CySA+: Why become certified and what to expect from certification [updated 2021]
Introduction: Professionals at the forefront of assessing cyber-threats
Although the complexity of cyberattacks continues to escalate, the human factor is still one of the most important elements in the protection of information systems. It is also important in the safeguarding of the integrity of networks and in ensuring the defense of proprietary digital information and corporate data so that they do not fall into the hands of malicious hackers, cybercriminals or even foreign governments. A new generation of cybersecurity analysts is already in the making to detect attacks and gather and analyze evidence. These professionals will be asked to keep up with ever-changing threats, as criminals diversify their methods and tactics.
Cybersecurity analysts (CSAs) can be an asset to any organization for their capability of designing security integration solutions with analytics tools that will aid detection and response to incidents. They utilize behavioral threat assessment tools to consider risks to their organizations’ information systems while also ensuring business continuity and availability of data and services; what’s more, they identify patterns and expose anomalies that could indicate a cyberattack and then take action, proactively, against malicious events before they develop.
CSAs can truly improve an organization’s security posture with their know-how and ability to bring data analytics to the forefront to “get a real-time, holistic view of the behavior of the network, its users and their devices, to identify potential vulnerabilities and strengthen them before an intrusion happens,” says James Stanger, senior director, products, at CompTIA.
With an expected, substantial increase in the demand for these types of professionals, this is definitely the right time to enter the field. So, how does an IT practitioner become a cybersecurity analyst?
How to be a cybersecurity analyst
Traditional degrees will always be important to form well-rounded professionals, but more and more practical skillfulness, hands-on training and continuous knowledge will be key to the success of one’s career. Many CSAs, in fact, have degrees in computer science or cybersecurity, but relevant background experience, training and the right certifications are often more important in securing a job in this growing field.
CompTIA launched the first version of its Cybersecurity Analyst (CSA+) certification on February 15, 2017; the aim was to set the baseline standards for required knowledge and to aid in defining what the duties and responsibilities of what was a fairly new figure. In 2018, the acronym was changed to CySA+ due to trademark infringement issues, and a second version was released on April 21, 2020.
This vendor-neutral cybersecurity certification focuses on the application of behavioral analytics to improve the overall state of IT security. Professionals are tested on proper configuration of threat detection tools and on performing data analysis and interpreting results to identify possible vulnerabilities, threats and risks to an organization, as well as compliance regulations. Basically, the CompTIA’s CySA+ certification sets the benchmarks for what a cybersecurity analyst has to know to mitigate the damage of a threat by implementing network monitoring tools and interpret data to put, then, into context and use to devise a response strategy.
A certification focused on these topics is helpful in setting standards for a new skilled workforce. CompTIA’s research report, Practices of Security Professionals, which sought the answers from 500 US-based cybersecurity practitioners, discovered that “two thirds of those polled said the way to remedy security skills gaps in their organizations was by training existing employees.” The study also found that “organizations are seeking cybersecurity professionals certified for entirely new skill sets, such as Identity and Access Management (IAM) and Data Loss Prevention (DLP).”
According to CompTIA. There are several reasons for choosing a CySA+ certification:
- CySA+ certified skills are in-demand, as per the US Bureau of Labor Statistics (BLS), which predicts that the information security analyst field (for example) will grow at a much faster rate than average, with a 31% overall increase between 2019 and 2029.
- CySA+ is globally recognized and is ANSI/ISO/IEC 17024-accredited. It also meets the requirements of the US Department of Defense directive 8140/8570.01-M.
- CySA+ provides reasonable earnings potential, according to PayScale, with the median pay for a cybersecurity analyst being $76,368 per year.
- CySA+ is industry-supported and its content is based on a combination of industry-wide survey feedback and contributions from subject-matter experts. Organizations that contributed to the development of the exam include Northrop Grumman, Linux Professional Institute, Western Governors University and the US Navy.
Getting CySA+-certified: Validation of knowledge, skills and experience
While there is no required prerequisite, CySA+ is intended to follow CompTIA Network+, Security+ or build on equivalent experience. The CompTIA Cybersecurity Analyst (CySA+) exam, in fact, has a technical, hands-on focus. Those who earn the certification will demonstrate understanding of specific security issues, including the ability to analyze results of network reconnaissance and to use cybersecurity tools and technologies for responses and countermeasures. In particular, as mentioned in the official website, the CompTIA Cybersecurity Analyst+ certifies knowledge of a data-driven approach to information security and verifies that successful candidates do have the skills required to configure and use threat detection tools and processes to identify, contain, mitigate and remediate vulnerabilities.
Those who prepare for the test can refresh/gain behavioral analytics skills for the purpose of performing vulnerability analysis and remediation across IT infrastructures and platforms to ensure confidentiality, integrity, and availability (CIA) in accordance with work centers’ information assurance and security policies, procedures and guidelines.
The CompTIA Cybersecurity Analyst (CySA+) certification is built to mirror the current job roles of security analyst professionals at the intermediate level. More than other certifications, it actually seems to be strictly linked to the job market and the new requirements created by advances in information security.
What to expect from the CySA+ exam and how to prepare
Exam code: CS0-002 (effective: April 21, 2020).
This exam consists of a maximum of 85 multiple choice and performance-based questions with 165 minutes to complete it. Topics include prevention, detection and opposing cybersecurity threats and, in particular, malware, and advanced persistent threats (APTs).
Passing score: 750 (on a scale of 100-900).
Price of exam: $359 USD.
Prerequisites for exam: Network+, Security+ or equivalent knowledge. Minimum of four years of hands-on information security or related experience.
Retirement of exam: It is still to be determined, although it is usually three years after launch.
Plenty of preparation resources are available online, including CompTIA’s study material, such as the exam prep to quickly assess what you already know and what you still need to learn; lab exercises that align real-world scenarios to the exam objectives. In addition, there is an available eBook — The Official CompTIA CySA+ Self-Paced Study Guide — that is designed to be an effective training tool for self-study learners.
CySA+ salary and job outlook
According to PayScale, a cybersecurity analyst earns an average annual salary of anywhere from $52,000 to $116,000. Of course, figures vary according to geographical location, industry and experience. Certified CySA+ pros might be offered higher salaries than non-certified counterparts or might be able to secure higher positions.
Of the many skills these professionals have to demonstrate, those that have a direct impact on the pay include experience in security testing and auditing, strong familiarity with security policies and procedures as well as security intrusion detection.
CySA+ job credential holders can be important IT team members being the first line of defense in diminishing cyber threats, and this certification is often a preferential title even for many entry- to intermediate-level positions.
Given the highly competitive employment market for skilled IT security professionals, there are a lot of reasons to get certified to assure a pathway to a better employment situation.
Certifications like the CySA+ can make a professional more marketable to employers as they validate foundation-level knowledge and skills necessary to achieve cybersecurity mastery and to grow in a career in high demand.
Practices of Security Professionals, CompTIA
CompTIA Certification Testing, Pearson Education
Average Cyber Security Analyst Salary, PayScale
CompTIA Unveils Cyberanalyst Certification, Infosecurity Magazine