|
Emerging malicious threats are driving the demand for new cybersecurity experts. The rise of ransomware and machine learning (ML)-driven attacks underscores the importance of having the capability to track and prepare to combat such threats. In response, the profession had to adapt quickly by employing staff with the necessary offensive and defensive skills.
Below are just a few examples of new jobs created by the changing requirements of cybersecurity operations in recent years.
Threat Hunters
Threat hunting refers to proactively searching for previously undetected anomalous activities in an environment. It succeeded yesterday’s security operations model, which placed more value on security controls rather than risks.
Most of today’s cybersecurity professionals already possess the knowledge and experience required for threat hunting. What they have to do usually is acquire a deeper understanding of threat hunting concepts to perform or transition to the role adequately.
The core responsibilities of threat hunters include:
Threat hunters, however, cannot perform their jobs well without the right tools. These tools include enterprise API packages for domain and research monitoring. Reverse IP and DNS, along with reverse MX and reverse NS lookup tools, for instance, help threat hunters spot irregularities in host or domain configurations, as well as pinpoint the sources of threats.
Data Protection Officers
A data protection officer (DPO) is a new role that directly resulted from the implementation of laws such as the General Data Protection Regulation (GDPR). While not legally required, most organizations are now appointing a DPO to oversee their regulatory compliance.
DPOs are indispensable in industries that process large volumes of data, such as those in the technology, healthcare, and public governance sectors. Some managed service providers offer DPO-as-a-service to clients.
The core responsibilities of DPOs include:
DPOs, like threat hunters, also need information to stay abreast of high-profile attacks and emerging threats. While their day-to-day functions focus on providing advisory services to C-suites, DPOs must also be capable of getting their hands dirty with labor-intensive tasks like manual data recovery, a process that requires knowing where stolen or lost information ends up. For this, they require well-structured data feeds.
Incident Responders
Incident responders serve as a company’s first line of defense against breaches. They block threats as they happen and exhibit high dexterity with forensics software and heterogeneous networking environments.
The career path for incident responders usually starts with entry-level positions such as a network, security, or system administrator. They then move to computer security incident response team (CSIRT) management positions.
The core responsibilities of incident responders include:
Like other security experts, incident responders also need WHOIS information to identify who is behind an attack. They can, for instance, use a WHOIS database to identify all other domains and sites that the attackers own for proactive blocking.
Penetration Testers
Also known as ethical or whitehat hackers, penetration testers probe a network, system, website, or application for vulnerabilities. Their job is to continually test out theories to successfully crack into a system and simulate cyber attacks to prevent them effectively. This career is best for those who thrive on designing security experiments and have a good understanding of the business and technical aspects of risks.
The core responsibilities of penetration testers include:
Penetration testers reinforce network borders, endpoints, and website security. Some of them back-engineer potential attacks on insecure apps or websites that are deliberately available for hacking tests. However, most set up companies’ own digital assets for testing.
* * *
While the additions of new members to cybersecurity teams can improve organizations’ posture, professionals still require the right tools and solutions to do their jobs well. Threat intelligence in its various forms helps mitigate risks by blocking threats from the source proactively.
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byVerisign
Sponsored byCSC
Sponsored byDNIB.com