cyber security methods of analysis
1. Module Description: Experts stress that a robust IT team that provides 24×7 Coverage, and who are well trained to think security, not just react is essential for securing any infrastructure. Often this means a change in mindset to reshape the way the team thinks about data and data breaches. They need to become skillful observers who can make decisions on the spot.
In order to keep all members of the team working together and honing their skills and focusing their mindsets on security, it has been suggested that the IT security expert can use games. Review the suggested games in Chapter 5 Your Most Valuable Resource is Your People in Designing and Building a Security Operations Center. Design a game that staff analysts could play that would help to train them in becoming more observant and able to see through the noise of all the data that passes through their servers. Integrate components of the Structured Analytic Techniques for improving their analysis of data sets.
2. There are a number of jobs for security analysts with titles such as incident handler, intrusion analyst, forensic examiner, malware analyst, firewall analyst, and penetration tester. However, these roles are now being challenges since they are based on a reactive mindset. The focus has been on dealing with what has happened rather than what is going to happen. New wisdom calls for the analyst to be proactive and develop skills needed to continuously monitor and analyze data looking for patterns and anomalous data.
Develop a toolbox for the IT analysts. Your IT team can use these tools to continue to grow as an analyst.
- Write a detailed job description for the analyst that clearly defines all facets of their job…
- Develop a self evaluation check list for the key elements of the functional model where analysts need to demonstrate competency.
- Provide the IT team with a functioning quick reference app of the latest tools they can use in their job as an analyst. They should be able to modify the app to add new software as it become available.
Message From the Consulting Company Director: We have just received a request from a client for a security analyst to help their team get up to speed and develop a plan to effectively analyze the large amount of data that comes through their server daily.The company leaders are concerned that with the immature team they may be vulnerable to outside attacks that slip past their external perimeter defenses. They would like you to work with their IT team to help them develop an analytic mindset focused on careful observation and response as well as determine analysis needs.They also want the team to become more proficient in carrying out an analysis of data and then determining the appropriate response.