We came across another good career article over on InfoRiskToday.com the other day. It stresses that in order to better defend against today’s adversaries, network security pros can’t just focus on the network-related indicators (e.g., flow data). The only way to efficiently detect and respond to today’s threats is to develop better situational awareness by becoming fluent in adjacent areas such as incident response, malware analysis, web security, and data analysis. In this article Ed Stoner, a researcher at Carnegie Mellon University’s Software Engineering Institute, discusses the importance of and how network security pros can attain this knowledge. Ed also notes that being broader not only helps find the bad guys but often leads to better career options in the long run. Instead of just being pigeonholed into network-related positions, these professionals can also take advantage of opportunities in these adjacent areas as well. And having a better understanding of the big picture may even lead to more leadership opportunities … if that’s your thing.
With continuous attacks on organizations’ networks, it is impossible for network security analysts to mitigate them one by one. Instead, they must learn to identify and mitigate attacks on a broader level by combining and analyzing data with threat patterns across the network.
It’s all about network situational awareness, says Ed Stoner, a senior researcher at the Software Engineering Institute at Carnegie Mellon University. Since 1998, Stoner has researched new approaches to analyzing broad network activity. A major part of his research focuses on this concept.
Network situational awareness is essentially the ability to monitor large networks and analyze bulk data collections from various data sources, with the ultimate goal of detecting malicious activity. According to Stoner, this approach is crucial for network and security analysts in order to effectively defend networks from new level of threats and malicious activity such as Stuxnet.
Is is better to have a broader approach, such as situational awareness, to detect malicious activity? Post your comments below. Today’s post pic is from ECI.com.