clarity I will continue to use the pronoun 'he'. This area of IT is confusing enough with the lack of clear definitions that we deal with, lets not make it worse and please do not accuse me of neglecting women in the field. After all, I have an autographed copy of Shon Harris's CISSP AIO guide and I treasure her contributions.
No comments:
Post a Comment