What Does a Cybersecurity Analyst Do? Sorting Through the Misconceptions

Could you go an entire day without checking your phone? Or a week without any technology, whether in your kitchen or car? Technology is a massive part of life today, and we couldn’t survive without it!

As our reliance on technology grows, so does the ever-evolving threat of cyber attacks and the importance of protecting sensitive information. Cyberattacks and security breaches can derail individuals and businesses, leading to financial loss, reputational damage and identity theft.

Cybercriminals seek to hack into and exploit sensitive data, targeting the operating systems and infrastructure that supports our increasingly digital daily lives. From smartphones to wearable devices to global supply chains, attackers have endless options to look for weaknesses.

In 2023, the Department of Health and Human Services reported an average of 1.99 healthcare data breaches of 500 or more and an average of 364, 571 healthcare records reported every day.¹

Hiring a cybersecurity analyst to implement cybersecurity fundamentals is critical to safeguarding assets and maintaining trust, whether they involve credit card numbers, medical records or national security secrets.

Understanding the Role of a Cybersecurity Analyst

Cybersecurity analysts (sometimes called information security analysts) plan and implement security measures and vulnerability assessments to protect an organization’s computer systems from cyberattacks.

These cybersecurity professionals understand their organization's operating systems and IT infrastructure and seek ways to improve network security by identifying potential threats. A cybersecurity analyst creates powerful security policies and network protocols with guidelines on acceptable use, incident response plans and protocols for managing sensitive data.

A cybersecurity analyst uses a combination of threat intelligence and cyber defense tools for continual monitoring and security analysis of breaches and attacks. They also conduct regular data security audits to determine weaknesses exploited and ensure the infrastructure is up-to-date and effective against threats.

A cybersecurity analyst also encrypts data transmissions and builds and maintains firewalls to protect sensitive information. Data encryption ensures that the information will remain confidential and unreadable without the proper decryption key.

At the same time, firewalls serve as a crucial barrier that filters and monitors incoming and outgoing traffic to block potential threats before they reach the network.

If something occurs, a security analyst will respond to security alerts and create detailed reports and network traffic logs about the incident. A cybersecurity analyst also hosts security training courses to educate team members about security risks and best practices and help them recognize phishing attempts, social engineering and other attacks.

Five common misconceptions about cyber security analysts

If you’ve seen V for Vendetta, you may think cybersecurity experts live in a dark, underground world surrounded by computers, masking their identity while keeping threats at bay. But cybersecurity analysts live in the real world and look just like you and me!

According to Scott Haynes, an instructor with the School of Technology at Rasmussen University, there are several widespread misconceptions about cybersecurity analysts. Here are five of the most common:

Cybersecurity analysts hack into things all day

“Ethical hacking is just a specialized field of cybersecurity, not the entire work," Haynes says. "Most of their time is spent analyzing logs, managing incidents, worrying about emerging threats, and securing systems."

Cybersecurity is all about technical skills

"While technical skills are crucial, strong communication, problem-solving, and analytical thinking are just as important," Haynes emphasizes.

"Analysts often explain threats to non-technical stakeholders." Meaning--you can't just be great on a computer to thrive in this role.

You need to be a coding expert to work in cybersecurity

“While coding knowledge does help, many cybersecurity roles focus more on policy, risk management, compliance, and threat analysis," Haynes says.

Many of the tasks you'll take on don't involve coding.

Cybersecurity is a one-time fix

 “Cybersecurity is an on-going process," Haynes says. "Threats evolve constantly, requiring continuous education, monitoring, and flexibility."

In the case of cyber security, the best defense is a good...I-planned-far-ahead-and-kept-constant-watch.

More cybersecurity tools mean better security

“Security isn’t just about tools; it’s about strategy, proper implementation, and user education," Haynes says. "Too many tools without proper integration can create inefficiencies and blind spots.”

How to become a cyber security analyst

About 17,300 openings for information security analysts are projected each year, on average, over the decade. Many of those openings are expected to result from the need to replace workers who transfer to different occupations or exit the labor force, such as to retire, according to the Bureau of Labor Statistics.⁵

So, what does it take to become a cybersecurity analyst? Hiring managers look for a specific educational background. Candidates with a bachelor’s degree in cybersecurity, computer programming, computer science or a related field such as math or engineering typically stand out. Sometimes hiring managers may consider a high school diploma, plus relevant skills, industry training, certifications or prior experience in an IT department or security operations center.

Rasmussen University does not offer any programs in Engineering or Mathematics.

Top cybersecurity skills and knowledge for security analysts

Most cybersecurity analysts require a diverse set of technical, soft and analytical skills and knowledge of cybersecurity principles. This is true for security professionals in general. If you imagine all the different things someone in security needs to be prepared for, you’ll have the right idea.

