CYBERSECURITY ANALYST (2022 Guide)

What Is Cybersecurity?

BrainStation’s Cybersecurity Analyst career guide is intended to help you take the first steps toward a lucrative career in the field. To start, find out more about what cybersecurity entails.

Become a Cybersecurity Analyst

Speak to a Learning Advisor to learn more about the Cybersecurity Certificate Course at BrainStation.

By clicking “Submit”, you accept our Terms.

Couldn’t submit! Refresh the page and try again?

Thank you!

We will be in touch soon.

View the Cybersecurity Course page

Cybersecurity is the process of protecting systems, devices, networks, and data from any type of unauthorized access or attack. Cyber attacks typically try to gain access to sensitive information and alter, disrupt, destroy or control that information for malicious or criminal intent.

These attacks are of increasing concern to businesses and individuals. As more information and data continues to move online, everything from emails and credit cards to navigation systems and medical records is susceptible to digital attacks.

What is a Cyber Attack?

A cyber attack is a malicious action against computer systems and networks, typically made by cybercriminals. Cyber attacks refer to all unwanted attempts to steal or expose data and information, disable computers or networks, or simply disrupt organizational operations.

Cyber attacks can be carried out against companies, governments, or regular people. There can be a variety of different motivations for cyber attacks, with many cybercriminals looking for financial gain through the theft of money or important data, while others are motivated by personal grudges against a company or person. 

Types of Cyber Attacks

Cyber attacks vary in size and scope. The purpose of cybersecurity is to defend against the most common cyber attacks and cybersecurity threats through building systems and developing tactics to protect data. The top types of cyber attacks include:

Phishing

This usually takes the form of emails that appear as though they are from a reputable and legitimate source. These fraudulent communications aim to steal sensitive details, such as login information or credit card numbers.

Malware

Malware is malicious software that has been designed to gain unauthorized access or disrupt a computer. It typically breaches a network if a user clicks on a dangerous link, email attachment, or download. Malware can take many forms, including viruses, Trojans, worms, spyware, and ransomware.

Man-in-the-Middle Attack

This type of attack involves a cybercriminal intercepting communication between two parties. The criminal eavesdrops on the conversation and impersonates one or both parties in order to control information or steal data.

Denial-of-Service Attack

In this attack, cyber criminals overwhelm and exhaust network and servers with traffic in an attempt to shut down or disrupt the availability of services. The resources are then unavailable or inaccessible for legitimate users.

SQL Injection

An SQL, or Structured Language Query, injection happens when malicious SQL code is inserted into an application’s database through an SQL statement, allowing attackers to view sensitive data.

Types of Cybersecurity

There are five main types of cybersecurity:

Critical infrastructure security

Critical infrastructure includes physical systems and networks that businesses and society rely on, including electricity grids, traffic lights, water purification, hospitals, and the hardware that comprises your workstations, servers, and network. Though these are physical infrastructures, once any of this hardware is connected to the Internet it will rely on cyber systems and become susceptible to cyber attacks. Governments work with the owners and operators of critical infrastructure to secure them from these potential attacks.

Network security

This type of cybersecurity is designed to protect internal networks from unauthorized access from outsiders, as well as any potential malicious insiders. Different tools, policies, and procedures can be used to ensure networks will not be exploited. Common tools include firewalls, antivirus and antimalware programs, two-factor authentication (2FA), and virtual private networks (VPN).

Cloud security

This type of cybersecurity protects data and applications that are stored on cloud-based systems. The rising popularity of the cloud has led to a new spate of security concerns, and the data breaches you see in the news are a testament to the importance of protecting cloud infrastructure and the data stored there. The major threats to cloud security include data being exposed, unauthorized users accessing data, and malicious attacks to infect or destroy cloud infrastructure. Common defenses in cloud security include encryption, firewalls, and virtual private networks.

Mobile and application security

As users store more personal data onto their smartphones, tablets, laptops, and other devices, mobile security is an increasingly important area. Security flaws in smartphones or the apps they contain can give a malicious actor access to a user’s location, banking info, and virtually any other detail of their life. If a device is lost or stolen, there are tools that can lock the use of a mobile device or require multi-factor passwords before they can be accessed.

Within mobile security is application security, which is the process of finding, preventing, and fixing any vulnerabilities in apps. Cybersecurity professionals work to make apps more secure so there is no risk of unauthorized access to data and devices. Application security starts during the design and development stages and continues after apps are deployed.

Internet-of-things security

The internet-of-things (IoT) refers to a variety of systems connected to the internet, such as TVs, appliances, televisions, Wi-Fi routers, and home security cameras. Many IoT devices typically ship in an insecure state with weak encryption and unpatched vulnerabilities, which means they can be easily exploited and carry a significant risk for people, businesses, and society more generally. The increasing number of IoT devices makes this a high-priority area in cybersecurity.

What is Cyberwar?

Cyberwar, or cyberwarfare, is the act of a nation-state attacking another nation’s computer systems in order to wreak damage or destruction. These digital attacks are usually made against government and military networks in order to cause real-world, physical impact.

Cyberwar can take many forms. Some examples include shutting down a power grid, wiping out data centers, scrambling bank records, or interfering in the operation of nuclear plants.