The people have spoken and chose the Threat Hunter as the most challenging role in cybersecurity. Take it from one of our very own Threat Hunters, Sean Scully, who discusses how he manages the challenges of this role.
How do you find balance with this position?
I'm new to the threathunting role, so I am still trying to find that balance. Considering how broad and vast the threathunting role can be, it is easy to get lost in the overall flow of information. I try to break things down into smaller chunks and handle them one at a time.
How do you stay engaged with handling the role?
There are so many sources of threat intelligence that staying engaged involves staying up to date with current cyber threats. Mandiant, SecureWorks, Threatview, SentinelOne, SANS, CISA, FireEye, etc. A lot of these cybersecurity companies have their own threat feeds that are generally open to the public. The abundance of threat intelligence is there, and as a threat hunter, our job is to stay engaged with this intel and turn it into actionable data. So, for me personally, I use the tools at my disposal to filter out that actionable data and look for any indicators of compromise in our clients’ networks.
How do you deal with the challenges of your role/position?
Persistence. This is one belief that I think has helped me tremendously throughout my career in cybersecurity. Things such as motivation and curiosity come in spurts to me, and they are wonderful, but I must make a conscious choice to be persistent. I find that being persistent in the face of challenges has helped me grow in more ways than I could have imagined. I apply that same principle to any role that I fulfill.