To combat the increasing risk of cyber attacks, the Computing Technology Industry Association (CompTIA) – the leading IT Trade Association – has unveiled a “groundbreaking, vendor-neutral” certification. Entitled CompTIA Cyber Security Analyst (CSA+), it’s the first solution of its kind to bring behavioural analytics to the forefront of cyber threat detection rather than focusing solely on the technical aspects of the sector.
In recent years, hackers have learned how to evade detection from traditional systems like firewalls and launch increasingly sophisticated attacks such as Advanced Persistent Threats. This has led to the need for an analytics-based approach – one which can identify anomalies, spikes, positives and false positives in network traffic which could well be the symptoms of an underlying cyber attack.
According to CompTIA, the new certification is the first of its kind to ensure that cyber security professionals are able to take a data-driven approach and bolster their companies’ cyber defences.
Some of the highest profile cyber attacks in recent times – including the Mirai Botnet DDoS attack which took down the servers behind popular sites such as Twitter and Reddit – cannot be stopped by traditional methods. They require a more analytical approach towards detection and prevention, in tandem with the ability of security teams to interpret vulnerabilities where they might not be immediately obvious.
The demand for cyber security analysts is strong. Recent research conducted by Tech Partnership found that security analyst roles are one of five occupational groups in the cyber workforce that make up three-quarters of all jobs posted in the industry.
Economic and societal imperative
Graham Hunter, vice-president of certifications for Europe and the Middle East at CompTIA, told Risk UK: “We’re starting to see technological developments such as the Internet of Things come to the forefront of the business and social landscape. As these technologies continue to grow and develop, so too do the threats posed to networks and devices as hackers find new avenues to attack and access personal information.”
Hunter continued: “To combat these new threats, it’s vital that we’re training the next generation of IT and security professionals on how to keep members of the public and organisations secure. CSA+ certification provides the platform that IT professionals need for learning and developing new skills so that they have all of the critical information and tools necessary in order to keep up with emerging technologies.”
CompTIA’s senior director for products, Dr James Stanger, explained: “By placing greater emphasis on data analytics, we derive a real-time, holistic view of the behaviour of the network, its users and their devices in order to identify potential vulnerabilities and strengthen them before an intrusion happens. Armed with this information, cyber security professionals can more precisely identify potential risks and vulnerabilities such that resources may be allocated where they’re most needed.”
“Data analytics is key,” stated Jim Lucari, senior manager of certification at HP Enterprise. “Everybody in technology should have the CSA+. It should be mandatory if you’re going to remain in the IT world over the coming decade.”