Schools with Cybersecurity Analytics Degrees

Zero-Day exploits, APTs, ransomware, MitM attacks—organizations just can’t keep up! Now more than ever, analytics experts are needed to tackle the sheer volume and complexity of cyber threats. If you’re considering a career in cybersecurity analytics, we’ve put together a cheat sheet to help you make the right decisions about your education. Explore the advice sections or skip ahead to the listings to find a cyber degree or certificate that works for you.

What is Cybersecurity Analytics?

What Do Cyber Analytics Professionals Do?

Cybersecurity analytics is the Griffin of the analytics world. It has the body, tail and hindquarters of cybersecurity, and the wings, talons, and head of analytics. Minus the mythology, it’s a hybrid discipline that uses data analytics, data science, Machine Learning & AI in the service of cybersecurity goals. On a basic level, you’re aiming to:

• Detect and defend against cybersecurity attacks and predict future ones
• Investigate cybersecurity incidents to identify the source, method, and impact of attacks
• Conduct risk assessments and pinpoint cybersecurity vulnerabilities
• Identify hidden patterns and trends in cybersecurity incursions
• Uncover anomalies, behavioral aberrations, malicious insiders, and suspicious activities
• Collaborate with IT and engineering teams to respond to incidents quickly and effectively
• Participate in cyber forensics investigations to collect, analyze, and preserve evidence of cybercrimes

That’s the exciting frontline work. But cyber analytics professionals also serve in the office, handling more prosaic tasks. For example, on any given day you might be required to:

• Source, extract, transform, and interpret data for cybersecurity reports & analyses
• Design and implement security dashboards and platforms
• Conduct audits and reviews to comply with cybersecurity regulations and standards
• Employ analytics to evaluate the success & failures of cybersecurity strategies and policies
• Utilize communication & data visualization skills to explain your findings to non-technical audiences
• Help team members and business leaders think strategically about cybersecurity operations

Why Choose Cyber Analytics?

Although it feels like a job title that’s been created by an algorithm, there is an urgent need for folks in this field. Companies are on the hunt for strategic experts who can think beyond the technical silo of cybersecurity (e.g. building software) and be proactive about defense. A skilled cyber analytics professional knows when attacks are coming, what threats are looming, and how an organization should be protecting itself.

However (!), it is an emerging field that’s morphing rapidly with AI. Before you commit to a degree or certificate, analyze recent job descriptions. Talk to industry experts. Check the admissions requirements for programs in our listings. If you’re just getting into cyber, you don’t want to specialize too early and block off all other options.

What Does a Degree in Cybersecurity Analytics Look Like?

Cybersecurity Analytics Degree Pathways

People enter the field of cybersecurity analytics from a range of directions. But the best choice of a degree is going to depend on your previous experience. We took a look at what current cybersecurity professionals were saying about academic routes. Here’s their advice, intermingled with our own:

• Computer Science, Computer Engineering or IT Core Coursework with Cybersecurity & Analytics Training: This is probably the most sensible option for undergraduate study, unless you have important reasons for specializing early (e.g. scholarship package). Acquiring the fundamentals in programming, networking & systems gives you the option to add electives, a minor, and/or an undergraduate certificate in cybersecurity and analytics. Or slide into cyber studies in later years. Or opt for a dual degree.
• Analytics or Data Science Core Coursework with Cybersecurity Training: This choice may work best at the graduate level. By this point, you’ve acquired a bachelor’s in a tech field and/or you’ve spent a lot of time working in a specific industry (e.g. energy infrastructure). You really understand what systems you’re trying to analyze & protect and you’ve got a plan to acquire relevant skills. Remember that you can start with a graduate certificate before committing to a master’s degree.
• Cybersecurity Core Coursework with Analytics Training: Cybersecurity degrees are available at every level, but we urge you to spend time talking about your decision before you go for a BS in Cybersecurity. They’re often regarded as puff pieces within the industry, especially if they’re soft on practical learning. Alternatively, make sure you choose a rigorous technical program with funding from an undergraduate scholarship program. Once you reach the graduate level, you’ll have more flexibility to choose a cyber analytics master’s degree that makes up for gaps in your knowledge.

Everyone in the industry agrees that a) the cybersecurity employment market is competitive; and b) entry-level jobs in cyber are extremely hard to come by. Employers are looking for certifications, technical skill-sets, hands-on experience, and deep industry expertise. Many new graduates end up working in a relevant on-ramp career for the first few years (e.g. software engineering, system administration, IT auditing, etc.) before transitioning into dedicated cyber roles.

Hallmarks of a Great Cybersecurity Analytics Degree

When it comes to comparing cybersecurity analytics programs, we recommend the “reverse engineer” approach. Establish what roles you’re gunning for, analyze the job requirements, and speak to people in those positions. Then you’ll be able to tell if the degree or certificate aligns with your needs. To expedite this process, we’ve provided links to the program and its curriculum in our listings.

