TubbTalk 138: How to Become the Go-To Threat Operations Expert for MSPs

TubbTalk 138: How to Become the Go-To Threat Operations Expert for MSPs image

In this episode of TubbTalk, Richard speaks to Dray Agha, UK Operations Manager for cybersecurity experts Huntress. Huntress are “there to stop you getting hacked by the hackers for your devices that can get hacked.” He shares his advice on how to improve your threat operations offering.

An Interview With Dray Agha

The Workplace Culture at Huntress

When you work in IT, and especially cybersecurity, there’s always something new to deal with. So that could be a vulnerability, an update. You push yourself to keep working until it’s fixed.

And that’s fine when you’re young, but not when you’ve got responsibilities, says Dray. “I’ve worked at places where that’s fine. But at Huntress, my boss will message me and tell me to go offline. And I do the same with my staff. Wellbeing is more important.”

The Huntress Threat Operations Experience

Dray says that clients sometimes worry because they haven’t heard from anyone at Huntress for a while. “So we talked about it as a team. When we’re doing threat operations work, should we report every investigation to the client? Because often we spot something and we can fix it. Not hearing from us is a good thing.

“It’s not useful for the client to see it all. So we try to curate the most helpful threat detections so their analyst can see severity ratings and so on. We want to be ‘low noise’ on security notifications.”

How They Support MSPs with Three Key Cybersecurity Challenges

Dray agrees that three of the key areas MSPs need to focus on to protect their clients are endpoints, email and employees. “Huntress started with persistence as a priority. Because adversaries like to get into an environment and stay there.

“So when it comes to threat detection, you need to work out how they trick users or develop exploits that gives them that access. I can’t train a user to stop a zero day. But I can train them to have better security awareness. And we engage them by showing them how things like MFA can keep them safe at home, too.

“We support MSPs to help their clients identify their endpoint weaknesses too. And we built an MDR for M365 to stop business email compromise. We want to add layered security telemetry to improve detections.”

How can you become the go-to #threat operations expert? @Purp1eW0lf shares his advice with Richard Tubb. Click to Tweet

Why MSPs Want to Outsource Their SOC and Threat Operations

One of the reasons that MSPs decide to outsource is, Dray says, a curse of knowledge. “They know a lot about some things. But there are other tech things that they know nothing about.

“They’re aware that they could learn to do it, but they’re busy. So they’d rather give it to people who spend all day in threat operations. It’s great working with them, because we can have a conversation about what’s wrong and what they need.

“So once you’ve decided to outsource, choose wisely. Ask them if they have analysts. If they offer 24/7 support, are their staff up all night or do they have a global team? You want to get a good service.”

Why Defensive Security is Both Exciting and Frustrating

Dray says he loves and hates defensive security. “I get stagnant easily if I don’t grow. And for me, cybersecurity is the most interesting thing we’re doing as a civilisation. It’s unbelievable what we can do. So I love learning.

“But because of where our solution ends up, it can be stressful too. We end up staying late at work and burning out to fix a problem. There’s always something else going wrong.”

How to Connect With Dray Agha

How to Connect With Me

Mentioned in This Interview

You Might Also be Interested in

RICHARD TUBB

Richard Tubb is one of the best-known experts within the global IT Managed Service Provider (MSP) community. He launched and sold his own MSP business before creating a leading MSP media and consultancy practice. Richard helps IT business owner’s take back control by freeing up their time and building a business that can run without them. He’s the author of the book “The IT Business Owner’s Survival Guide” and writer of the award-winning blog www.tubblog.co.uk

All Posts

You might like:

TubbTalk 171: Rob Rae: How to Break Barriers and Build MSP Ecosystems image

TubbTalk 171: Rob Rae: How to Break Barriers and Build MSP Ecosystems

Podcasts | By Richard Tubb
TubbTalk 170: How to Master Email and File Migrations for MSPs image

TubbTalk 170: How to Master Email and File Migrations for MSPs

Podcasts | By Richard Tubb
TubbTalk 169: Professional Musician to MSP Guru: the Amazing Luis Giraldo image

TubbTalk 169: Professional Musician to MSP Guru: the Amazing Luis Giraldo

Podcasts | By Richard Tubb
TubbTalk 168: Best-Kept Secret to Global Leader: The Remarkable Evolution of CompTIA image

TubbTalk 168: Best-Kept Secret to Global Leader: The Remarkable Evolution of CompTIA

Podcasts | By Richard Tubb
Bonusode: Live From Pax8 Beyond EMEA: Rob Rae on Amazing Events image

Bonusode: Live From Pax8 Beyond EMEA: Rob Rae on Amazing Events

Podcasts | By Richard Tubb
Travelogue: Pax8 Beyond EMEA 24 image

Travelogue: Pax8 Beyond EMEA 24

Events | By Richard Tubb
Bonusode: Live From Pax8 Beyond EMEA With Phylip Morgan: What’s New? image

Bonusode: Live From Pax8 Beyond EMEA With Phylip Morgan: What’s New?

Podcasts | By Richard Tubb
TubbTalk 167: Building a Culture of Success: Secrets from the UK’s Top ISP image

TubbTalk 167: Building a Culture of Success: Secrets from the UK’s Top ISP

Podcasts | By Richard Tubb
TubbTalk 166: Need More Free Time? Call Answering Services are a Game-Changer for MSPs image

TubbTalk 166: Need More Free Time? Call Answering Services are a Game-Changer for MSPs

Podcasts | By Richard Tubb
TubbTalk 165: The 20-Year Overnight MSP Success Story You Need to Hear image

TubbTalk 165: The 20-Year Overnight MSP Success Story You Need to Hear

Podcasts | By Richard Tubb
TubbTalk 164: Top Lessons from 25 Years Building a Successful MSP image

TubbTalk 164: Top Lessons from 25 Years Building a Successful MSP

Podcasts | By Richard Tubb
Travelogue: UptimeLIVE 2024: Business Growth for MSPs image

Travelogue: UptimeLIVE 2024: Business Growth for MSPs

Podcasts | By Richard Tubb

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore.

Share via
Send this to a friend