Cyber
Analytics

Intro
CA

Cybersecurity analytics is the use of advanced analytics to identify, monitor and protect an organization's digital environment. Organizations are struggling more than ever with the challenges of defending themselves against cyberattacks due to increasingly sophisticated adversaries and pressure to do more with less.
“In the face of increasingly advanced cyber threats, organizations must do more with less to protect their digital environments. This is where cybersecurity analytics comes in; using sophisticated analytical techniques to detect and monitor potential breaches before they cause harm. Ultimately it provides a stronger layer of defense against even the most determined attackers.”

Why Is CA Important

Today, the situation is much more complex. Infrastructure is still a huge focal point, and many more companies have invested in software development, especially for websites and mobile apps. In addition, two other fields have emerged as standalone disciplines for many organizations:

Cybersecurity requires dedicated focus as businesses are concerned with securing critical digital assets.

Data is quickly coming into its own as companies aim to pull value out of all their information.

“Nowadays, the technology landscape is more intricate and dynamic than ever before. Not only have organizations dedicated time to bolstering their infrastructure backbone, but many companies are also investing in software development for websites and mobile apps. Moreover, two rapidly-evolving domains - cybersecurity & data science – have become fundamental disciplines that need special attention: businesses must safeguard critical digital assets whilst tapping into the wealth of information available within their networks to gain valuable insights.”
“As we look ahead, proactive cybersecurity strategies are the way of the future. Until now, organizations chose to defend against external threats by building a secure perimeter; however, with advancements in malicious techniques and technology it is increasingly clear that protection must be multifaceted. That's why companies have begun incorporating penetration testing into their defenses to stay one step ahead of potential cyber risks from any direction.”

Cybersecurity Analysis Skills

The types of threats that could compromise a network have grown from malware and viruses to ransomware and supply chain attacks. Once hackers infiltrate a network, they can sometimes stay for long periods undetected. Knowing the different types of threats and how they might appear within a network is the first step to detecting any problems.

Advanced. An organization must have an institutionalized management plan to implement good cyber hygiene practices to safeguard CUI, including all the NIST 800-171 r2 security requirements and processes.

An organization must have standardized and optimized processes in place and additional enhanced practices that detect and respond to changing tactics, techniques, and procedures (TTPs) of advanced persistent threats (APTs). An APT is as an adversary that possesses sophisticated levels of cyber expertise and significant resources to conduct attacks from multiple vectors. Capabilities include having resources to monitor, scan, and process data forensics.

An organization must have standardized and optimized processes in place and additional enhanced practices that detect and respond to changing tactics, techniques, and procedures (TTPs) of advanced persistent threats (APTs). An APT is as an adversary that possesses sophisticated levels of cyber expertise and significant resources to conduct attacks from multiple vectors. Capabilities include having resources to monitor, scan, and process data forensics.

The information above is a high-level breakdown of what Cybersecurity Analytics is.