We’re big advocates of cyber analytics programs that feature:

• Project-based coursework & labs
• Industry internships & co-ops
• Real-world scenarios (e.g. penetration testing, risk assessment, etc.)
• Team-building exercises
• Expert speakers who host live demos
• Time for independent research projects
• Cybersecurity & analytics competitions
• Preparation for security & analytics industry certifications
• Adjunct professors currently working in the field
• Portfolio pieces to show employers (e.g. data visualizations)
• Business communication training
• Capstone project
• Up-to-date coursework

The last point is a key one. Academic coursework in cybersecurity may be years behind industry developments. It’s always good to get a grounding in theory & InfoSec principles, but you need real-world skills that employers respect. Reach out to recent alumni and ask them if they felt the coursework was obsolete or fluffy.

How to Choose a School

You should also be investigating who’s administering the program. Cybersecurity analytics degrees are odd beasts—some may live under the School of Business and receive input from computer departments. Others will be located in the School of Computing & Data Science.

• If they’re run by the School of Business, they will often have a corporate slant.
• If they’re run by the School of Computing, they may be more technical and advanced.
• If they’re run by the Department of Analytics or Data Science, there may be faculty members within that department who are particularly interested in cybersecurity applications (e.g. Western Kentucky University).

Examine the school for quality markers. Does it feature an NSA designation as a National Center of Academic Excellence in Cybersecurity (NCAE-C)? There are 3 designations available: Cyber Defense, Cyber Research, and Cyber Operations. Search for a CAE institution in your area of interest.

Here are a few more indications of a great school for cyber analytics:

• Scholarships and funding opportunities for cybersecurity students
• Research institutes that specialize in cutting-edge cyber & analytics discoveries
• Opportunities to participate in student analytics & cyber groups, contests, and networking events
• Funding for travel to conferences and cyber competitions
• Industry partners that offer internships & workplace opportunities to students
• Advisory boards with cybersecurity & analytics experts
• Verifiable job placements for recent graduates

Remember, too, that location is going to play a big part in your decision. One glance at our listings and you’ll notice that there are a solid number of universities from the Capital Beltway and surrounding areas. (No surprise when you consider that this region is the epicenter of government organizations and federal contractors.) Even if you’re choosing an online program, find out what connections your school has to local area employers.

Cybersecurity Analytics Coursework & Requirements

Admissions Requirements for Cybersecurity Analytics Majors

Cybersecurity analytics is a technical field, so use the admissions links in our listings to get a quick & easy handle on whether you’re qualified to apply for programs. Even if your GPA isn’t quite up to par, you may be able to argue that your work experience, certifications, and test scores make up for it. When in doubt, talk to the program coordinator.

Undergraduate

Universities will want to see candidates with a high school diploma or GED and a solid foundation in mathematics (e.g. algebra, geometry, and trigonometry or higher math). Schools like UTSA may ask you to complete an introductory mathematics course at the university in order to major in cyber analytics.

Graduate

It’s a bit of a mess at the graduate level. Since cyber analytics isn’t a standardized program, universities may be looking for business & managerial experience, computer science & engineering experience, or none of the above. Our listings will have all the details. Here are a few points to bear in mind:

• Bachelor’s Degree: Some programs are limited to STEM majors (e.g. GW and Findlay); others will accept a range of majors (e.g. UT Tyler).
• GPA: Typically a minimum of 3.0, although some schools will consider 2.5 GPA applicants with strong GMAT/GRE scores and/or professional experience.
• GMAT/GRE: Almost always required. CSUSB specifies a GMAT score of 470 or a minimum GRE score of 298.
• Work Experience: Varies from school to school. Universities may be willing to consider industry certifications and/or internships in lieu of work experience.
• Undergraduate Coursework: Schools may wish to see credits in programming, college-level calculus & statistics, college algebra, operating systems, database management, networks, and the like. It will depend on the degree of technical difficulty for the master’s program.

Sample Coursework for Cybersecurity Analytics Majors

Take a look at the coursework links in our listings to lock down the curriculum. You may have trouble finding any consistency! We’ve seen programs that are front-loaded with AI and data science credits and others that skew towards management & business intelligence. It’s worth putting together a shortlist so you can compare the courses side-by-side.

Bachelor’s Degree

Undergraduate programs in cybersecurity analytics will be offered as a Bachelor of Science (BS). Cyber analytics could be a concentration within a data science, business, or analytics degree (e.g. Emporia State) or a dedicated major. Almost all of them will be campus-based degrees.

