Some of you may be familiar with the 90’s UK TV program called ‘Cracker’ starring Robbie Coltrane as a Forensic Psychologist. He is a classic antihero, unfaithful to his wife, alcoholic, a chain smoker, obese, addicted to gambling, manic, foul-mouthed and sarcastic, and yet cerebral and brilliant. He is a genius in his specialty: criminal psychology. In order to stay ahead of Advanced Threats one of the changes organizations will have to make is to ensure they have the right skills required to mitigate these threats and the new role of the ‘Cyber Security Analyst’ is born.
The skill set for cyber-risk intelligence professionals is quite different from the traditional skill set within the security department. Historically, security professionals required technical skills such as system administration or network administration skills, but cyber-risk intelligence teams require a different set of skills which are focused on determining how attack techniques might be used against the organization’s IT infrastructure. It is a relatively senior role that also requires an ability to evaluate risks and make reasoned judgment calls.
Analytical skills and experience are crucial in order to look at what appear to be unrelated pieces of data to draw linkages, uncover patterns, see trends, and make predictions. Knowing how to construct and refine analytical models and work with other professionals such as programmers are also necessary skills, as well as specific expertise in network- and system-behavior analysis.
This role goes a lot deeper than just the analytical skills and surely people behavior analytics comes into it and also strong investigative and psychological skills.
I suspect behavior analytics will have a strong role to play here as threats get more sophisticated and companies start deploying tools to help them identify the perpetrators. These skills will help them understand if an attack is a single attack or one of many from a same group of attackers etc. All of these skills will be useful to add to the ‘must have’ list for a job description for the role. However, surely the ‘human element’ is important here as well. After all, security is about people, process and technology and it seems we sometimes forget the ‘human element’ skills necessary for this role.
Ideally we need to recruit someone like Cracker for the role of the Cyber security analyst (perhaps without all his vices) to marry the technical skill and the forensic psychology element. I wonder how many companies have job descriptions for such a role?