Nowadays organizations experience malware attacks, system intrusions, DDOS attacks and countless other threats coming at them from every corner of the web. This is an ongoing assault that has profoundly transformed how organizations need to approach cybersecurity.
The rapid increase in volume and the growing intricacy of threats means that if organizations want to stay secure they need look at the responsibility in a different way. The way to do this is with understanding the data and well-trained and perceptive employees who know what they’re looking at, interpret it correctly and apply it properly.
It won't always be the same in every organization depending on if the Cybersecurity Analyst is the one who alerts everyone if there is a security event or hands it over to a higher authority who responds from there, but, anyone in this role should understand what they are looking at in the logs and be able to determine what it means and what steps to take from there.
What is CompTIA Cybersecurity Analyst (CySA+)?
The CompTIA CySA+ certification applies behavioral analytics to the IT security market to improve the overall state of IT security. The certification is important because attackers have learned to evade traditional signature-based solutions, such as firewalls and antivirus software. IT security professionals now need security analytics skills to detect these threats.
CompTIA CySA+ also bridges the professional level CompTIA Security+ and the mastery level CompTIA Advanced Security Practitioner (CASP) certification. It is an intermediate-level credential targeting those with three to four years of experience in IT security.
The CySA+ exam domains are:
- Threat Management (27%)
- Vulnerability Management (26%)
- Cyber Incident Response (23%)
- Security Architecture and Tool Sets (24%)
Why do we need this certification?
The absolute sheer volume of cybersecurity threats that have been increasing on the enterprise landscape has been taxing the bandwidth of IT professionals. This has led to the advent of new, higher-level network monitoring and analytics tools critical to determining how a network could be compromised and how to respond to the threat.
Networks no longer merely become susceptible by people just clicking on phishing emails or visiting the wrong websites. Anything connected to a network is a possible vulnerability. This will lead to an information overload that only a committed and well- trained cybersecurity analyst can successfully manage.
What do we need now?
We have tools and alerts for everything and out of that; we accumulate an immense amount of data. What we need now is well-trained people who can look at this data and decipher what's important and what’s just noise in terms of which alerts you need to pay attention to and which ones are just normal traffic.
Although crucial, there are no monitoring tools that are 100% perfect. There will at times be false positives and negatives and it takes a well-trained, technically savvy person to detect the difference. Also, these tools are not simple to use and even to a lower-level cybersecurity professional at the CompTIA Security+ level they can be frequently unclear.
So where does CySA+ Fit in the picture?
After completing the Security+ certification users can either take:
*If you elect to take the CySA+ then you can later work towards CASP, which requires at least five years of security experience.
Many training organizations will likely offer CompTIA Security+ as an entry-level course to create the foundation in cybersecurity. Students will then obtain additional training that teaches more specific facets of cybersecurity (ethical hacking, security management, etc.) but in this case you can directly go to CySA+ after completing Security+ which will pull together everything that was learned and fill all gaps. If you are determined to go further, after CySA+, IT pros can pursue CASP to prove their mastery of hands-on cybersecurity skills.
It seems that CySA+ will fill the skills gap that most employers are looking for in this day and age. This cert is definitely one to watch and keep on your short list!
If you're interested in learning more about the CompTIA CySA+ certification training and requirements click below.