13 Enabling the Team

 

This chapter covers

  • Enhancing resilience and adaptability.
  • Developing the knowledge and skillset of threat hunters.
  • Retaining cyber threat hunters.
  • Threat hunters and the world of AI.

This is the book’s last chapter; we cover the most important element of threat hunting, the people.

Enabling the team (the title of the chapter) encompasses various aspects of people, covering technical skills, communication skills, mental well-being, and emotional support. The chapter takes a holistic approach to supporting and developing cyber threat hunters.

We cover security monitoring, red teaming, and threat intelligence as two common career paths to threat hunting. We discuss the difference between the two in the context of becoming a threat hunter.

The chapter will help you design a structured plan for yourself, as a threat hunter, or your threat hunting team if you manage one. We conclude the chapter, and the book, with important takeaways from the different parts of the book.

Let us start with two of the most important soft skills threat hunters should build: resilience and adaptability.

13.1 Resilience and adaptability

Soft skills refer to personal attributes, characteristics, or qualities that enable threat hunters to interact effectively with others while navigating threat hunting challenges.

13.1.1 What is resilience?

13.1.2 What is adaptability?

13.1.3 Measuring resilience and adaptability

13.1.4 Developing resilience and adaptability

13.2 Threat hunter’s well-being

13.3 Becoming a threat hunter

13.3.1 From security monitoring to threat hunting

13.3.2 From red teaming to threat hunting

13.3.3 From threat intelligence to threat hunting

13.4 Keeping threat hunters engaged

13.5 Continuous learning and development

13.5.1 Technical enablement

13.5.2 Mentorship

13.5.3 Threat hunting landscapes

13.6 Threat hunting in the age of AI

13.6.1 Using public LLM services

13.6.2 Using private LLM services

13.7 Summary