A Day in the Life at Armor: Chris Hinkley

Remember when the idea of robots doing our jobs for us was something only found in science fiction? Well, believe it or not, that’s not such a distant reality any longer. Thanks to the proliferation of artificial intelligence (AI) and machine learning (ML), industries are being automated worldwide, including cybersecurity. This has turned the possibility of robots doing humans jobs into an actuality—not just a sci-fi plot device.

However, while the technology exists, it does not negate the need for human intervention—especially in cybersecurity. In fact, there are still several elements of cybersecurity that require human intervention. From research and threat monitoring to compliance and customer service, there are more than enough cybersecurity jobs available that robots simply cannot fill.

To show you what we mean, we’re embarking on a new series: “A Day in the Life at Armor.” We’re collecting the stories of Armor’s top-performing security professionals to see how they tackle their day-to-day challenges, offer proactive client solutions, and remain agile in an evolving industry. Specifically, we’re showing you why the human element of cybersecurity is still important in an age of automation.

In the first of many interviews, we talk to Chris Hink­­ley, our lead ethical hacker with more than a decade of cybersecurity expertise. Throughout his career, he has serviced thousands of Armor customer servers, including Windows and Linux. Additionally, Chris has overseen, tested, and confirmed the security of all hosting environments to meet the appropriate compliance guidelines and beyond.

Here’s a day in his life at Armor:

What is your specific area of focus in cybersecurity?

My primary role at Armor consists of discovering, exploiting, and reporting on vulnerabilities that affect Armor and our assets. Additionally, I work with the rest of the Security Operations Team to create and implement countermeasures and cultivate threat intelligence. I also work a lot with Intel Research and R&D to locate the latest trends, identify the attackers, and understand the latest threat vector so we can better protect ourselves.

What does your day-to-day look like?

I don’t have a normal day-to-day in the sense that there’s no designated set of tasks. It’s not a narrow scope either—I’m doing something different every day.

What one word would you use to describe your job? Can you expand on why you chose that word?

Challenging. I am always challenging myself to learn new things daily. As soon as you become stagnant, you become increasingly irrelevant­—at least in cybersecurity.

What problem do you help Armor customers solve? Are there any specific pain points your customers have?

Since we are a managed service provider (MSP), it’s a unique situation. We don’t only provide security solutions, but we also manage them for our customers.

Our clients work across multiple environments and express different needs when they come to us. Some clients need infrastructure expertise to keep themselves secure, while others need help understanding the security value through a dashboard or report. For example, Customer A may need to protect themselves against healthcare data threats while customer B faces payment data threats. It’s important to maintain a security posture across all platforms and comply with the government and regulatory standards our customers abide by.

Cultivating and utilizing threat intelligence from potential attack data from one customer benefits all customers that implement our security solutions. We see a variety of different threat actors, tactics, techniques, and procedures (TTP).

What are some pain points in your day-to-day? How do you overcome them?

Cybersecurity is always evolving, but I wouldn’t consider it a pain point because being agile is a necessity and a perishable skill. We specialize in evolving security, which allows us to adapt quickly and provide efficient solutions to our customers using the newest technologies and cloud infrastructures. Being efficient and effective is key.

How is your role evolving as the threat and/or cloud landscape evolves?

If a hacker was to attack a company today, there are far more points of entry, with constant introduction of specialized cloud services and environments. You can deploy something very rapidly to the cloud, which means security may not always be at the forefront of a new deployment. There are even tools on the black market that hackers use to identify and exploit misconfigured cloud services.

It’s important to note that where there’s assumed security, there’s inherent risk. At the end of the day, everything is going to have access to at least one source or data or another piece of infrastructure, meaning everything is interconnected. A simple misconfiguration or forgotten security setting could start a chain reaction of a major compromise. Our job is to encompass all environments with multiple layers of security to not only prevent successful attacks, but detect and respond in a manner that prevents widespread implications.

Where do you see the industry in 5 years?

The expansion of cloud services and providers will continue to compound, and there will be more and more specialized services. The industry will be a product of the evolving cloud landscape and security challenges those services will bring.

The benefit to this is cost. For example, AWS and Azure charge by the second, depending on what the service is. The cloud philosophy is “deploy and destroy,” meaning nothing is permanent. Volatility and agility will dominate the infrastructure market with cascading security implications.

How does the industry keep up?

Cybersecurity is becoming a more and more saturated market unless you create something unique.

Technology, threats, and cybersecurity solutions will continue to evolve—in that order. Certainly, AI and ML will help industry professionals keep pace, but it’s important to remember that humans are just as instrumental—if not more so—in staying on top of industry trends and ensuring adequate security for businesses and individuals.

Stay tuned as we continue our “A Day in the Life at Armor” series with our top-notch professionals from different departments within the company.

Resource Center

More security resources at your fingertips.

Practical Content for Security, DevOps, & IT Professionals