Cyber security certification from CompTIA “first to address behavioural analytics”

To combat the increasing risk of cyber attacks, the Computing Technology Industry Association (CompTIA) – the leading IT Trade Association – has unveiled a “groundbreaking, vendor-neutral” certification. Entitled CompTIA Cyber Security Analyst (CSA+), it’s the first solution of its kind to bring behavioural analytics to the forefront of cyber threat detection rather than focusing solely on the technical aspects of the sector.

In recent years, hackers have learned how to evade detection from traditional systems like firewalls and launch increasingly sophisticated attacks such as Advanced Persistent Threats. This has led to the need for an analytics-based approach – one which can identify anomalies, spikes, positives and false positives in network traffic which could well be the symptoms of an underlying cyber attack.

According to CompTIA, the new certification is the first of its kind to ensure that cyber security professionals are able to take a data-driven approach and bolster their companies’ cyber defences.

Some of the highest profile cyber attacks in recent times – including the Mirai Botnet DDoS attack which took down the servers behind popular sites such as Twitter and Reddit – cannot be stopped by traditional methods. They require a more analytical approach towards detection and prevention, in tandem with the ability of security teams to interpret vulnerabilities where they might not be immediately obvious.

The demand for cyber security analysts is strong. Recent research conducted by Tech Partnership found that security analyst roles are one of five occupational groups in the cyber workforce that make up three-quarters of all jobs posted in the industry.

Economic and societal imperative

Graham Hunter, vice-president of certifications for Europe and the Middle East at CompTIA, told Risk UK: “We’re starting to see technological developments such as the Internet of Things come to the forefront of the business and social landscape. As these technologies continue to grow and develop, so too do the threats posed to networks and devices as hackers find new avenues to attack and access personal information.”

Hunter continued: “To combat these new threats, it’s vital that we’re training the next generation of IT and security professionals on how to keep members of the public and organisations secure. CSA+ certification provides the platform that IT professionals need for learning and developing new skills so that they have all of the critical information and tools necessary in order to keep up with emerging technologies.”

CompTIA’s senior director for products, Dr James Stanger, explained: “By placing greater emphasis on data analytics, we derive a real-time, holistic view of the behaviour of the network, its users and their devices in order to identify potential vulnerabilities and strengthen them before an intrusion happens. Armed with this information, cyber security professionals can more precisely identify potential risks and vulnerabilities such that resources may be allocated where they’re most needed.”

“Data analytics is key,” stated Jim Lucari, senior manager of certification at HP Enterprise. “Everybody in technology should have the CSA+. It should be mandatory if you’re going to remain in the IT world over the coming decade.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014.

Related Posts