How Business Analysis is Advancing Cybersecurity

News Provided By: Tiffani Iacolino, Product Marketing Manager, International Institute of Business Analysis™ | IIBA®
Tiffani Iacolino
Published 10/20/2020
Share this on:

The expansion of technology in our business and in our lives has made cybersecurity a top of mind concern for enterprises, governments, and individuals. This month is Cybersecurity Awareness Month and it’s a good time to raise awareness about online safety, privacy, and cybersecurity. Cyber risks are constantly evolving at a rapid pace and business analysis practitioners are at the forefront of ensuring businesses respond to and keep pace with these constantly changing threats  

Did you know the average cost of a malware attack on a company is estimated at 2.4 million? (1) Recently, we have seen many organizations move their businesses to virtual environments, opening the potential to cyber-attacks and online vulnerabilities. Analysis plays a central role in the planning and preparation for securing these cyber environments.    


Why Business Analysis and Cybersecurity?  

With hacker attacks occurring every 39 seconds (2), there has never been a better time for cybersecurity to be embedded into everyday business analysis practices. Let’s take a look at a few ways business analysts practitioners play an important role in cybersecurity. 

  • Business analyst practitioners can be found onIT security teamsand are responsible for security operations analysis activities. 
  • Business analysis practitioners play an important role in risk management and compliance teams which are responsible for risk management, compliance, audit, and enterprise-level analysis activities. 
  • Business analyst practitioners are central to project/program management groups and are responsible for analysis activities related to solution design, development, and deployment. 
  • Business analysis practitioners frequently work within a support function of IT, such as operations or application support. 
  • Business analyst practitioners are uniquely positioned in the business environment to be the business’ connection point into IT or other security and risk functions. 

Business analysis is about defining needs and recommending solutions that deliver valueIn the cybersecurity context, business analysis is about building security into every aspect of needs definition and solution delivery. 


Cybersecurity Analysis Learning 

If you are looking to learn how cybersecurity analysis can help you or your organization mitigate risks, explore the Cybersecurity Analysis Learning and Certification Program developed jointly by IIBA® and IEEE Computer Society. The cybersecurity eLearning program provides a knowledge base of understanding cybersecurity from a business analysis perspective and the Certificate in Cybersecurity Analysis (IIBA®- CCA) demonstrates this competency to the marketplace. 

The newly enhanced cybersecurity eLearning program provides a robust description of the roles and responsibilities that business analysis plays in cybersecurity for the enterprise. This reinvigorated eLearning experience, based on the generous feedback from our community, offers an enhanced and intuitive way to learn these important cybersecurity concepts.  


Some of the updates and enhancements include: 

  • Test Your Knowledge: Three levels of interactive knowledge checks to rate and gauge your comprehension during the module, at the end of each module, and a full comprehensive check at the end of the program. Ensuring your comfort-level with the learning materials along the way! 
  • Industry Best Practices: Courses are presented by two leading experts in cybersecurity analysis and the learning material is aligned and based on ISO standards in cybersecurity.   
  • Dynamic Multimedia: Upgraded video experience with improved accessibility (closed captioning), interactive drag and dropflip cards, and identify the markers functionalities have been incorporated. 

In addition, these learning resources contain valuable information to prepare for the exam.  


Business Analysts are Already Participating in Cybersecurity  

According to respondents in IIBA’s 2019 Global Business Analysis Salary Survey 21% of business analysis professionals report being involved in their organizations’ cybersecurity practice. (3)

Business Analysis is about understanding the requirements, the value, and in the cybersecurity context – it’s about incorporating security in everything a business analysis practitioner works on. This month and every month let’s continue to be #BeCyberSmart 


Learn more about cybersecurity analysis at 


(1) Accenture. Cybersecurity threats are growing. Attack them. 2018. about/security-index?src=SOMS#block-insights-and-innovation. 


(3) IIBA’s 2019 Global Business Analysis Salary Survey.