https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

From the Industry


Getty Images

Sponsor Content

threat hunters

Top Traits to Look for in a Threat Hunter

  • Written by Sophos Guest Blogger
  • December 17, 2021
On the frontlines in fighting attacks, effective threat hunters have a unique skillset.

Today’s cybercriminals are relentless, and they are constantly changing their tactics, techniques and procedures (TTPs) to evade detection and carry out attacks, as detailed in the Sophos 2022 Threat Report.

It’s never been more critical that organizations can quickly detect and respond to these threats in real time. Partners with 24/7 threat hunting capabilities are in high demand.

On the frontlines in fighting attacks, threat hunters have a unique skillset. Whether MSPs are building their own in-house threat hunting team or outsourcing these activities to a trusted security partner, here are the top qualities to look for:

  1. Proactiveness

Threat hunting and incident response are different, but they complement each other. Incident responders do hand-to-hand combat with cyber adversaries in emergency situations. They’re the ones who investigate environments that are already known to have been infected or breached. In most cases, its retroactive.

Threat hunters, on the other hand, are more proactive. The role is more of an analytics function, looking at data on a day-to-day basis to identify abnormalities and deconstructing the TTPs being utilized.

A threat hunter’s job is to be proactive. They need to have the ability to focus and the bandwidth to monitor an environment 24/7 to stay a step ahead of attackers. They need to always be on the cusp of cutting-edge threat intelligence, perform research on new attack methods and look comprehensively at a customer’s estate for anything that looks even the slightest bit off.

  1. Attention to detail

Indicators of attack (IoAs) and indicators of compromise (IoCs) are the telltale signs of compromised environments and/or impending attacks that threat hunters find across masses of data. But, as soon as these indicators have been discovered, attackers leave them in the dust and change their TTPs to stay effective.

Threat hunters need to pay close attention to detail to understand when old indicators are no longer relevant, and then have the ability to pivot with the adversary to stay a step ahead.

  1. Flexibility

While cyberattackers often use similar TTPs, each threat hunt requires different measures. And based on initial findings, a threat hunter will need to dig in deeper. This requires flexibility and the ability to think on their feet.

And while there are a handful of best practices to rely on, threat hunters need to be able to pivot and tweak each method as the situation calls for it in real time.

A Threat Hunter’s Job Is Never Complete

Every threat or red flag detected is the first in an endless line of threats, and they all need to be investigated.

These threats are very real for all businesses of all sizes, and every organization needs to assume they’re a target. That’s the mindset that threat hunters need to have, as well.

Scott Barlow is vice president, Global MSP and Cloud Alliances, at Sophos, a global leader in next-generation cybersecurity. He oversees all MSP strategy, business direction and sales worldwide, with an emphasis on building revenue, marketing programs and relationships with partners. His role expanded this past year, and he also took over the management of Sophos’ public cloud business.

Scott also serves as vice chair for CompTIA’s Board of Directors and is a member of the Creating IT Futures Foundation board. Previously, he was vice president of sales and marketing at Reflexion Networks, Inc., which Sophos acquired in 2015.

He’s an industry recognized CRN Channel Chief, Top 50 Midmarket Channel Executive and IPED Channel Master, and has been awarded the Channel Partners Circle of Excellence Award and Channel Partners Top Gun 51 award. Scott regularly takes center stage to deliver keynotes and bring expertise to industry panels focused on adding security services to MSP offerings.

Scott holds a Master of Business Administration and a Master of Science Degree in Geophysics from Boston College.

This guest blog is part of a Channel Futures sponsorship.

Tags: MSPs Best Practices From the Industry Intelligence Security Sophos Sponsor Content

Most Recent


  • Smart City, IoT Network
    Abundant IoT, Advisors Tackle the eIoT Opportunity
    CEO Vince Bradley said partners are tapping into eIoT and ESG trends to move up-market with new customers. 
  • Top 20
    Top 20 Stories in January: Avaya, Microsoft, IBM, AWS, Datto, More Layoffs
    ChatGPT cracks our list for the first time. We've also got new hires and security training. But what was No. 1?
  • Update
    Acronis Updates CyberFit Partner Program Amid Rapid Service Provider Growth
    The updates include several programs and promotions for all types of partners.
  • Cloud Roundup
    Cloud Computing News: Broadcom-VMware, Google-Anthropic, Red Hat, More
    A new week is kicking off with a slew of cloud updates.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • MSP success
    2022 Guide to MSP Success
  • security-centric
    A (Security-Centric) Look Ahead for MSPs
  • security blueprint
    Your Security Blueprint: Understanding the Sales Process & Technical Requirements
  • remote firmware updates
    Eaton Enables Remote Firmware Updates

Upcoming Events

View all

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Galleries

View all

Abundant IoT, Advisors Tackle the eIoT Opportunity

February 6, 2023

Top 20 Stories in January: Avaya, Microsoft, IBM, AWS, Datto, More Layoffs

February 6, 2023

Cloud Computing News: Broadcom-VMware, Google-Anthropic, Red Hat, More

February 6, 2023

Industry Perspectives

View all

The Software Patching Problem – Solved

February 3, 2023

How to Break Through the Growth Ceiling

February 1, 2023

5 Things to Look for in a UC Partner

January 31, 2023

Webinars

View all

Next-Generation MSP Platform: The Building Blocks for Your Business

February 15, 2023

The SMB Opportunity: How to Sell and Service the SMB Market, Capture Customers and Expand Your Business

February 23, 2023

How To Boost Your Business With White-Label UCaaS

February 28, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 117: Cato Networks, Video Killed the Podcast Stars

Retired Astronaut Capt. Scott Kelly Previews His CP Expo Keynote

December 21, 2022

Fusion Connect Eyes Future with Intrado UC, Managed Network Customers

September 23, 2022

RingCentral Focused on Hybrid Work, Microsoft Teams, Other Integrations

September 23, 2022

Twitter

ChannelFutures

.@AbundantIoT is putting more focus on the enterprise, CEO Vince Bradley tells Channel Futures.… twitter.com/i/web/status/1…

February 7, 2023
ChannelFutures

January's #topstories in channel include @Avaya @GTTComm @Broadcom @awscloud @citrix @Salesforce @Datto… twitter.com/i/web/status/1…

February 6, 2023
ChannelFutures

.@Acronis announces #CyberFit partner program updates. dlvr.it/Sj2FZQ https://t.co/z7lRdIRo9R

February 6, 2023
ChannelFutures

More #Avaya trouble: Lawsuit against company by bondholders claims "massive fraud." dlvr.it/Sj2DZT https://t.co/4Q1E7JAXXf

February 6, 2023
ChannelFutures

.@DellTech adds new #APEX delivery options for #delltechnologies partners. dlvr.it/Sj29c6 https://t.co/3qEEYpnOBX

February 6, 2023
ChannelFutures

There are some familiar names in @coxbusiness and @Rapid_Scales recent partner awards. dlvr.it/Sj1zm6 https://t.co/0BuGwBrnvM

February 6, 2023
ChannelFutures

RT @Channel_Expo: We know your mind is on the #BigGame this week, but don't take your eye off the ball! #EarlyBird rates for #CPExpo & #MSP…

February 6, 2023
ChannelFutures

Learn about @bluewavetg's latest deal. dlvr.it/Sj1wrV https://t.co/NCdmJ4OFkf

February 6, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X