Pin Me

Training Security Analysts

written by: Steve Mallard•edited by: Bill Bunter•updated: 5/7/2010

Training security analysts and network administrators can be challenging. These personnel can find complacency after several years of no 'close calls' or with a network that is somewhat self maintaining. Find dynamic instructors who are in the same role or who have been in the role.

  • slide 1 of 3

    Security Training

    Often network security training is focused on the enduser. The training and methods of training used can help the company and should never be abandoned for any one training methodology. Many users find training boring and redundant. Training sessions should be changed and altered to let all users of your network know that attacks and security are dynamic. Giving demonstrations and presentations on the latest attacks can let users know that having the right attitude and knowledge can help protect the company's assets.

    Network Analyst and Security Analyst need quarterly training in order to prevent network attacks. Because these individuals (the analysts) can become complacent and sometimes arrogant, they must understand that new and old technologies are being used to circumvent security methods being used. With new and more sophisticated attacks happening; these analysts need skills sharpened to keep up with technology.

  • slide 2 of 3

    Hackers and Gathering Knowledge

    Although there are many modes of attacks, attacks should be categorized and divided into groups. Hackers generally look for vulnerabilities and weaknesses 24/7. Although most hackers are enthusiast wanting to adventure out on the net and find weaknesses and to 'see' what they can do, their intentions are not always malicious. These individuals can post the 'how they' broke in to a database or company for bragging rights and not realize malicious individuals are gaining valuable knowledge on 'how to' break in to the same corporation.

    Given this information, security analyst and network administrators should research the 'web' as a whole scouring the web for any information that may be posted about their company. Part of the IT department's training should be a treasure hunt of looking for their company and the company's IP address range out on the net. Training should include IRC and other chat rooms / areas on the internet.

    The United States often listens for 'static' through multiple communication channels trying to find terrorists. This same methodology should be used to gain intelligence on weaknesses and potential hackers that are targeting / or who have targeted their company. This intelligence should be gathered and analyzed to see what can be done to protect their assets.

    When the aforesaid information technology professionals 'think' they have gotten all vulnerabilities fixed or patched, there are ALWAYS individuals out on the web who can out think and find items that have been overlooked. These analysts should think 'outside of the box' in order to protect their information.

  • slide 3 of 3

    Real Training vs. Fluffy Training

    Industry experience cannot be replaced by any form of eduction. Certifications and Degrees do not replace the individuals who have been in industry with life experience. Some companies may see this as a negative statement. The bottomline is the people who have been in the trenches fighting hackers and finding methods to stop these malicious individuals are going to be more aware and knowledgeable on how to prevent and stop these actions. While Certifications and Degrees are important for professional growth, the combination of this education PLUS experience is any company's best bet for securing networks and training individuals.

    Select your trainers based on experience first. Indivduals who can relate to your analysts and who have been or who are in the same job role allows the exchange of ideas. Find trainers who are dynamic and who think outside of the box. The success of training these personnel and protecting your assets are more likely to succeed when these guidelines are followed.