TubbTalk 138: How to Become the Go-To Threat Operations Expert for MSPs - Tubblog: The Hub for MSPs

TubbTalk 138: How to Become the Go-To Threat Operations Expert for MSPs

TubbTalk 138: How to Become the Go-To Threat Operations Expert for MSPs image

In this episode of TubbTalk, Richard speaks to Dray Agha, UK Operations Manager for cybersecurity experts Huntress. Huntress are “there to stop you getting hacked by the hackers for your devices that can get hacked.” He shares his advice on how to improve your threat operations offering.

An Interview With Dray Agha

The Workplace Culture at Huntress

When you work in IT, and especially cybersecurity, there’s always something new to deal with. So that could be a vulnerability, an update. You push yourself to keep working until it’s fixed.

And that’s fine when you’re young, but not when you’ve got responsibilities, says Dray. “I’ve worked at places where that’s fine. But at Huntress, my boss will message me and tell me to go offline. And I do the same with my staff. Wellbeing is more important.”

The Huntress Threat Operations Experience

Dray says that clients sometimes worry because they haven’t heard from anyone at Huntress for a while. “So we talked about it as a team. When we’re doing threat operations work, should we report every investigation to the client? Because often we spot something and we can fix it. Not hearing from us is a good thing.

“It’s not useful for the client to see it all. So we try to curate the most helpful threat detections so their analyst can see severity ratings and so on. We want to be ‘low noise’ on security notifications.”

How They Support MSPs with Three Key Cybersecurity Challenges

Dray agrees that three of the key areas MSPs need to focus on to protect their clients are endpoints, email and employees. “Huntress started with persistence as a priority. Because adversaries like to get into an environment and stay there.

“So when it comes to threat detection, you need to work out how they trick users or develop exploits that gives them that access. I can’t train a user to stop a zero day. But I can train them to have better security awareness. And we engage them by showing them how things like MFA can keep them safe at home, too.

“We support MSPs to help their clients identify their endpoint weaknesses too. And we built an MDR for M365 to stop business email compromise. We want to add layered security telemetry to improve detections.”

How can you become the go-to #threat operations expert? @Purp1eW0lf shares his advice with Richard Tubb. Click to Tweet

Why MSPs Want to Outsource Their SOC and Threat Operations

One of the reasons that MSPs decide to outsource is, Dray says, a curse of knowledge. “They know a lot about some things. But there are other tech things that they know nothing about.

“They’re aware that they could learn to do it, but they’re busy. So they’d rather give it to people who spend all day in threat operations. It’s great working with them, because we can have a conversation about what’s wrong and what they need.

“So once you’ve decided to outsource, choose wisely. Ask them if they have analysts. If they offer 24/7 support, are their staff up all night or do they have a global team? You want to get a good service.”

Why Defensive Security is Both Exciting and Frustrating

Dray says he loves and hates defensive security. “I get stagnant easily if I don’t grow. And for me, cybersecurity is the most interesting thing we’re doing as a civilisation. It’s unbelievable what we can do. So I love learning.

“But because of where our solution ends up, it can be stressful too. We end up staying late at work and burning out to fix a problem. There’s always something else going wrong.”

How to Connect With Dray Agha

How to Connect With Me

Mentioned in This Interview

You Might Also be Interested in

RICHARD TUBB

Richard Tubb is one of the best-known experts within the global IT Managed Service Provider (MSP) community. He launched and sold his own MSP business before creating a leading MSP media and consultancy practice. Richard helps IT business owner’s take back control by freeing up their time and building a business that can run without them. He’s the author of the book “The IT Business Owner’s Survival Guide” and writer of the award-winning blog www.tubblog.co.uk

All Posts

You might like:

TubbTalk 151: How to Uncover Cutting Edge Cybersecurity Solutions for MSPs image

TubbTalk 151: How to Uncover Cutting Edge Cybersecurity Solutions for MSPs

Podcasts | By Richard Tubb
TubbTalk Travelogue: MSP Show & SuperOps SuperSummit 2024 image

TubbTalk Travelogue: MSP Show & SuperOps SuperSummit 2024

Events | By Richard Tubb
TubbTalk 150: 25 Years an MSP – Valuable Lessons You Learn from Longevity image

TubbTalk 150: 25 Years an MSP – Valuable Lessons You Learn from Longevity

Podcasts | By Richard Tubb
TubbTalk Bonusode: How One MSP Expert Overcame Imposter Syndrome For International Success image

TubbTalk Bonusode: How One MSP Expert Overcame Imposter Syndrome For International Success

Podcasts | By Richard Tubb
TubbTalk 149: Why You Need to Know the Process of Process for MSP Growth image

TubbTalk 149: Why You Need to Know the Process of Process for MSP Growth

Podcasts | By Richard Tubb
TubbTalk Travelogue: Channel Live & UpLift Live 2024 image

TubbTalk Travelogue: Channel Live & UpLift Live 2024

Events | By Richard Tubb
TubbTalk 148: How High Performing MSPs Leverage People Power for Success image

TubbTalk 148: How High Performing MSPs Leverage People Power for Success

Podcasts | By Richard Tubb
TubbTalk Bonusode: The Cloud & Cybersecurity Expo: What’s New for MSPs? image

TubbTalk Bonusode: The Cloud & Cybersecurity Expo: What’s New for MSPs?

Podcasts | By Richard Tubb
TubbTalk Travelogue: The Cloud & Cybersecurity Expo 2024 image

TubbTalk Travelogue: The Cloud & Cybersecurity Expo 2024

Events | By Richard Tubb
TubbTalk 147: One Woman in Tech’s Remarkable Journey from MSP to Community Manager image

TubbTalk 147: One Woman in Tech’s Remarkable Journey from MSP to Community Manager

Podcasts | By Richard Tubb
TubbTalk 146: Growth and Success Advice from The Wizard of MSP Data Migrations image

TubbTalk 146: Growth and Success Advice from The Wizard of MSP Data Migrations

Podcasts | By Richard Tubb
TubbTalk 145: The Tech Nerd’s Ultimate Guide To IT Career Success image

TubbTalk 145: The Tech Nerd’s Ultimate Guide To IT Career Success

Podcasts | By Richard Tubb

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Share via
Send this to a friend