What is the role of Cyber Intelligence Analyst? What type of skills are needed? What should be provided by the analyst?
Analyst have dig thru a lot of information and noise to get intelligence. Once the intelligence is obtained they need to deliver a report. Usually a common method used is the Bottom Line Up Front(BLUF) which lets the readers find what the report is about in about 10 seconds. Also, in the report should be important details gathered from the intelligence system and lastly an opinion from the analyst.
Skills Needed:
-Technical Writing: this skill is developed over time
-Analysis Skill: This skill can be sharpened by being able to understand human psychology and being able to think like an attacker. and asking questions like: How will the attacker attack? what is the process? what is the goal? what are the tools?
Traits of Good Analyst:
Being a technical expert in your field and identify what Intel is good and what Intel is bad.
Have knowledge about your customers/organization.
Be able to grab info from other resources like blog, books, and threat feeds.
Analyst can use any source of information such as Firewall logs, Intrusion Detection System logs, digital forensic analysis, the reverse engineering of malware, open source Internet searches, honeypots, and more.
Able to process large amount of data think critically.
Source: http://www.tripwire.com/state-of-security/security-data-protection/developing-cyber-intelligence-analyst-skills/
Thanks for sharing. This reminds me of the CIA paper i read that the professor posted on our D2L. It is similar that it identifies what makes a good security analyst. Great resource for companies looking to find the best among the fluff.
ReplyDelete-Brett