A Career in Demand: Cybersecurity Business Analyst

A cybersecurity business analyst is a professional who analyzes cybersecurity technology and provides cybersecurity training and other related services. The cybersecurity business analyst will identify business requirements and implement systems and security technologies. They work with senior executives to understand various aspects of cybersecurity needed to provide security solutions for their organizations and clients. The cybersecurity business analyst will also oversee the research, development, and testing of the software solutions. They have a fair understanding of security risks and threats. They need to understand cybersecurity concepts and cybersecurity industry trends. They analyze security-related policies and procedures in collaboration with other cyber analysts.

Roles of a Cybersecurity Business Analyst (CBA)

A CBA’s responsibilities include defining and scoping the organization’s business areas, eliciting requirements, analyzing and documenting those requirements, and communicating documented requirements to the appropriate stakeholders. They identify the best security solutions and validate those solutions against set requirements.

CBA’s role in the Secure Software Development Lifecycle:

Their role is more granular at the various stages in the Secure Software Development Lifecycle:

  • Compile security and regulatory requirements: The CBA must ensure that the company’s cybersecurity policies, tools, and practices are in place.

  • Design and evaluation of security architecture: They help to design security tools, a BA would gather requirements and work with business stakeholders to re-engineer business processes.

  • Risk Assessment: A CBA would conduct risk analysis, maintain track of detected risks, devise mitigation plans, and evaluate risks in terms of impact and likelihood.

  • Threat Modelling: At this stage of Secure SDLC they model threats. They apply threat modeling throughout a software development process. The procedure is fundamentally the same at various levels of abstraction, however , the information becomes increasingly granular as the lifecycle progresses. A high-level threat model would ideally be created early in the concept or planning phase and refined throughout the lifecycle. New attack vectors are produced and exposed when additional features are added to the system. These dangers are examined, diagnosed, and addressed by the CBA as part of the continuing threat modeling process.

  • Testing: Different test techniques are used here such as Static Application Security Testing (SAST), Unit testing, Dynamic Application Security Testing (DAST), and functional and penetration testing.

  • Deployment and crafting incidence response plan: Identifying system risks, designing safeguards to limit the impact of events, and implementing activities to detect the occurrence of events.

Cybersecurity Business Analyst Tools and Techniques

1. Processes

A. Functional Requirement

They are features or functions of a product that developers must include for users to complete their duties. As a result, it’s critical to make them explicit for both the development team and the stakeholders. Functional requirements, in general, describe how a system behaves under specified circumstances.

B. Non-Functional Requirement

They have nothing to do with the system’s functionality, but rather with how the system properties are.

FR Functional Requirement Non Functional Requirment
It is compulsory It is not compulsory
Describe Product Function Describes Product Properties
It is captured in the use case It is captured as an attribute
Captures user requirements Captures user expectations
Product features Product properties
Testing API testing, UI Testing Performance testing, and usability testing
Authentication, authorization, accountability, and availability requirements business rules requirements, Confidentiality requirement, Data Integrity requirements Scalability and reliability requirement

2. Techniques

1. Risk Analysis: It is, however, a critical support technique. It is a method of obtaining the necessary data to make an informed decision based on knowledge of vulnerabilities, threats, impacts, and probabilities. can help detect weaknesses in system designs and help improve security posture and guarantee that secure design processes are in place.

2. Security requirement elicitation workshop and requirement gathering : it is the use of an elicitation process that can aid in the creation of a consistent and comprehensive set of security criteria. Integrating security from the outset, i.e., requirement gathering, aids in the development of secure software systems. Researchers have proposed many requirements elicitation strategies for this aim. Based on definite and clarity in method actions, these techniques are divided into formal and informal categories.

3. Business rule assessment: A CBA would help an organization evaluate business plans and general business rules and consider the following elements that affect security:

  • Business Environment
  • Tolerance to Risk
  • The security strategy
  • Security Trends in the Industry
  • Regulations and compliance requirements unique to the industry
  • Regulatory and compliance requirements in a country or state
  • Service providers and outsourcing services

4. Joint Application Development Session: End-users are involved in the design and development of software using repeated JAD sessions, or collaborative workshops, where the development team and user community discuss user expectations and requirements.

5. Root cause analysis: The 5 Whys method in root cause analysis is straightforward: examine the initial incident and inquire as to why it occurred. Repeat the process if the answer to this question is not the incident’s root cause. Develop a plan to resolve the underlying cause that will help reduce the other difficulties found along the road after the root cause has been identified.

