Cyber Threat Intelligence part 2 — What are the skill set requirements for a Cyber Threat Analyst?
For a quick recap of an introduction to Cyber Threat Intelligence, you can check the first blog of this series: A quick introduction to Cyber Threat Intelligence (CTI)
In this article, I will cover the skills set required to enter the interesting field of CTI. My objective is to provide high-level guidance for those who aspire to be CTI analysts.
There are a few key skills that are important for anyone working in Cyber Security Intelligence. These are:
Understanding of Information Security Principles with strong technical skills:
First and foremost, they need to have a solid understanding of information security principles, and practices combined with strong technical skills across numerous subjects. The CTI analyst must have a good understanding of threats, threat actors, and threat concepts. They must also be familiar with the tactics, techniques, and procedures (TTP) concepts. A CTI analyst must stay current on Advanced Persistent Threat (APT) and cybercrime trends, vulnerabilities, investigative techniques, a thorough understanding of malware, and network traffic analysis.
Creative & Critical thinking :
CIT analysts need to be able to think critically and creatively. The cyber threat landscape is constantly evolving, and new threats and vulnerabilities are emerging all the time. The ability to understand the current situation ask questions, examine evidence, identify patterns, and extract the right insights is a crucial part of the role.
Analysis skills:
CTI analysts should be skilled in data analysis, as the process of gathering and analysing threat intelligence involves working with large amounts of data aggregated from a variety of sources. A CTI analyst should have experience with qualitative and quantitative analytical methodologies and technologies.
Communication skills:
Communication skills are also important, as Cyber Security Intelligence professionals need to be able to communicate complex technical information to a variety of stakeholders, including executives, technical staff, and non-technical staff. A CTI analyst must have strong communications and relationship-building skills, with proven stakeholder engagement experience and a desire to work collaboratively with diverse groups of people. One could make the argument that the ability to articulate a complex technical problem to the business in a simplified matter is even more important than technical skills.
Situational awareness:
Situational awareness is knowing what is happening around you. In the context of Cyber Threat Intelligence, this means CTI analysts understand their current operating environment, can assess their situation, and be able to make the right decisions. Situational awareness enables CTI analysts to make optimum decisions based on what is required by their organization and helps reduce and mitigate organization risk.
Attention to detail:
Attention to detail is important for a few reasons:
1. Quality: When you pay attention to detail, you are more likely to produce good work. Small mistakes can often have a big impact on the overall quality of a project or task.
2. Accuracy: attention to detail ensure a greater level of accuracy. Accuracy is important in many fields, including Cyber Security Threat Intelligence, where small errors can have serious consequences.
3. Efficiency: Attention to detail can help you work more efficiently. When you are detail-oriented, you are less likely to make mistakes that require you to redo work, which can save you time and effort.
There are a variety of resources available for people interested in learning more about CTI. There are online courses, books, and blogs available on this topic. I will list some of the resources in my future blog as part of this series.
In the next blog, I will talk about Cyber Security Threat Intelligence Lifecycle.
Thanks for reading and as always, all feedback is welcome.