The National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework suggests acquiring the following technical skills:

• Incident response
• Vulnerability analysis
• Digital forensics
• Secure software development
• Defense cybersecurity
• Penetration testing
• Cyber defense trend analysis

In addition to strong communication skills, the National Institute of Standards and Technology highlights the importance of workplace and problem-solving skills, including:²

• Accountability
• Agility
• Collaboration
• Critical thinking
• Imitative
• Integrity
• Lifelong learning
• Resilience
• Strategic thinking

Top types of cyber security threats

We may joke about the “inheritance” from a Nigerian prince email, but many have fallen for this scam, and it’s cost them dearly. The truth is that cybercriminals have evolved greatly since the days of sending out fake inheritance emails, and many of their tactics are clever and very believable.

As technology quickly advances to meet modern demands and our identities shift online, cybercriminals adapt just as quickly. To counter these threats, cybersecurity analysts must continuously monitor network traffic, conduct vulnerability assessments, identify potential risks, and stay ahead of emerging attack methods and security trends.

Some of the biggest cyber threats we face today include:

Ransomware

Malicious software that prevents you from accessing files, systems, or computer networks unless you pay a ransom for their return. These attacks can cause expensive disruptions in operations and loss of important information and data.

Phishing

Phishing uses emails, texts, phone calls and social media to convince users to click on a link, download a file, or enter login information with the intent to steal someone’s identity or money or access sensitive data.³

Social engineering

The psychological manipulation of tricking people into performing everyday actions to reveal sensitive or confidential information.

International and geo-political cyber aggression

Remember the TikTok® debacle? The Cybersecurity and Infrastructure Security Agency (CISA) identified China’s advanced cyber capabilities as one of the most significant threats to our critical infrastructure.⁴

CISA urges the tech industry to implement increased security measures to protect our national infrastructure.⁴

Identity threats

Identity threats involve stealing or misusing identities to access sensitive information or move within a network. Attackers gain unauthorized access through phishing to guess passwords and steal login credentials.

What is the future of an information security analyst's role?

As technology evolves, so do the cyber attacks and innovative solutions and technologies required to tackle them. While specific security issues will remain constant, cybersecurity positions will adapt to the ongoing and immediate impact of technology and threats.

Professor Haynes also provided insight into the evolving role of information security analysts and the technologies shaping the future of cybersecurity.

Artificial intelligence (AI) & machine learning

“AI-based threat detection is becoming more advanced, enabling real-time anomaly detection and predictive analytics,” Haynes says. “AI will add to the automation of the security operations, therefore cutting the time taken to respond to cyber threats.”

These tools will help security teams predict and identify vulnerabilities and assist with penetration testing through automation and machine learning.

Quantum cryptography

"Quantum computing poses a major threat to traditional encryption,” Haynes says. So, many of the security systems we rely on today could be at risk, putting sensitive data—and even the entire digital economy—in jeopardy.

"Post-quantum cryptography is being developed to create encryption that is resistant to quantum attacks.”

Zero-trust architecture (ZTA)⁶

Zero-trust architecture means never trust and always verify. ZTA reduces the reliance on perimeter-based security. As remote work and cloud computing continue to grow, this will become the norm.

Blockchain

 “Blockchain could secure digital identity and data integrity and prevent fraud,” Haynes says. “It might bring a new way forward for authentication techniques.”

Supply chain security

Supply chain attacks are on the rise. Cyber criminals exploit the weaknesses of computer software, hardware and third-party service providers to hack into corporate databases, steal data and deploy malware. Organizational cybersecurity teams must adopt security frameworks, compliance, and new technologies to stop these attacks and prevent security breaches. 

Extended detection response (XDR)

“XDR is a technique in which different security items work within a single platform,” says Haynes. “Thus, enhancing the visibility of threats across networks, endpoints, and cloud environments.”

IoT and edge computing

As the number of IoT devices increases, finding an effective means of securing those devices becomes paramount. “Solutions are coming out with advanced monitoring mechanisms using AI, as well as decentralized models of security,” says Haynes.

Interested in a cybersecurity career?

To learn more about why you should consider a cybersecurity career path and the steps it takes to break into the industry, check out our article “Why Study Cyber Security? 8 Reasons to Remember."

¹ Social Engineering Attacks Targeting The HPH Sector, (Apr.11, 2024), 202404111300_Social Engineering Targeting the HPH Sector_TLPCLEAR
² Workplace Skills and the NICE Framework, (May. 16, 2024), Workplace Skills and the NICE Framework | NIST
³ “What is Phishing?, (date accessed), What Is Phishing? Examples and Phishing Quiz - Cisco
⁴ Jean Easterly, Strengthening America’s Resilience Against the PRC Cyber Threats, (Jan.15, 2025), Strengthening America’s Resilience Against the PRC Cyber Threats | CISA
⁵ Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, Information Security Analysts, at https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm (visited February 19, 2025). Employment conditions in your area may vary.
⁶ John Kindervag, creator of the the Zero Trust Security model.

TikTok® is a registered trademark of TIKTOK LTD