6. Use cases and scenario crafting: Each organization’s use cases should be modified to suit the organization’s specific requirements and threat profile. The threat environment based on its industry vertical, types of assets owned, operational locations, apps & services used, and more should all be considered. By considering these aspects, businesses will ensure that their security is comprehensive and up to date, maximizing their capacity to detect and respond to attacks quickly enough to minimize commercial harm.

7. Scope modeling: Scope models define the importance of one or more boundaries and place items within or outside of them. Scope models are frequently used to specify the limits of goals, control, objective, change, a solution, or a requirement.

8. Functional breakdown: The examination of complicated systems by breaking them down into smaller, simpler pieces is known as functional decomposition. It entails dismantling processes, systems, functional areas, or deliverables into smaller parts so that each can be examined separately.

9. Job shadowing: Another highly efficient technique to become familiar with the organizational structure is through observation (job shadowing). This is not only useful for understanding systems, procedures, and roles, but it’s also a terrific method to form bonds with clients.

10. Focus Groups: Focus group discussions are frequently used as an exploratory approach and as a source of data collecting, with a moderator in charge. He divides a huge group into smaller groups whose members have varying levels of experience and are chosen as target groups that can supply desired answers.

11. Sequence and workflow diagrams: A business process’s sequence of operations or data movement is graphically depicted using diagrams. Depending on the model ‘complexity, one or more flow diagrams should be supplied.

12. Crafting user stories: When writing security user stories, strive to be as specific as possible about the problem you’re trying to address, the value it will bring if it’s solved, and the approval criteria. After that, points will be allocated to each user story, indicating how much effort a certain functionality will necessitate.

13. Prototyping: A prototype, also known as a mockup, is a representation of a system or solution that shows how the user would interact with the application to complete a job to solve a business problem.

16. Solution Walkthroughs: Walkthroughs are software solutions that take users through a series of steps to assist them in completing a task. People are trained on certain procedures, jobs, new software, and apps using them. Employees will often complete many walkthroughs as part of their onboarding process, but the tools can be utilized at any time to guide individuals through new goals.

However, walkthroughs aren’t only for staff. Walkthroughs are an essential aspect of a successful digital transformation because they show customers how to properly engage with your product or service by highlighting specific, beneficial features and providing relevant content at the right moment.

Skills needed by a Cybersecurity Analyst

To be effective in the Cybersecurity role the Business Analyst should have adequate knowledge in some major cybersecurity areas, such as

  • Compliance and auditing
  • Risk Management
  • Incident management
  • Cloud security
  • Application security
  • Systems security
  • Network security

Continuous learning is ideal to gain technical know-how. A CBA doesn’t necessarily have to be the most technical person on a cybersecurity project. They may play the function of a CBA with a strong understanding of cybersecurity ideas, which would be advantageous to the company’s growth. Hence knowledge-seeking is crucial to the passion for all things security.

How MCSI can help you?

MCSI offers different certifications that can serve as break-out or introductory courses to cybersecurity. They also have practical and more hands-on training. Some of the links are useful to get started.

MICS - Introduction to Cybersecurity provides basic cyber security training in several areas, including open-source intelligence, security tools, operational security, network reconnaissance, and threat hunting. This program equips students with the skills they’ll need to start or advance in a cybersecurity job. Through these courses, students will gain a solid foundation of cybersecurity knowledge, skills, and abilities.

MICS-certified students can apply for summer and winter internships knowing that their abilities are in high demand. Certification verifies that you possess the skills required to succeed in a competitive market.

MTCF - Technical Cybersecurity Fundamentals is another introductory certification course. Cyber security is more critical than ever, and everyone should take precautions to safeguard their personal information online. Unfortunately, there are few free courses available to assist you in learning practical skills. The MTCF course is a fantastic place to begin! Learning practical cybersecurity skills comes with a few advantages. The ability to get a job in a developing industry is perhaps the most obvious benefit. Practical cybersecurity skills will also assist you in safeguarding your devices and data.

Final Words

The field of cybersecurity is continuously growing, and qualified experts are in high demand. Businesses and organizations are becoming increasingly conscious of the importance of cybersecurity and investing in it. As a result, qualified Cybersecurity Business Analysts are in high demand.