Although there’s no standardized curriculum for this program, here’s what you might be seeing in a 120-credit Bachelor of Science in Cyber Analytics:

• General Education (GE) Requirements: Expect the usual lower division coursework in natural sciences, liberal arts, social sciences, and humanities/foreign languages. We favor schools that will train you in business communication—an underappreciated skill in this line of work.
• College-Level Mathematics: Be ready to tackle 100- and 200-level courses in calculus before moving up into 300- and 400-level courses in more advanced mathematics (e.g. applied statistics).
• Business & Management: Many programs will include corporate-type credits in areas like principles of management, business foundations, data governance & privacy law, and ethics. If it’s a BS in Business with a cyber analytics concentration, you could get even more courses in finance, accounting, marketing, and supply chain management.
• Analytics & Data Science: Almost all programs will include business analytics. You’ll also frequently encounter credits in areas like AI, Machine Learning (ML), Natural Language Processing (NLP), data visualization, cloud computing, and Python. Some schools have gone the extra step and created specific courses for the field (e.g. Cybersecurity Analytics for Business). Pay attention to the ones who understand cyber domains like real-time analytics and behavioral analytics.
• Cybersecurity: This is where you need to ask the tough questions. Cyber analytics is a niche field, and employers will be looking for hard skills. Some BS programs will cover technical areas like network security, operating systems security, information assurance, and intrusion detection & incident response. Others may not. And we haven’t seen a lot of degrees that leave room for computer science fundamentals.
• Capstone: We love undergraduate degrees that feature a real-world final project in your senior year. Schools like Virginia Tech and Penn State go beyond that to include internships, studio courses, and field studies.

Again, make sure you’ve done a lot of industry research before you commit to an undergraduate degree in cyber analytics. Although cyber analytics professionals are in charge of assessing security data (not necessarily building defense systems), they still need to know why & how data points are being collected. As various Reddit users have pointed out:

“You CANNOT be good at cybersecurity if you don’t know the basics… And there’s just no way to teach these fundamentals to someone who is fresh to computers in a speedy fashion, and do you really want to trust the security of your company to someone who doesn’t know the basics?”

“Cyber or information security is not beginner friendly because IT in general is a complex collection of complex machines. You cannot protect something you don’t understand.”

“Hard Truth—the only way you have value as a InfoSec practitioner is if you have experience in other realms of IT… If you weren’t a sysadmin, or network guy, or a programmer, you don’t have the background to understand what your shiny SOC screen or other tool is telling you.”

Undergraduate Certificate

Undergraduate certificates in cyber analytics are a way to test the waters and see if you’re interested in the subject. They range from 12-18 credits and take somewhere between 6-12 months to complete. Here are some sample course titles taken from certificate offerings in our listings:

• Introduction to Cybersecurity
• Securing the Cyber World
• Networking Fundamentals
• Principles of Information Security
• Security Attacks & Defenses
• Cybersecurity Policy, Law & Ethics

With some certificates, you’ll also be allowed to choose an elective in a more advanced cybersecurity topic (e.g. digital forensics, ethical hacking, mobile computing, etc.). Murray State’s certificate even includes a mandatory internship/co-op experience.

Master’s Degree

Working professionals can choose from a number of intriguing master’s degrees in cyber analytics in our listings. They’re predominantly online; they can usually be finished in 1.5-2 years (although UT Tyler has a 1-year program); and they’re offered by a lot of well-connected universities. The University of Delaware has even developed a dual degree.

Graduate degrees in cyber analytics cover the waterfront:

• Some may be ideal for folks who aspire to technical management positions.
• Some may be tailored to government workers who are involved in advanced cyber operations.
• Some programs will be designed for career changers who don’t know much about analytics.
• Some will be expecting applicants to have a technical background.

For example:

• MS in Cybersecurity Analytics: An MS is often split between cybersecurity topics (e.g. cyber security operations, risk management, threat intelligence, encrypting methods & techniques, forensics, cybersecurity strategy & governance, etc.) and analytics coursework (e.g. data mining, Python, ML and AI, data visualization, etc.). Depending on the program, it could lean toward business (e.g. IT management), data science, or even basic cyber fundamentals (e.g. network security).
• Master of Engineering (MEng) in Cybersecurity Analytics: An MEng is going to contain a lot of hardcore credits in intelligence analysis, intrusion detection, secure cloud computing, applied network defense, Python applications, and InfoSec management. This is a program for candidates with a solid undergraduate STEM degree and existing skills.

Ask the program coordinator for a Class Profile of the most recent cohort. That should give you an idea of whether you’re going to feel be bored or stimulated by the coursework. Does the program contain a capstone project or thesis? Ask if you can see examples. Alumni will also be able to give you an unfiltered view of the worth of their degree.

Graduate Certificate

Not ready for a master’s degree? Consider a graduate certificate in cybersecurity analytics in our listings. This may be enough to satisfy your employer’s needs. Or it may help you make some decisions about your next move. Graduate certificates are typically online and between 9-15 credits. Some may be available on a full-time or part-time basis; others will be part-time only.

