Tcha 1

Francois Tcha
CST 300 Writing Lab
14 January 2018
Information Security Analysts

Information security analysts are in demand with the increase of hackers, vulnerabilities

and threats. The use of electronic devices combine with the internet has made data exchange

convenient and exposing data that should not be exposed. Information security analysts prevents

and protects data from unauthorized users, devices, and software. The Bureau of Labor Statistics

estimates that employment of information security analysts is projected to grow 28 percent from

2016 to 2026. In comparison to other occupations, this is a much faster job growth than other

occupations (Bureau of Labor Statistics, 2017). Therefore, by completing the Computer Science

online program through California State University Monterey Bay, I will be provided the

necessary skills to obtain an entry information security analyst position in today’s growing

market, which include companies such as Cisco and Palo Alto Networks.

The leading network security appliance makers are Cisco, Palo Alto Networks, Check

Point, and Fortinet. The goal of every company is to prevent and protect networks from outside

threats. Each company offer features that are different and unique to their own company. The

most popular company is Cisco. According to Cisco’s website, “The company was founded in

1984 by two computer scientists from Stanford University seeking an easier way to connect

different types of computer systems” (Cisco, n.d.). Cisco is the leading network security

appliance market share holder in the second quarter of 2017 with 15.9%, according to

www.idc.com (International Data Corporation, 2017). Although not as big as Cisco, Palo Alto

Networks is making a name for itself. Palo Alto Networks had the best market share growth
 Tcha 2

from 2016 to 2017 according to IDC. It is the second market share holder with 14.0% in the

second quarter of 2017 (International Data Corporation, 2017).

Palo Alto Networks’ main headquarters is located in Santa Clara, California. The

company currently employs an estimated 4,700 employees across more than 50 locations,

serving over 150 countries, totaling more than 45,000 customers (Palo Alto Networks, 2017).

Nir Zuk founded the company in 2005 and the company started off by making firewall products.

The first shipment of firewall products was in 2007. Although with only ten years of

experiences, Palo Alto Networks’ continues to make changes and grow, adapting to new

technologies such as cloud services. They now offer cloud security services and endpoint

protections along with their original firewall products, making them one the leading security

company today. The success of the company is also contributed to the dynamic Board who has

placed a strong emphasis on the company’s expansion.

Leaders of Palo Alto Networks include Mark D. McLaughlin as Chief Executive Officer

and chairman and Nir Zuk as Chief Technology Officer and director. McLaughlin served on the

National Security Telecommunications Advisory Committee for nearly a decade. Prior to

working with Palo Alto Networks, he was the president and CEO of Verisign, a leader in domain

names and internet security (Palo Alto Networks, 2017). He obtained a bachelor of science from

the United States Military Academy and a juris doctor from Seattle University School of Law.

Nir Zuk, the founder continues to be directly involved in the company. According to

Palo Alto Network’s website, “Prior to co-founding Palo Alto Networks, Nir was CTO at

NetScreen Technologies, which was acquired by Juniper Networks in 2004. Prior to NetScreen,

Nir was co-founder and CTO at OneSecure, a pioneer in intrusion prevention and detection
 Tcha 3

appliances. Nir was also a principal engineer at Check Point Software Technologies, and was one

of the developers of stateful inspection technology” (Palo Alto Networks, 2017). Due to his

extensive experience, Zuk is considered a network security expertise with a rich background in

the industry. His education and experience solidified his role as the chief technology officer

within the company. Under his leadership the company adapted to changes in technology,

creating unique products like Traps Endpoint Protection.

The products and services offered by any company defines the company’s success and

longevity. There is no doubt the products and services provided by Palo Alto Networks is

moving the company in the right direction. Palo Alto Networks has evolved their first firewall

products to Next-Generation Firewalls because standalone firewalls are not as effective against

today's threats. These devices are also their best-selling products. The Next-Generation

Firewalls have the ability to protect networks using multiple protection and detection methods

together, such as intrusion detection and prevention together. The firewall is able to detect and

notify information security analysts and prevent the threat from entering the network. Another

product offer by Palo Alto Networks is their Traps Endpoint Protection. According to Elia

Shargh, “​Traps prevents malicious executables with one-of-a-kind multi-method malware

prevention, which provides multiple kill points throughout the attack lifecycle” (Shargh, 2017).

