Threat hunters and their integral role in security

By Madhvi Mavadiya | 8 November 2016

In an industry where technology is celebrated, humans are becoming unnecessary. As their roles in the finance can now be done by systems, many banks have implemented these systems and in turn, fired many employees.

However, others think that we are not yet at a stage of fintech evolution where we can wholeheartedly trust technology, and that is because of the rate hackers are attacking. This is where threat hunters come in.

According to The Financial Times, human skills are essential for combatting cybercrime. The paper’s article goes on to explore the differences between cyber security and cyber hunting; Jason Matlof, CMO at LightCyber says that the latter is “the ‘known bad model’”.

Changes happen so rapidly that systems find it hard to keep up. As threat hunters focus on identifying emerging attacks, technology can advance, though minimising risk will be an ongoing process.

Threat hunting enables analysts to detect hackers who might be present on a system for several months while working out which servers, databases and accounts they need to control in order to prosecute their attack, known as ‘dwell time’,” the article read.

Threat hunters will ‘hunt’ for anomalies and identify breaches before an attack happens, but companies should be aware of what is normal activity, or “situational awareness”. Hardik Modi from Fidelis Cybersecurity states that while computers can analyse data, the human element is critical.

Kevin Bocek from Venafi explains: “The human brain can’t process the gigabytes of data but it can ask the right questions and it knows what doesn’t look right and how the machine can be fooled.”

However, threat hunting can be costly and time-consuming. “Threat hunting should be seen as only one important element in an organisation’s overall holistic security strategy,” Eli Jellenc at Stroz Friedberg says.

By Madhvi Mavadiya

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development