IN DEMAND SKILLS SETS WITHIN CYBER SECURITY

The industry is continuously growing, the industry is becoming one of the most in-demand fields for IT professionals. Do you have the experience needed or would you like to grow your career?

Day to day, our recruitment consultant Sukh Chatha works solely with industry professionals, immersing himself in what is happening in an ever-changing market. From his research, he has identified the in-demand skill sets in the market right now.

If you are looking to start your career in the industry or even further develop your knowledge, then this article will help add significant value to your career.

Sukh Chatha

IT & Cyber Security Recruitment Consultant

Office: +44 (0) 121 227 4210

SIEM MANAGEMENT

Security information and event management (SIEM) software provides security specialists a further understanding into activities within their IT environment. This allows tracking abilities and continuous analysis’ by collecting log data produced within the organisation’s technology infrastructure. The software then classifies and catalogues incidents and events from host systems and applications to network and security devices such as firewalls and antivirus filters. SEIM technologies convey threat intelligence in addition to traditional log data.

There are two main objectives that SIEM Management must deliver. These are to report on security-related occurrences and send an analysis demonstrating that an activity runs against encoded rulesets. By carrying out these objectives, the software will show any potential security issues.

DATA MANAGEMENT PROTECTION (DPM)

The importance of data protection continues to increase as data technology is growing and evolving at an extraordinary rate. A key element to data protection strategy is the ability to safeguard make available data under all circumstances. DPM ensures that data can be restored quickly after any corruption or loss.

The two key areas of data management used in data protection are data lifecycle management and information lifecycle management. Data life cycle management (DLM) is a policy-based approach to handling the stream of an information system’s data during its life cycle, all the way from creation to deletion. Information Lifecycle Management (ILM) is for managing data as it is intended. ILM will advance the performance of applications, decrease organisation costs and deliver governance, risk and compliance frameworks.

FIREWALL/ IDS/ IPS SKILLS

Two important tools used to secure networks are firewalls and intrusion detection systems. These tools provide a layered method of defense within the security environment. If an attacker can bypass one layer of this security, another layer stands in the way to protect the network.

The main firewall technologies available today are:

  • Hardware Firewall
  • Software Firewall
  • Packet-Filter Firewall
  • Proxy Firewall
  • Application Gateways
  • Circuit-Level Gateways
  • Stateful Packet-Inspection (SPI)

There four main types of IDS are:

  • Network intrusion detection system (NIDS)
  • VM based Intrusion Detection System (VMIDS)
  • Host-based intrusion detection system (HIDS)
  • Perimeter Intrusion Detection System (PIDS)

SECURITY INCIDENT HANDLING AND RESPONSE

The planned methodology of security incident handling and response is for managing security incidents, breaches, and cyber threats. Incident response is defined as the summary of technical actions performed to analyse, detect, defend against and respond to an incident. Whereas incident handling is defined as the summary of methods and predefined procedural actions to efficiently and actionably handle/manage an incident.

Security incident handling and response methodology includes the following:

  • Developing an Incident Response (IR) plan
  • Incident Management (IM)
  • Incident Triage
  • Incident Categorisation
  • Escalation and decision making
  • Core technical response
  • Post incident review
  • Playbooks and regulatory issues

It’s essential that good practices such as the ones highlighted above are as companies rely on this response not only to protect themselves, but to protect their public perception.

IAM (IDENTITY AND ACCESS MANAGEMENT)

Identity and Access Management provides IT managers with tools and technologies for controlling user access to critical information. IAM manages the roles and access privileges of individual network users within an organisation, with the technology allowing or denying users to certain information.

Using IAM technology provides a variety of benefits to an organisation. Some of these include the reduced risk of internal and external data breaches, an improvement for companies to comply with government regulations and ensuring that services are properly reviewed, authenticated and approved.

AUDIT AND COMPLIANCE

Audit and compliance show critical control components of an organisation’s structure and assess the overall effectiveness of compliance practices and protocols. They follow guidelines such as FISMA, GDPR, ISO 27001 and 20000, COBIT and HIPAA.

The compliance function ensures that a company is obeying with all applicable laws, rules and regulations. In conjunction, the Audit function is intended to monitor and estimate the company’s internal control environment as to its adequacy, efficiency and effectiveness.

ADVANCED MALWARE RESISTANCE SOFTWARE

Advanced malware attacks can create a serious impact on business operations and continuity. Therefore, it’s essential to have advanced malware resistance software so that any threat can be converted into immediate action and protection. Types of malware include computer viruses, worms, Trojan horses and spyware.