Businesses are in ‘cyber season’, where cyber and information protection has become indispensable. Additionally, protection against all forms of cyberattacks is of paramount importance. The cost of ignoring this fact and having a cyber breach can cost billions. In 2017, 147.9 million consumers were affected by the Equifax Breach, costing the company over $4 billion in total.
With hacking taking place every 39 seconds, digital thieves have fresh tools in their arsenal far too regularly. Statistics on cyber-attacks from Varonis Systems:
- Data breaches exposed 4.1 billion records in the first half of 2019.
- The average cost of a ransomware attack on businesses is $133,000.
- The average cost of a malware attack on a company is $2.6 million.
- Hackers attack every 39 seconds, on average 2,244 times a day.
- The average cost of a data breach is $3.92 million as of 2019.
- The industry with the highest number of attacks by ransomware is the healthcare industry. Attacks will quadruple by 2020.
- Information Security Analysts job positions in the US are expected to grow 32% from 2018 through 2028..
Looking at these digital and analogue statistics, the first line of defense is always sufficient protection. One of the ‘biggest guns’ in the cyber-defense arsenal, is the Information Security Analyst.
Information Security Analyst Versus Cyber Security Analyst?
The Information Security Analyst is not to be confused with the Cyber Security Analyst. Both work with protecting your information and data. According to Ciso, the following definition can be applied.
- Cybersecurity is:
- The ability to protect or defend the use of cyberspace from cyber-attacks. Cybersecurity also allows coverage for raw, unclassified data, which Information Security does not.
- Information Security is:
- The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.
- The protecting of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity and availability.
- Exabeam describes the above mentioned C.I.A. as:
- Confidentiality – prevents unauthorized users from accessing information to protect the privacy of information content. Confidentiality is maintained through access restrictions. Breaches of confidentiality can occur due to human error, intentional sharing, or malicious entry.
- Integrity – ensures the authenticity and accuracy of information. Integrity is maintained by restricting permissions for editing or the ability to modify information. Loss of integrity can occur when analog information is not protected from environmental conditions, digital information is not transferred properly, or when users make unapproved changes.
- Availability – ensures that authorized users can reliably access information. Availability is maintained through continuity of access procedures, backup or duplication of information, and maintenance of hardware and network connections. Loss of availability can occur when networks are attacked due to natural disasters, or when client devices fail.
What Does An Information Security Analyst Do?
- Working across all departments, an Information Security Analyst, will detect any weak points found in the security systems, in cyber security solutions, and in the software programs of a company.
- Specific procedures and processes will be recommended to Information Technology administrators and business managers, to rectify and improve the company’s overall security portfolio.
- Evaluations, vulnerability testing, and risk analysis are also done on existing security protocols already in place.
- Training can be provided to employees for instruction on formal security protocols, as well as the identification of information security breaches and the prevention thereof.
- Security access can be monitored through 24/7 real-time monitoring and the surveying of threats.
- Maintain integrity of soft-and-hardware through internal and external audits. Ensure regular upgrades are done to hardware. Ensure that all updates are completed on software.
- Root Cause Analysis done on all security breaches, with a cyber Post-mortem Analysis report provided to management.
- Keeping the company’s Incident Response and Disaster Recovery protocols updated.
- Ensuring that the security of third party vendors are verified and all security requirements are met.
- Continually keeping up to date with the latest cyber threats and ensuring that management is informed of potential risks.
- Prevention of data loss and fraud perpetration by monitoring and defending systems against insider threats.
- Application of security protocols when procuring, incorporating, and operating of all soft-and-hardware.
- Compiling of a cyber post-mortem check list individualized for every company. When breaches occur, handling all evidence and ensuring that cyber post-mortems are conducted within specifications.
- Management and maintaining of all information security operations.
- Exposure of weak points and possible threats in information security protocols by ethical hacking. Penetration testing done on networks and internet-based applications to find vulnerabilities that can be utilized.
- Monitor network traffic to identify potential threats and take necessary action.
- Reverse engineering to ultimately fix a bug or to examine malware.
What Are The Different Types of Information Security?
There are seven sub-types of Information Security:
- Application Security
Application security policies keep applications and application programming interfaces secure.
- Infrastructure security
Infrastructure security policies keep all the infrastructure components (data hubs, networks, servers, client hardware and mobile hardware) secure.
- Cloud security
Cloud security offers parallel security to application and infrastructure security, but is focused on cloud or cloud-connected elements and information.
Cryptography uses encryption to protect information by hiding the contents.
- Incident response
Incident response is a set of processes and tools that you can use to recognize, investigate, and react on threats or destructive events.
- Vulnerability Management
Vulnerability management are measures put in place to minimize inherent risks in an application or system.
- Disaster recovery
Disaster recovery policies keep your organization secure from loss or damage due to unexpected events.
Information Security Risks
The risks or threats, according to Exabeam, that Information Security Analysts can mitigate:
- Social Engineering
Involves using psychology to trick users into providing information or access to attackers.