This is where you’re going to see the most variation in coursework! Despite similar names, curricula for graduate certificates in cyber analytics can be radically different. We’ve seen programs that focus on:

• Incident Response & Big Data
• Cyber Threat Research, Cyber Crime and Digital Forensics
• Fundamentals of Network Security, Machine Learning & Data Mining
• Cloud Computing & Security Analytics
• Business Applications of Cybersecurity Analytics

Credits from your graduate certificate should be transferable to a master’s degree, but make sure you know which one you might want to earn afterwards. Many schools still don’t offer an MS or MEng in cybersecurity analytics. Will your credits be applicable to a program in cybersecurity, data science, or analytics?

Can You Earn a Cybersecurity Analytics Degree Online?

Yes. Although the majority of BS in Cybersecurity Analytics programs in our listings are campus-based, almost all of the master’s degrees and graduate certificates in cyber analytics are offered online. Some programs will be 100% online, with asynchronous “learn on your own time” coursework. Others may include synchronous “real-time” classes on Zoom or the equivalent. Understand what’s required before you enroll.

• Undergraduate Advice: Don’t earn a BS in Cyber Analytics through distance learning. As we’ve mentioned, employers are extremely cautious about hiring newbies into cyber positions. If you wish to commit yourself to cybersecurity & analytics this early in the game, you want to be in a campus program that is going to drill you in technical skills. You’re also going to need those in-person labs, student competitions, industry internships, and real-world projects to pump up your résumé.
• Graduate Advice: Online master’s degrees & graduate certificates in cybersecurity analytics are much more acceptable to hiring committees—especially if you’ve been strategic in choosing a program & school. When you’re investigating online options, grill the program coordinator on the logistics. What software does the program provide? Where do they source their data? Is it real-world data? How do they mimic cyber incidents? How do students work together in team scenarios? What career resources are available to distance learners (e.g. virtual career fairs, interview prep, etc.)? The quality should be just as high as an on-campus program.

What Can You Do with a Cybersecurity Analytics Degree?

What Does a Job in Cybersecurity Analytics Look Like?

It will depend on your choice of industry. An analyst working for a DoD contractor will have a different set of priorities than someone working for Wall Street. Having said that, any cyber analytics expert is still going to be preoccupied with threat intelligence, data protection, incident response, risk management, infrastructural challenges, and cybersecurity strategies.

We went digging into job descriptions for cyber openings in analytics roles to create a list of typical day-to-day responsibilities. Here are some examples of what we found:

• Monitoring: Analyze & assess current cybersecurity operations, including monitoring, detection, and response mechanisms.
• Cyber Analytics: Analyze data to identify trends and improve defense mechanisms; design & implement security and situational awareness dashboards; create security data visualizations; drive metrics, analytics, reporting, and a roadmap for continual program improvement.
• Risk Assessment & Management: Conduct regular assessments of potential security risks; implement risk mitigation strategies to safeguard against cyber threats.
• Threat Intelligence: Use threat intelligence to proactively identify, predict, and mitigate potential cyber threats.
• Vulnerability Management: Identify, assess, mitigate, and create reports on security vulnerabilities; utilize vulnerability scanning and remediation tracking.
• Countermeasures: Assist cybersecurity colleagues in creating & enhancing security measures to address evolving threats and vulnerabilities; implement security controls & technologies to protect critical assets and infrastructure.
• Incident Response: Spearhead efforts to detect and respond to security incidents; contain, mitigate, and perform root cause analysis on these incidents.
• Report Generation: Generate detailed analytics reports & progress updates to leadership on security incidents and compliance status.
• Cybersecurity Strategy: Develop & implement comprehensive cybersecurity strategies that fulfill organizational objectives and align with industry best practices.
• Policy & Procedures: Create & enforce cybersecurity policies, guidelines, and procedures; establish & refine incident response processes and procedures.
• Compliance Monitoring: Ensure compliance with relevant cybersecurity laws and standards.
• Training & Awareness: Develop & deliver cybersecurity awareness training programs to educate non-technical employees on cybersecurity best practices; foster a security-conscious culture within the organization.
• Collaboration: Work with IT & engineering teams to implement security improvements & architectures; collaborate with non-technical teams on strategy, training, procedures, and business goals.

These are broad outlines. Once you narrow your focus to a specific employer, you’ll discover all kinds of weird and wonderful expectations. For instance, a cyber analytics professional working for a major tech company could be expected to contribute to supplier security risk reviews. But a cyber fraud analyst at an insurance company might be working with financial crimes/AML monitoring platforms.

