Behind the scenes: A day in the life of a cybersecurity "threat hunter"

3 years ago 421

Here's however 1 information operations analyst, an adept astatine incidental reporting, began her career, collaborates with her colleagues and prioritizes incoming threats.

cybersecurity.jpg

Cherlynn Cha

Image: ExpressVPN

Twenty-six-year-old Cherlynn Cha, calved and raised successful Singapore, thought cybersecurity was "so cool" arsenic a teenager. "The bully guys get the atrocious guys," she said, "or assistance each different utilizing cool, cutting-edge technology."

Cha attended the National University of Singapore and studied machine subject with a absorption successful cybersecurity, wherever she learned "the mentation down each of the things we instrumentality for granted." She archetypal got a information occupation successful a consulting firm, wherever she worked successful individuality and entree management, past she worked astatine a bank, arsenic a information operations halfway expert earlier landing her existent job, arsenic a "threat hunter" astatine ExpressVPN.

SEE: Security incidental effect policy (TechRepublic Premium)

Essentially, her relation is to "look for threats to the environment, and we effort to incorporate them. So it's going to beryllium things similar trying to observe and halt phishing attacks oregon investigating suspicious activity, oregon hunting for imaginable attacks," she said.

Cha took the occupation some for learning opportunities and due to the fact that she "wanted to marque a difference," she said. "I wanted to lend to thing that, I conjecture idiosyncratic could basal for, thing that I believed in."

Working astatine ExpressVPN is helping her grow her skillset. And due to the fact that of the quality of the institution "really cares astir the privateness and information of the customers," she said. "If I'm contributing to the information of that, thing I look for arsenic a user arsenic well, and arsenic an employee, I'm contributing to thing that I judge in."

Her relation astatine ExpressVPN involves triaging and investigating imaginable information events. 

On a emblematic day–she has been moving from location successful Singapore since the onset of COVID–Cha could commencement anyplace from 9 to 11 am. "Normally I commencement by checking my emails successful lawsuit determination are immoderate urgent requests coming in, and past I cheque if we had immoderate overnight requests that came successful from different teams due to the fact that we besides assistance different teams to implicit their request," she said. When different squad requests it, she'll instrumentality a look. 

On a precocious level, Cha works connected improving information controls, "looking astatine what controls, what information detections that we person currently, and reasoning of however we get better," she said, which tin see reviewing existing rules, gathering caller rules, oregon implementing caller information features. Her day-to-day responsibilities see investigating suspicious activities specified arsenic phishing attacks oregon malware downloads.

In addition, determination are semipermanent projects–things similar implementing caller detection features, for instance. "We privation to adhd a caller benignant of accusation arsenic telemetry to assistance successful detecting perchance suspicious activities," she said.

SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)

Anything tin travel up, of course, and whenever an urgent concern arises, specified arsenic a imaginable attack, "we'll person to rapidly hunt to prioritize the caller lawsuit depending connected the severity of it," Cha said. The squad is highly collaborative, she said, which is simply a item of the job–even successful the existent remote-working environment–and there's a batch of "skill sharing, cognition sharing sessions crossed the company."

Cha participates successful this, herself, by giving interior presentations to marque definite that employees proceed to support a "security mindset."

Cybersecurity is simply a precise wide field, with galore areas to specialize in. If they request accusation successful that peculiar area, "we conscionable inquire idiosyncratic other successful a squad who's an expert," Cha said. Her expertise is incidental reporting: "reacting to, responding to, perchance suspicious activities. And determining if they're suspicious, determining the interaction and besides limiting interaction events."

In presumption of longer word systems, Cha said that's 1 of the astir breathtaking parts–embarking connected caller systems, caller architecture. She loves moving with teammates and sharing ideas. Another continual absorption is automation–how to automate thing that they can.

As acold arsenic her ain introduction into cybersecurity, and what it whitethorn clasp for the future, determination is nary "one generic route" to a cybersecurity career, Cha said. Instead, "there are many, galore paths–even wrong security."

"I deliberation there's a misconception that it's conscionable this 1 vocation path," she added, "which is not accurate."

Read much articles successful this series

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also see

Read Entire Article