Traps works with Wildfire, a cloud library of all known threats and a cloud sandbox for testing

unknown threat. When an unknown file comes through the network to the end device, the Traps

agent will check its library to see if it is a threat. If Traps does not know what the file is, it will

connect with Wildfire to see if it is a known threat. If it is unknown to Wildfire, the unknown

file will be downloaded in to the cloud sandbox and execute to verify if it is a threat or not.
 Tcha 4

Depending on the result from Wildfire, Traps will deny or allow the unknown file. This is

preventing instead of reacting. Services like these has made Palo Alto Networks an enterprise

firewall market leader from 2011 to 2016, according to a research done by Gartner (Palo Alto

Networks, 2017).

The most current trends as an information security analyst is that globally, there is a shift

to protect and prevent cyber vulnerabilities and increase cloud security. This will increase a

demand in the occupation. Another trend is a skills shortage of individuals that have the ability

and foresight to develop technology to prevent future cyber security attacks.

The increase of cloud environment and usage has made it a security target and will begin

having security problems. Services such as Google Drive and Apple iCloud provides storage in

the cloud for customers to store data such as documents, pictures, videos, applications, and files.

Customers then have the ability to view their files from multiple devices as long as there is an

internet connection to the cloud service. Security experts will need to decide who to trust and

who not to trust by developing security guidelines for private and public cloud use (Panetta,

2017). According to Josh Mcallister, “Leading cloud services such as Amazon Web Services or

Microsoft Azure have focused on better security measures to address customer concerns. Cloud

providers are seeking the most advanced technologies to gain customer confidence” (Mcallister,

2017). Therefore, a workforce of leading information security analysts are imperative as society

continues to rely on technology for their daily tasks.

Kasey Panetta, a contributor writer for Gartner, the world’s leading research and advisory

company has indicated that security skill sets are scarce and as society moves toward using more

technology, more data will be generated in the next three to five years; thus, creating a demand
 Tcha 5

in data protection (Panetta, 2017). The need to protect data will change the role of cybersecurity

as it evolves. In doing so, a new skill set such as data science and analytics will be imperative

(Panetta, 2017). Understandably, new skills alone will not be enough to prevent all attacks as

more and more companies start up. Information security analyst are required by these companies

to design, implement, and monitor the infrastructure. Recruiters are seeking individuals with a

bachelor’s degree in fields related to computer science or information security, and with a

projected growth of 28 percent from 2016 to 2026, according to Bureau of Labor Statistics, the

opportunity to be an information security analyst looks promising (Bureau of Labor Statistics,

2017).

Networking in general is fascinating due to how much the world depends on it. Any data

that is sent electronically will travel through multiple physical networking devices and cables. It

might begin as a wireless signal but once it hits a receiver like an access point it will travel

through a physical matrix made up of cables, routers, switches, and other networking devices.

Not knowing what is between two endpoints, companies must implement an infrastructure to

determine if the data is a threat or not, creating the role of a network security analyst. The

analysts are responsible for the design and implementation of an infrastructure that protects data

from attackers. Protecting networks from all threats can be daunting, but having the right

education and skills set can provide tools and methods to prevent, detect, and respond to threats

at all levels.

The Computer Science online program at CSUMB is a great program for individuals

requiring an online learning experience for a bachelor's degree. The program includes courses

such as Intro to Computer Networks, Introduction to Database Systems, and more. Each course
 Tcha 6

is about eight weeks and requires the student to use video and voice communication throughout

the program. At the end of the program, online students will earn the same diploma as

on-campus students. Although the program is geared more towards software engineering,

completing the program will satisfy the bachelor of science degree that recruiters are seeking for.

After completing the Computer Science online program at CSUMB, and obtaining a

professional security certification such as the Certified Information Systems Security

Professional (CISSP) or Palo Alto Networks Certified Network Security Engineer (PCNSE) will

make any resume appealing to recruiter seeking for an information security analyst. To obtain

the CISSP certification, an individual is required to have at least five years of cumulative, paid,

full-time work experience, and two or more of the eight domains of the CISSP Common Body of

Knowledge (ISC, 2017). The individual will have to take an exam once meeting the

requirements and will only have three hours to complete 150 questions. The PCNSE

certification focus more on networking and Palo Alto Networks’ products. Although it is a

vendor specific certification it covers networking logic and standards used in every network

infrastructure. This certification requires the individual to take an exam consisting of 60

multiple choice questions, scenarios with graphics, and matching questions after meeting the

qualifications. These certification exams should not be taken lightly as they will require lot of

studying and hands on experiences. These experiences can be self taught, gained from trainings,

or on the job.

