13 Enabling the team

 

This chapter covers

  • Enhancing resilience and adaptability
  • Developing the knowledge and skill set of threat hunters
  • Retaining cyber threat hunters
  • Hunting in the world of AI

This chapter is the last in the book. It covers the most important element of threat hunting: people. Enabling the team encompasses supporting and improving technical skills, communication skills, mental well-being, and emotional support. The chapter takes a holistic approach to supporting and developing cyber threat hunters.

We cover security monitoring, red teaming, and threat intelligence as common career paths to threat hunting. We discuss the difference between the three in the context of becoming a threat hunter. The chapter will help you design a structured plan for yourself as a threat hunter or for your threat-hunting team if you manage one.

13.1 Resilience and adaptability

Soft skills refers to personal attributes, characteristics, or qualities that enable threat hunters to interact effectively with others while navigating threat-hunting challenges. Resilience refers to the ability to bounce back, recover, and withstand setbacks or stress. Adaptability refers to the ability to adjust, modify, or change an approach, behavior, or mindset in response to new or changing circumstances.

13.1.1 What is resilience?

13.1.2 What is adaptability?

13.1.3 Measuring resilience and adaptability

13.1.4 Developing resilience and adaptability

13.2 Supporting threat hunters’ well-being

13.3 Becoming a threat hunter

13.3.1 From security monitoring to threat hunting

13.3.2 From red-teaming to threat hunting

13.3.3 From threat intelligence to threat hunting

13.4 Keeping threat hunters engaged

13.5 Continuous learning and development

13.5.1 Technical enablement

13.5.2 Mentorship

13.5.3 Threat-hunting landscapes

13.6 Threat hunting in the age of artificial intelligence

13.6.1 Using public LLM services

13.6.2 Using private LLM services

Summary