Industries Hiring Cybersecurity Analytics Grads

Although new graduates can find it challenging to secure a job in cyber, there is hope. The Bureau of Labor Statistics (BLS) has forecast a massive 32% increase in jobs for Information Security Analysts from 2022 to 2032.

• As you might expect, metropolitan areas with the highest employment levels include the usual suspects: DC/VA/MD, NYC, Dallas-Fort Worth, Atlanta, Los Angeles, San Francisco, Baltimore, Boston, Seattle, and Denver.
• But you’ll also find high employment concentrations in tech hotspots like Huntsville, Colorado Springs, Idaho Falls, Boulder, and Albuquerque.

The BLS notes that demand for InfoSec analysts is particularly strong within industries like:

• IT Sector
• Banks & Financial Firms
• Accounting & Tax Preparation
• Scientific Research & Development

Within the IT sector, there are plenty of software companies, managed security service providers (MSSPs), and cybersecurity vendors who are in need of brilliant analysts. And banks and financial firms are always scrambling to defend sensitive data, prevent damaging breaches, and comply with rules & regulations.

We’ll add a few more to this list. Namely:

• Government
• Healthcare
• Retail & E-Commerce
• Energy & Utilities
• Manufacturers

In addition to dealing with a flood of online transactions, retail & e-commerce firms now have a huge amount of customer data stored on their platforms. Just as importantly, the Internet of Things (IoT) revolution has left energy & utility providers and manufacturers wide open to hacking, cyber terrorist attacks, and ransom demands.

5 Key Career Tips from the Pros

You’ll find plenty of actual opinions about cyber careers on Reddit and Quora—there’s a lot of rich knowledge out there that’s ready to be tapped! We’ve summed up a few of their most important points below. But this is a field where it really pays to seek out mentors and experts before you make any decisions. If you’re striking out on LinkedIn, connect with members of cybersecurity organizations.

1. Experience is Everything: To quote one Reddit user: “The biggest issue I see in cybersecurity is people not respecting how hard the job is.” Examine any cyber job description and you’ll notice that employers are insisting on prior experience. This might be in IT fields like application development, network or systems engineering, risk management & governance or—in certain cases—in data science and analytics. Theoretical knowledge and a degree is not enough. You will have to get your boots on the ground.
2. You May Not Need a Master’s: An MS or MEng may be useful if you’re applying for leadership positions, asking for a pay raise, shifting your career focus, or looking to challenge yourself. One Reddit user was thrilled to have picked up new skills in digital forensics, crypto, data breach analysis, and penetration testing. Another dove deeper into threat modeling & frameworks. But many folks in major cyber roles are doing just fine with a bachelor’s degree. You won’t need a master’s degree for an entry-level position (but you will need certifications).
3. Don’t Underestimate Soft Skills: Yes, you’ll have to learn the hard skills in cybersecurity and analytics to secure the job. However, as another Reddit user points out, career progression is built on “concepts and skills like knowing how to write policy, implementing security mechanisms, procedures, threat modeling assets, evangelizing security within a company, risk assessment, risk management (<–BIG ONE!), etc.” If you’re specializing in cyber analytics, your job is to think strategically.
4. Get It Subsidized: If you’re considering a bachelor’s degree, investigate all the undergraduate scholarship programs for cybersecurity majors (there are plenty). If you’re leaning towards a master’s degree or graduate certificate, ask your employer to help you fund it. Graduate programs are offered online, which means you can continue to work while you’re earning your degree. You may also be able to use your capstone and the resources of the university’s research institutes to solve your company’s problems.
5. Use Your Degree to Build a Network & Portfolio: Take full advantage of every opportunity your school offers to work on real-world projects, connect with industry partners, network with visiting experts, take part in national cyber competitions, and apply for internships & co-ops. Does the degree contain a capstone? Think about how you will present those findings & results on your résumé. Get yourself in front of important companies early and often. Show them that you know how to roll up your sleeves.

Cybersecurity Analytics Job Titles & Salary Numbers

Sample Job Titles for Cybersecurity Analytics Majors

Companies are still sorting out what to call cyber analytics experts. We’ve seen data analytics skills listed in Cyber Analyst postings. But we’ve also come across specialist titles like InfoSec Data Scientist. To get you started, we’ve listed traditional cybersecurity roles, as well as some of the newer offerings. Feed them into your AI tool of choice to learn if you’re in the right ballpark for your level of experience.

And then go back and look at individual company requirements. Some employers may be open to considering new graduates for cyber roles; some may not. Just as importantly, companies have very specific ideas on required certifications, technical skill-sets, and industry exposure. The NICCS has a guide for high school students on Cyber Security Career Options. We’ve also provided links to career & job sites in our Resources section.