There is abundant of studying material available online and via books. A quick search on

Amazon yields sever study guides from different publisher such as ​CISSP (ISC)2 Certified

Information Systems Security Professional Official Study Guide​ and ​CISSP All-in-One Exam
 Tcha 7

Guide​. Trainings and courses are offered throughout California. Global Knowledge offers fast

pace boot camps and courses on site, online, and at their learning sites. Some offering by Global

knowledge related to network security analyst are CISSP Certification Prep Course,

Fundamentals of Information Systems Security, Certified Ethical Hacker, and Palo Alto

Networks: Firewall 8.0: Essentials. Many of these trainings have prerequisites such as work

experience.

Working daily with networking devices and firewalls provides a lot of insight into what a

networking security analyst does on a daily basis. As a network administrator/engineer at a

charter school, I have the opportunity to design, implement, and manage the network

infrastructure. When it comes to network security I rely on the vendor to provide

recommendations since I do not have the experience and knowledge. My current project is to

replace the aging firewalls. I have elected to use Palo Alto Networks’ Next-Generation Firewalls

and have taking this opportunity to learn as much as I can from them. Palo Alto Networks will

provide two trainings for purchasing their firewalls. The trainings will provide hands on training

with their products and real-world troubleshooting. Not only that, I will have the opportunity to

interact with other network security analysts and increase my social circle. This will be useful in

my journey to obtain the PCNSE certification.

Another opportunity to increase my social circle is attending the yearly California

Educational Technology Professionals Association (CETPA) conference. I have attended three

of these events and have found them very informative and entertaining. Everyone is super

friendly and willing to exchange contact information to share their experiences with

implementing and managing a solution I am interested in. Many technology and educational
 Tcha 8

companies are there promoting their products and hosting social events during the evening.

Attending these social events is key in building relationships with vendors and sales

representatives. I will continue attending this conference to keep myself in the loop and to meet

new people.

The choice to pursue a career as a network security analyst is based on the job

opportunities and growth that lies ahead. Having the opportunity to look into the history of Palo

Alto Networks gives me a better understanding of what will be needed to advance my skills and

knowledge to the next level. The education provided by the university and certifications will

prepare me to be a competitive individual in this market.

 Tcha 9

References

Bureau of Labor Statistics, U.S. Department of Labor. (2017, October 24) ​Occupational Outlook

Handbook, Information Security Analysts​. Retrieved from https://www.bls.gov/ooh

/computer-and-information-technology/information-security-analysts.htm

Cisco. (n.d). ​Who is Cisco​. Retrieved from https://www.cisco.com/c/en_au/about

/who-is-head.html

International Data Corporation. (2017). ​UTM and Firewall Growth Drive the Worldwide

Security Appliance Market Expansion in Q2 2017, According to IDC. ​Retrieved from

https://www.idc.com/getdoc.jsp?containerId=prUS43066017

ISC. (2017). ​Certified Information Systems Security Professional​. Retrieved from

https://www.isc2.org/Certifications/CISSP

Mcallister, J. (2017, May 4). ​5 Cloud Security Trends Shaping 2017 and Beyond.​ Retrieved

from https://www.botmetric.com/blog/cloud-security-trends-shaping-2017/

Palo Alto Networks. (2017). ​Our Company​. Retrieved from

https://www.paloaltonetworks.com/company

Panetta, K. (2017, June 14). ​5 Trends in Cybersecurity for 2017 and 2018​. Retrieved from

https://www.gartner.com/smarterwithgartner/5-trends-in-cybersecurity-for-2017-and-201

8/

Shargh, E. (2017, March 16). ​Traps “Can Can” Prevent RanRan Ransomwar​e. Retrieved from

https://researchcenter.paloaltonetworks.com/2017/03/traps-can-can-prevent-ranran-ranso

mware/