- Advanced Persistent Threats (APT)
APTs are threats in which individuals or groups gain access to your systems and remain for an extended period.
- Insider Threats
Vulnerabilities created by individuals within your organization.
Also called crypto mining, when attackers abuse your system resources to mine cryptocurrency.
Ransomware attacks use malware to encrypt your data and hold it for ransom.
- Man-in-the-Middle (MitM) Attack
These attacks occur when communications are sent over insecure channels. There are multiple types of MitM attacks, including:
- session Hijacking: attackers substitute their own IP for legitimate users to use their session and credentials to gain system access.
- IP Spoofing: attackers imitate trusted sources to send malicious information to a system or request information back.
- Eavesdropping Attacks: attackers collect information passed in communications between legitimate users and your systems.
How Is An Information Security Analyst Beneficial To a Business?
- First and foremost, they offer protection to a company’s data, cyberspace, and information systems from breaches and loss. Not just cyber-attacks, but any threat that can incur loss. Any business’s vulnerability is its staff, and constant monitoring exposes the usage of a company’s cyber resources for personal use.No staff member can be inadvertently exploited to gain entry to data resources.
- Information leaks are devastating to businesses. The average cost of a data breach is $3.92 million as of 2019. The average cost per record stolen is $150. Not only has the company suffered a breach that has to be contained, but the company’s reputation suffers. A break between the client and the business can occur resulting in the clients departure, causing businesses to suffer financial blows. Many businesses never recover financially.
- With the quick turnaround of the invention of innovative ‘heist tools’ and the rapid advancement of technology, no system is fail-safe. Information Security Analysts can minimize the potential damage, and/or mitigate the damage already done with a breach.
- Statistics show that the average lifecycle of a breach is 314 days, from the breach to containment. A business’s network is monitored 24/7 real-time, and any anomalies are detected immediately and dealt with, on Day 1, not Day 314.
- Security best practices need to be assessed continually for vulnerabilities, either in the network or in the implementation of protocols on staff ground level. Information Security Analysts have the expertise to probe the phalanx of security systems, as potential ‘hackers’, and test defense systems put in place.
- Information Security Analyst have the knowledge and expertise to qualify them as the best educators, for company staff on information security. Regular training keeps staff focused on best security practices, different types of cyber-threats and also on professional discretion.
What Are The Pitfalls Around Information Security Analysis?
- The viral rate with which cyber-attack technology is developing and becoming available.
- The shortage of Information Security Analysts that are trained and experienced. Statistics predict that by 2021, 100% of large companies globally will have a CISO position.
When Google was fined $57 billion for GDPR violations by CNIL, a French data protection agency, the Information Technology world took notice. These harsh sentences given out to the companies refusing to comply with stricter legislation around data protection (European Union’s 2018 General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), have made Information Security Analysts compulsory in every Human Resources Department.
Global IT Information and Cybersecurity Consultancy, will offer experts that will identify cyber threats, protection against unauthorized access, and provide an internal infrastructure assessment. These pioneers in strategic advisory consulting, incident response, cloud security, and cybersecurity hiring, have all the resources to safeguard your enterprise from cyber threats. Correlating deep analytics, automation tools, and the latest security software to keep the risks of data breaches, service denials, and other damaging attacks at bay. The all-in-one information and cybersecurity solution, that prevents you and your company from becoming a statistic.
Amit. (2016, July 22). Understanding difference between Cyber Security & Information Security – CISO Platform. Retrieved from Ciso: https://www.cisoplatform.com/profiles/blogs/understanding-difference-between-cyber-security-information
Casseto, O. (n.d.). Information Security. Retrieved from Exabeam: https://www.exabeam.com/information-security/information-security/
CHATTERJEE, R. (2020, March 20). Difference between cybersecurity and information security. Retrieved from Analytics India Mag: https://analyticsindiamag.com/difference-between-cybersecurity-information-security/
Coulibaly, P. (n.d.). The Advangages of Hireing a Computer Security Specialist. Retrieved from Chron: ttps://work.chron.com/advantages-hiring-computer-security-specialist-22919.html
Cyber Security Specialist. (n.d.). Retrieved from Field Engineer: https://www.fieldengineer.com/skills/cyber-security-specialist#:~:text=They%20take%20care%20of%20network,problems%20related%20to%20service%20provides.
Firms, 9. (n.d.). Cyber security statistics. Retrieved from 99 firms: https://99firms.com/blog/cyber-security-statistics/#gref
Infogoto. (2018, June 17). Retrieved from Analog security breaches and why they are still a threat to your organisation: https://www.infogoto.com/analog-security-breaches-why-they-are-still-a-threat-to-your-organization/
Sobers, R. (2020, October 26). 110 Must-Know Cybersecurity Statistics for 2020. Retrieved from Varonis: https://www.varonis.com/blog/cybersecurity-statistics/
Zhang, E. (2019, October 24). What is a Security Analyst? Responsibilities, Qualifications, and More. Retrieved from Data Insider: https://digitalguardian.com/blog/what-security-analyst-responsibilities-qualifications-and-more