Early Career

• Cyber Analyst
• Cyber Data Analyst
• Cyber Risk Analyst
• Cybersecurity Analyst
• Information Security Analyst
• IT Auditor
• Security Analyst

Mid-Career

• Cyber Fraud Analyst
• Cybersecurity Consultant
• Cybersecurity Forensic Investigator
• Cybersecurity Specialist
• Incident & Intrusion Analyst
• Penetration Tester
• Security Specialist
• Vulnerability Analyst

Senior Level

• Chief Digital Risk Officer (CDRO)
• Chief Information Officer (CIO)
• Chief Information Security Officer (CISO)
• Cybersecurity Director
• Cybersecurity Lead
• Cybersecurity Manager
• Cyber Vulnerability Lead
• Director of Information Security: Cyber Analytics
• Information Security Data Scientist

Salary Numbers for Cybersecurity Analytics Professionals

Start with the occupational employment and wage maps for Information Security Analysts from the Bureau of Labor Statistics (BLS). The BLS breaks it down by state and metropolitan area.

• In recent years, top-paying cities have centered on coastal tech hubs (e.g. San Jose area, San Francisco, Seattle, etc.), financial centers (e.g. NYC and Bridgeport), and hotspots for start-ups and data research (e.g. Boulder). It’s worth noting that these cities have a high cost of living.
• But you may trip over some surprises. Midwest cities like Des Moines and Sioux City have also been known to pay good money for InfoSec specialists.

We’re going to hazard that the Iowa stats relate to the security of the energy grid. Iowa State University is already deeply involved in projects like the Center for Cybersecurity and Resiliency of Distributed Energy Resources (DERs) and Microgrids-integrated Distribution Systems (CyDERMS) and the ReCIPE Coalition (Regional Coalition for Critical Infrastructure Protection, Education and Practice).

You can compare these numbers with state & city wage data for Statisticians, Operations Research Analysts, and Data Scientists. Cyber roles always pay better.

Cybersecurity Analytics FAQ

What’s the Difference Between Cybersecurity and Cybersecurity Analytics?

Cybersecurity: Cybersecurity experts are doers. They protect & defend networks, devices, and data. They design, create, install, and monitor security solutions. They prod the strength of defenses through penetration testing and ethical hacking. They perform risk assessments. They identify security vulnerabilities in systems. They respond to security breaches and write-up incident response reports. They conduct threat research and develop best practices.

Cyber Analytics: Cyber analytics experts are strategic thinkers. They’re using data to step back and look at the bigger security picture. They’re analyzing attack trends and predicting future incursions. They’re assessing the effectiveness of their organization’s cybersecurity solutions & strategies. They’re deploying AI, data science, and behavioral analytics to uncover hidden security problems. They’re digging into the root causes of breaches & incidents. They work closely with cybersecurity colleagues, but they’re always thinking about patterns. Have a look at the job description for a list of typical responsibilities.

Which Undergraduate Major Should I Choose?

It’s a tough call to make. Even if you’re passionate about cyber, you may still find it difficult to secure an entry-level job with a BS in Cybersecurity or BS in Cyber Analytics. Cybersecurity is a competitive field that requires a lot of specialist knowledge.

• Many industry folks suggest starting with a BS in Computer Science, Computer Engineering, or IT and moving into cyber if it’s really ringing your bell. Remember that you can also consider a dual degree or minor! We wouldn’t recommend a baseline undergraduate degree in analytics—it doesn’t focus enough on the underpinnings of cybersecurity (e.g. networks).
• Can’t imagine any other degree but cyber? Do your homework. Research the department and your future professors. Do they have useful industry or military connections? Are they actually working in the field? What kinds of jobs do BS graduates land? How are BS students funded? What kinds of internships are offered? You can focus early, but you need to be building your career from day one.

What Cybersecurity Certifications Should I Be Earning?

We’ve put together a shortlist in our certifications section. It includes suggestions for standard cyber certifications (e.g. Security+, CySA+, CISSP, etc.) as well as a link to our analytics list. Cyber Seek’s List of Recommended Certifications organizes them by job title.

Insider knowledge is a huge boon in this area:

• Research professionals on LinkedIn—they list their certifications front & center.
• See what kinds of certifications conference speakers hold.
• Run an AI analysis on certification requirements for cyber jobs in your chosen industry (e.g. finance).
• Ask the advice of people at networking events.
• Throw the question out to Reddit.

Certifications are an investment. Find a guide who’s going to steer you in the right direction.

What Are Some Standard Cyber Analytics Acronyms?

Endpoint Detection & Response (EDR): EDR tools monitor an organization’s endpoints—in real-time—for cybersecurity threats. For endpoints, think of laptops, mobile devices, IoT devices, workstations, cloud systems, servers, and the like. EDR solutions can aggregate and analyze endpoint data to identify odd, suspicious, and/or malicious activities.

