In 2013, hackers stole data from over 40 million Target shoppers during the holiday season. In 2014, hackers stole credit card data from 56 million Home Depot customers. In a 2019 Facebook breach, 19 million UK residents were affected. The potential for this data to be used for fraudulent charges or identity theft was a wakeup call to take cybersecurity seriously. As companies have worked diligently to protect their systems, hackers have become more sophisticated. In 2019, Ransomware attacks have held whole cities hostage and future attacks will continue to evolve.
To better understand the field itself and future trends in cybersecurity, we talked to Dr. Bret Fund, Head of Cybersecurity at Flatiron School. Bret shares his insight on becoming a cybersecurity analyst and why London needs skilled cybersecurity talent.
What is cybersecurity?
Since the mid-1990s, the internet connected all these devices — from desktop computers to laptops to smartphones – to create a global network. “While it was great for communication, it did create more vulnerabilities for all of us because we haven’t always incorporated security in the design phases” Bret says.
People are also sharing a lot of information without realizing how it could be used, according to Bret. How do you secure your device? How do your secure your data? These are just two questions that both people and companies need to address.
“Since 2014, when the Target and Home Depot breaches happened, the world woke up and realized all of that data is out there,” Bret says. “People were saying, ‘What do we do now? We don’t have any control over what is already out there and there are hackers, commonly referred to as bad actors, that are after it and making money off of it.’” The expectation is that companies have to be more responsible and we’ve seen that with more robust security measures. In response to companies increasing their security posture, bad actors have become more creative and much more sophisticated in how they launch these attacks and the way they monetize these attacks too.
Security was a secondary concern when we’ve thought about tech. “We built everything with technology first and security second,” Bret says. Now, more and more companies are putting security first and technology second. For example, with the rise of computers and the internet, there was a push for tech literacy. You needed to learn basic computer skills and programming and that’s still true today. Bret sees a similar trend going forward with security literacy. “We’re all so trusting, but we have to think about better ways of securing things,” he says.
Whether it’s not leaving a sticky note with your login and password on your desk or connecting to a Starbucks without thinking twice about if it’s the right WiFi access point, we need to think about “security hygiene” as Bret calls it. In other words, we need to apply simple, but consistent personal security practices to keep ourselves safe from the 80% of avoidable threats that are out there.
With the increased demand for cybersecurity, companies have responded by adding new lines of defense. Security Analysts are the first line of defense and a great entrypoint into a cybersecurity career.
What is a security analyst?
Bret identifies three distinct analyst roles. Security Analyst, or Security Operations Centre (SOC) Analyst, Threat Intelligence Analyst, and Compliance Analyst. All three look at data, but each use that information for different purposes.
A Security Analyst/SOC Analyst looks at log files to identify when an event has occurred on the network that looks suspicious. They’ll investigate further to determine if it’s a breach and escalate accordingly.
A Threat Intelligence Analyst creates and consumes internal and external feeds to identify attacks and potential solutions. They support by providing data and analysis to engineers to better secure the environment as best as possible against attacks they see internally and externally.
A compliance analyst helps an organization to meet compliance standards in a given industry.
They make sure a company is updated on any regulatory developments.
What’s great about these three roles — and cybersecurity in general — is that they’re open to anybody, according to Bret. If you have analytical skills, or naturally inquisitive, enrolling in the Cybersecurity Analytics program could be a good fit.
Future trends in cybersecurity
Bret believes these analyst roles won’t change much in the future. Instead, these jobs will become more sophisticated.
Much like other industries, there’s been a big push for automation in cybersecurity. Why not have a computer identify a potential threat Instead of a SOC Analyst? Instead of replacing SOC Analysts, automation has led to more skilled analysts. “SOC analysts have to be more sophisticated,” Bret says. “They’re using automation data and SIEM systems to detect threats, there still needs to be human intuition.” The good news is that there are higher salaries for entry-level roles because there needs to be more training and more sophistication.
“Defense” is the first word we usually associate with cybersecurity. That’s rapidly changing as new threats emerge.
Think of your company as a castle. Security, or defense, meant building a wall, a moat, and creating a vault to protect your valuables. But, that doesn’t defend against an attack that aims to destroy everything.
That’s what’s happening in cybersecurity which has led to the formation of “hunt teams,” according to Bret.
Analysts are paired with data scientists and engineers to find proactive solutions. The hunt team identifies patterns in their network traffic and will anticipate what moves they will make and then root out hackers. Often times, these teams will lead bad actors to a fake network (deception grid) so they can study their behaviors and learn more about them, what they’re doing, and where they’re going. This allows them to better anticipate other threats that will follow the current one they are working to defeat.
Cybersecurity in London
As Bret explains, there’s a lack of cybersecurity talent. “A lot of people want to get into Cybersecurity, but don’t know where to start,” Bret says. There’s a misconception that you have to be an expert-level hacker. “We break down the barriers to cybersecurity by teaching the technical skills they need to start a career in cybersecurity,” Bret says.
Companies need talent who can hit the ground running and grow alongside the field. In London, government, banking, commerce, and industrial control systems are all highly regulated industries where security is crucial.
It’s an exciting time to be in cybersecurity and Flatiron School’s Cybersecurity Engineering program will help you get there in as little as 15 weeks.