a lot of money for data security analysts (DSAs) who can stop the
               attacks and secure vital information.
                   DSAs guard against cyberattacks, hacking, phishing opera-
               tions that seek out private data, and so-called greenmail, which
               is a variant of blackmail in which a hacker steals confi dential busi-
               ness info and demands money for keeping it secret. A securi-
               ty analyst must fi nd vulnerable points where an outsider might
               breach a system with a stolen password, a phishing e-mail, or
               a malware program installed remotely or on-site. Any company
               that communicates information over the Internet or other data
               networks is a target—and needs its data protected.
                   A DSA knows how protective computer fi rewalls work and un-
               derstands encryption technology, which is the science of hiding
               data by rendering it into alphanumeric codes to which only key
               holders have access. Security analysts perform regular security
               audits, train employees and users in security procedures, set up
               policies, and manage passwords and access levels. To break into
               the fi eld, analysts “need to decide what to specialize in,” reports
               Roger  Grimes  in  a  CSO  Online  Security  Adviser  column.  “The
               computer security fi eld is huge and covers dozens of disciplines
               including fi rewalls, IDS [intrusion detection system], SIEM [secu-
               rity information and event management], security assessment,
               host hardening, and patching.” These systems and techniques
               provide data networks with a protective layer to guard against
               cyberattacks.
                   DSAs who work in security operations centers (SOCs) spend
               their days in front of computer monitors or wall screens in large
               control rooms, directing traffi c through a network and dealing with
               a constant stream of threats. “We never know what is going to
               happen,” comments Jim Treinen, a security analyst for Protect-
               Wise, a network security fi rm. “A day can start out calm or start
               out on fi re and very quickly go from one or another.”
                   On arrival, the prior shift updates the DSA on the system’s
               status and any incidents that may have occurred. Tough deci-
               sions must be made; it is not a job for robots or software alone.




                                                9