One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8394760 |
| Date de publication | 2023-10-12 10:52:45 (vue: 2023-10-12 15:07:14) |
| Titre | Une journée dans la vie d'un analyste de cybersécurité A Day in the Life of a Cybersecurity Analyst |
| Texte | The day-to-day experience of cybersecurity professionals can vary widely, even though we face similar threats and have many of the same tools at our disposal. In this post, I\'d like to shine a light on what a typical day looks like for a business information security analyst in the world of cybersecurity-a role I know well. Getting started in cybersecurity I\'m a musician-a bagpiper. It\'s a strange one, I know, but that\'s how I started my career. For a couple of years after leaving school, I taught and performed pipe music. But after finishing my music diploma, I knew that there were only so many hours in the week, and only so many people to teach. So, perhaps I should learn another skill, too. It was my dad who suggested cybersecurity. From the outside, it looked interesting and seemed like an industry on the up and up. So I applied for a cybersecurity course at Robert Gordon University in Aberdeen, Scotland. At that time, I didn\'t have much technical knowledge. However, after a chance meeting with the head of the cybersecurity course on a university open day, I felt it was an area I could potentially break into. Within a few weeks, I had signed up for a five-year course with the option of a placement after the second year. Fast-forward to today, and here I am two years into the job, and I\'ve just finished my third year at university. My work placement transitioned into a full-time role, which I still balance with my full-time studies. What does a “normal” day look like for a cybersecurity analyst? No two days are ever the same. It\'s typical for people new to this role to ask, “What are my tasks?” The honest answer is that they\'re hard to define. It depends on what\'s going on in the business at that time, and who you know and work with regularly. While we have great security tools in place to flag suspicious activity, a lot of the time I\'m dealing with situations where I must trust my gut instincts. A task I have grown into managing in my current role is the security training program and phishing simulations across the company. Just yesterday, I issued approvals for a new training campaign that we\'re running for our operations team in Iraq. We aim to carry out targeted team training quarterly in shorter bites, 20 minutes here and there, to try to keep people engaged more than once a year. I\'ll usually spend part of my day managing our external support teams and service providers, too. I manage our security exceptions process, which involves vetting and approving requests from the business. For me, it\'s a case of making sure we have the right information from our users, asking the “Why?” to their wants, and finding out if there are more secure alternatives for providing a solution. Indicator of compromise (IOC) checks are an ongoing task. We\'re part of a service organisation forum, so we often gather and share important information with our industry peers. We have a shared spreadsheet that\'s automatically tracked, and we always receive possible indicators internally from our ever-growing network of security champions. I just need to make sure that our email security and firewall security are ticked off, blocked and managed. Measuring success Being part of the service organisation forum means that we are constantly sharing information with our peers. It allows us to compare the results of our training programs over time to see how we trend against each other. We also look back at how we have performed in these areas internally over the last few years to make sure we\'re always improving. We\'re also passionate about data governance. We want to ensure that our users not only understand risk but also how to appropriately manage company and client data. We want to always use best practices and build an internal security culture from the ground up. There\'s that saying, “You\'re only as good as your weakest player.” When it comes to cybersecurity issues, an organization is like a football team. You have 40,000 employees-and if just one of them doesn\'t know what |
| Envoyé | Oui |
| Condensat | 000 aberdeen about absolutely across activity advice afraid after against aim all allows also alternatives always analyst another answer any anyone applied appropriately approvals approving are area areas arises articles ask asking automatically back bagpiper balance bec being best better bites blocked break build business but campaign can career carry case champions chance checks client comes company compare completely completing compromise comptia connections constantly copy could couple course culture current cybersecurity dad data day days dealing define degree depends didn different diploma disposal does doesn don each early email employees engaged ensure even ever example exceptions exclusive experience external face fast felt fill find finding finished finishing firewall firstly five flag football forum forward free from full gather get getting give going good gordon governance graduate great ground growing grown gut had hard have head here hollow honest hours how however important improving incredibly indicator indicators industry information insider insights instincts interesting internal internally introduce involves ioc iraq issued issues job junior just keep knew know knowledge last latest learn learning leaving life light like linkedin look looked looks lot magazine make making manage managed managing many means measuring meeting minutes moment more much music musician must need network networking new not nothing off often once one ongoing only open operations opportunity option organisation organization other out outside over part passionate peers people performed perhaps perimeters personality phishing pipe place placement placements player possible post potentially practices process professionals program programs proofpoint providers providing qualification qualifications quarterly questions receive regularly relevant remember requests results retrain right risk robert role rotational route running same say saying schemes school scotland second secure security security+ see seemed serve service share shared sharing shine shorter should signed similar simulations situations skill solution spend spreadsheet start started strange studies studying success suggested support sure suspicious take targeted task tasks taught teach team teams technical than that them then there these they third though threats ticked time today too tools tracked training transitioned trend trust try two typical ultimately understand understanding university unless use users usually valuable vary vetting want wants weakest week weeks well what whatever when where which whilst who widely within work world worry would year years yesterday you your yourself “normal” “what “why “you |
| Tags | Tool Prediction |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.