Samanthan Hill
-
BSc (University of Victoria, 2022)
Topic
Cyberspace Vigilante or Security Sleuth: Understanding the Threat Hunter Persona
Department of Computer Engineering
Date & location
-
Tuesday, August 27, 2024
-
10:00 A.M.
-
Engineering Computer Science Building
-
Room 555
Reviewers
Supervisory Committee
-
Dr. Margaret-Anne Storey, Department of Computer Science, University of Victoria (Supervisor)
-
Dr. Yvonne Coady, Department of Computer Science, UVic (Member)
External Examiner
-
Dr. Issa Traoré, Department of Electrical and Computer Engineering, University of Victoria
Chair of Oral Examination
-
Dr. Sarah Macoun, Department of Psychology, UVic
Abstract
Threat hunters are essential to the cybersecurity. Anticipating, identifying, and intercepting potential threats makes threat hunters an indispensable part of an organization’s security strategy. Though essential, the human aspects of threat hunting are often overlooked, leaving threat hunters to face difficult challenges in an intense
environment. Through a qualitative study, involving interviews with 20 threat hunters, I aimed to better understand who threat hunters are, how they work, and the challenges they face. I identified 17 key dimensions of threat hunters and constructed four unique threat hunter personas that capture the lived experiences of threat hunters. I discuss the findings in the context of the literature, the implications of the novel findings, the adaptability the threat hunting role in response to an evolving threat landscape, the utility and drawbacks of personas for supporting threat hunters, and recommend directions for future work. By providing a comprehensive understanding of the human aspects of threat hunting and humanizing the role, this research lays the foundation for the design of user-centered support tools that will ultimately improve the well-being of threat hunters and cybersecurity strategies as a whole.