Extended Detection and Response (XDR): XDR systems are designed to break down silos and give organizations a holistic view of their cybersecurity situation. So they integrate data from multiple security layers—think network security, email security, endpoint protection, cloud environments, applications, and more. With the help of AI and ML, XDRs can offer automated real-time analysis, threat intelligence, centralized incident response capabilities, and enhanced security visibility across an organization’s entire IT environment.

Intrusion Detection Systems (IDS): IDS is a network security tool that’s explicitly designed to monitor network traffic and devices for malicious activity, intrusions, or policy violations. It provides an alert to an analyst about the incident, but it doesn’t take any action itself.

Intrusion Prevention Systems (IPS): In contrast to IDS tools, IPS tools automatically take action to block attempted intrusions or mitigate threats in real-time. There is a danger that false positives in IPS can block legitimate users, so some companies prefer a more passive approach.

MITRE Att&ck Framework: MITRE Att&ck stands for “Adversarial Tactics, Techniques, and Common Knowledge”. The MITRE Corporation wanted to create a comprehensive knowledge base of adversary tactics & techniques. Cyber professionals use it to understand attacks and develop threat models in response.

Network Analysis & Visibility (NAV): NAV systems monitor, analyze, and visualize traffic & activities within a network. Cyber professionals can use NAV to identify potential threats; optimize performance; analyze usage patterns, anomalies, and behaviors; and monitor a network’s health.

Network Detection & Response (NDR): An NDR system monitors & analyzes network traffic in real-time to identify and respond to incoming threats—both known and unknown. It can detect malware, ransomware, suspicious behaviors, unexpected data transfers, data exfiltration, and the like. NDR systems are often more sophisticated than NAV systems.

National Institute of Standards and Technology (NIST): NIST is a federal agency within the Department of Commerce that promotes STEM research, innovations, and industrial competitiveness. It has developed a high-level Cybersecurity Framework to help organizations & business executives improve their cyber operations.

Security Information & Event Management (SIEM): SIEM systems are designed to help with real-time threat detection, analysis, and problem-solving. They aggregate data from a huge range of sources, including networks, servers, end-user devices, and security systems (e.g. firewalls). Cyber professionals use SIEM software to identify attack patterns, suspicious activity, and log file anomalies; create data visualizations & dashboards; and support their efforts in compliance reporting.

Security Orchestration, Automation & Response (SOAR): SOAR solutions automate the process of responding to security threats. First they orchestrate—gathering data from sources such as SIEM platforms, threat intelligence feeds, firewalls, vulnerability scanners, endpoint security software, and more. Then they automate the task of analyzing and monitoring these data (e.g. ticket checking). Then they respond to issues automatically by prioritizing threats, implementing security measures (e.g. blocking phishing attempts), and notifying stakeholders. They can also create dashboards & reports to track performance and identify areas of improvement.

User and Entity Behavior Analytics (UEBA): UEBA is a software that employs Machine Learning (ML), algorithms, and statistical analyses to detect anomalies in the behavior of users and devices within an IT environment (e.g. excessive file downloads, unusual log-in times, etc.). It’s on the look-out for compromised accounts, insider malfeasance, and hard-to-detect attacks. It can also assist in digital forensics & investigations.

Vulnerability Assessment and Management (VAM): VAM is the continual process of identifying, evaluating, triaging, and fixing security vulnerabilities in systems and networks. In the assessment phase, cyber professionals use tools to scan systems, networks, and software applications and identify security issues. Then they work to manage and remediate these issues, ensuring that they have detailed reports on every phase of the process. They will also be seeking to prove that they’re in compliance with internal and external security policies and regulations.

What is Security Clearance?

Cyber jobs with the federal government and government contractors may require security clearance. Private companies usually won’t bother. Security clearance is a rigorous background check to ensure that you can be trusted to handle sensitive & classified information. In the requirements section of job descriptions, you’ll see phrases like:

• “Must have the ability to obtain and maintain a security clearance, if necessary.”
• “Active Secret security clearance required.”
• “Ability to obtain an interim Secret clearance is required.”

There are three security clearance levels within the Department of Defense (DoD):

1. Confidential: You have access to information that could damage national security if disclosed without authorization. Re-investigated every 15 years.
2. Secret: You have access to information that could cause serious damage to national security if disclosed. Re-investigated every 10 years.
3. Top Secret (TS): You have access to information that could cause grave damage to national security if disclosed. Re-investigated every 5 years. This clearance requires a more extensive Single Scope Background Investigation (SSBI).

The DoD issues more than 80% of security clearances. But clearances can also be issued by other U.S. Departments, including the Department of Energy (Q & L access authorizations). Check the job description—it will always specify what clearance is required.

How Do I Earn a Security Clearance?

