To combat the increasing risk of cyber-attacks, CompTIA, the world's leading information technology (IT) association, has unveiled a ground-breaking, vendor-neutral certification, CompTIA Cybersecurity Analyst (CSA+). It is the first of its kind to bring behavioural analytics to the forefront cyber threat detection, rather than focusing solely on the technical aspects of the sector.
In recent years, hackers have learnt to evade detection from traditional systems such as firewalls, with increasingly sophisticated attacks such as Advanced Persistent Threats. This has led to a need for an analytics based approach – one which can identify anomalies, spikes, positives and false positives in network traffic which could be symptoms of an underlying cyber-attack. The certification is the first of its kind to ensure that cybersecurity workers are able to take a data-driven approach and bolster their companies’ cyber defences.
Some of the highest profile cyber-attacks in recent times, such as the Mirai botnet DDoS attack in 2016, which took down the servers behind popular sites such as Twitter and Reddit, are unable to be stopped by traditional methods. They require a more analytical approach to detection and prevention, and the ability for security teams to interpret vulnerabilities where they might not be immediately obvious.
The demand for cybersecurity analysts is strong. Recent research from Tech Partnership found that security analyst roles are one of five occupational groups in the cyber workforce that make up three quarters of all jobs posted in the industry.
An economic and societal imperative
Graham Hunter, VP Certifications, Europe and Middle East at CompTIA, said: "We are starting to see technological developments such as the Internet of Things come to the forefront of the business and social landscape. As these technologies continue to grow and develop, so too does the threats to networks and devices, as hackers find new avenues to attack and access personal information.
"To combat these new threats, it’s vital that we are training the next generation of IT and security professionals on how to keep the public and organisations secure. CSA+ certification provides the platform that IT professionals need for learning and developing new skills -- so that they have all the critical information and tools to keep up with emerging technologies."
“By placing greater emphasis on data analytics, we get a real-time, holistic view of the behaviour of the network, its users and their devices to identify potential vulnerabilities and strengthen them before an intrusion happens,” explained CompTIA’s Senior Director for Products Dr. James Stanger.
“Armed with this information, cybersecurity professionals can more precisely identify potential risks and vulnerabilities so that resources can be allocated where they're most needed.”
“Data analytics is key,” states Jim Lucari, Senior Manager of Certification at HP Enterprise. “Everybody in technology should have this CSA+. It should be mandatory if you’re going to stay in IT over the coming decade.”