As the adage goes: “You don’t know what you don’t know.”
For Ryan Pentney and his team, they know what they don’t know. And they wake up every morning trying to figure out how they can answer those questions about emerging threats and some of the largest state-sponsored actors in the world.
Pentney is Cisco Talos’ threat intelligence lead for the Asia-Pacific region, and it's his job to lead investigations into active malware threats, international threat groups and anything that’s on defenders’ minds.
“We’re always thinking about, ‘What do we know, and what do we not know?’ And we try to start with the 'What do we know?' part,” Pentney said. “What do I need to answer these questions? Do we need to look at other methods or new tools for generating information? Are there partners we want to have discussions with?”
Pentney and his team are threat hunters and researchers who contribute to Talos’ research and reports shared with government and private sector partners. He is specifically focused on the tactics threat actors used to perform these attacks and their potential motivations.
“How can we figure out how to identify the actor in the future if they’re involved in other attacks? Do they have specific targets, or is it more widespread?” Pentney said. “At the end of the day, we try to figure out what we need to do to keep our customers safe.”
But this is only the latest stop on Pentney’s journey through Talos and its predecessor, Sourcefire. In fact, Pentney joined Sourcefire almost immediately after graduating college, his first “real” job in the cybersecurity field.
Over the past 17 years at Sourcefire and Talos, he’s done everything from vulnerability research and disco ..
Support the originator by clicking the read the rest link below.