The Department of State provides a thorough rundown of the security clearance process, including a step-by-step explanation of the vetting procedure. We won’t repeat all of the details, but we’ll point out a few things to keep in mind:

• You can’t initiate the security clearance process by yourself. It only begins after you receive a conditional offer of employment from the hiring agency or organization.
• Government contractors may be able to sponsor the clearance process while you’re working in a non-cleared position. Look for job descriptions that say things like the “ability to obtain” a clearance.
• The DoD will be investigating characteristics like reliability, discretion, character, trustworthiness, and loyalty to the U.S. government. It won’t be considering factors like race, religion, national origin, and sexual orientation.
• The DoD will be examining factors like criminal records, drug use & alcohol consumption, credit & debt history, foreign contacts, interviews with associates, and personal conduct.
• You’ll have to be patient. The clearance process can take several months or up to a year depending on your clearance level and government backlog.

Are Cybersecurity Bootcamps Worth It?

Probably not. Cybersecurity bootcamps tend to be run by for-profit companies without a lot of oversight by the industry or academia. They’re not going to be able to give you the in-depth knowledge that’s required for a career in cyber. There’s no uniformity to the curriculum. And they’re simply not worth it if you’re prepping for certifications. Use the free resources out there instead.

You may occasionally run across a bootcamp that addresses a knowledge or skills gap. But you could also use that money to earn a graduate certificate with a university that has superb connections to government contractors or tech companies. That leaves the way open for a company-subsidized master’s degree.

Cybersecurity Analytics Resources & Organizations

Career & Job Sites

• CIA Careers
• Clearance Jobs
• Cyber Seek
• Cybersecurity Jobs (ClearedJobs.Net)
• InfoSec Jobs
• National Initiative for Cybersecurity Careers & Studies (NICCS)
• Workforce Framework for Cybersecurity (NICE Framework)

Certifications

• CompTIA Network+
• CompTIA Security+
• CompTIA Cybersecurity Analyst (CySA+)
• Certified Information Security Manager (CISM®)
• Certified Information Systems Auditor (CISA®)
• Certified Information Systems Security Professional (CISSP)
• GIAC/SANS Cyber Security Certifications
• GIAC Security Essentials (GSEC)
• Our List of Analytics Certifications

Competitions & Hackathons

• Capture the Flag (CTF) Events
• CSAW Competitions
• National Cyber League (NCL) Competition
• National Collegiate Cyber Defense Competition (CCDC)
• President’s Cup Cybersecurity Competition
• SANS Cyber Ranges

Conferences & Networking Events

• ACM Conference on Computer and Communications Security (CCS)
• Annual Computer Security Applications Conference (ACSAC)
• Black Hat
• DEF CON (Hacker Convention)
• Gartner Security & Risk Management Summit
• IEEE International Conference on Distributed Computing Systems (ICDCS)
• IEEE Symposium on Security & Privacy (S&P)
• ISOC Network and Distributed System Security (NDSS) Symposium
• Our List of Analytics Conferences
• RSA Conference
• SANS Institute Cybersecurity Training Events
• SIG SIDAR Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
• USENIX Security Symposium

Internships

• NICCS List of Cybersecurity Internships & Apprenticeships
• NSA Cybersecurity Internships

Journals & Magazines

• ACM Journal of Computer Security
• ACM Transactions on Computer Systems
• ACM Transactions on Privacy and Security
• Cybersecurity
• IEEE Internet of Things Journal
• IEEE Transactions on Dependable and Secure Computing
• IEEE Transactions on Information Forensics and Security
• IEEE Security & Privacy
• IET Information Security
• International Journal of Critical Infrastructure Protection
• International Journal of Information Security
• Journal of Cybersecurity

Organizations & Associations

• Center for Cybersecurity Analytics and Automation (CCAA)
• Cloud Security Alliance (CSA)
• Cybersecurity & Infrastructure Security Agency (CISA)
• Cyber Security Forum Initiative (CSFI)
• International Info Security Certification Consortium (ISC)2
• Information Systems Security Organization (ISSA)
• ISACA
• Member ISACS (Industry-Specific Cyber Organizations)
• National Cyber-Forensics and Training Alliance (NCFTA)
• SysAdmin, Audit, Network and Security (SANS) Institute
• Our List of Analytics Organizations

Scholarships

• Center for Cyber Safety & Education Certification Scholarship
• CyberCorps® Scholarship for Service
• Department of Defense (DoD) Cyber Scholarship Program (CySP)
• Department of Defense SMART Scholarship-for-Service
• ISC2 Graduate Scholarships
• ISC2 Undergraduate/Associate Scholarships
• ISC2 Women’s Scholarships
• KnowBe4 Women in Cybersecurity Scholarship
• Samantha Jennings-Jones Memorial Scholarship
• Stokes Undergraduate Scholarship Program

Note: This is just a taste of what’s out there! Talk to the program coordinator and faculty members about your career goals. They’ll have specific recommendations for your situation.