Tidal Cyber’s Scott Small on Useful Self-Teaching Technical Security Skills

The Story This Time

Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber, built his security career on self-taught technical skills while competitors relied on computer science degrees, proving that intelligence analysis fundamentals combined with relentless curiosity often produce superior threat researchers. Scott shares how his background in critical thinking and intelligence studies created stronger foundations than formal technical training and how diverse career backgrounds generate the different perspectives needed to stay ahead of evolving attackers.

Scott also tells Ben why maintaining varied information feeds without getting distracted requires deliberate discipline, how he uses AI daily to process unstructured public threat reports while checking for hallucinations through prompt refinement, and why building trust in remote security teams demands reliability during late-night incidents more than technical brilliance. He reveals his approach to staying current when attackers evolve tactics weekly, the specific frameworks he learned from extracurricular intelligence work that shaped his career more than classroom education, and why documenting your analytical process publicly benefits the community even when the topic has been extensively covered.

Stories We’re Telling Today

• How intelligence fundamentals and curiosity create more adaptable analysts than pure technical training
• Why diverse backgrounds and perspectives generates superior analytical products, allowing security problems to be approached from unexpected angles that purely technical analysts miss
• Building operational trust in distributed security teams through consistent reliability, empathy for colleagues’ challenges, and proactive gap-filling based on understanding teammates’ strengths
• Balancing emerging trend awareness with daily responsibilities by maintaining primary research sources alongside peripheral feeds
• Leveraging AI for processing unstructured public threat reporting while maintaining accuracy through output verification and prompt refinement when hallucinations occur
• How early career mistakes with data interpretation, particularly reading too much into face-value metrics without considering underlying variables, build essential analytical skepticism
• Creating effective remote work patterns by maintaining consistent schedules, incorporating physical activity, and recreating beneficial office environment routines 
• Network building strategies that emphasize maintaining connections before needing help and leveraging conferences
• Information sharing through informal channels including trust-based Slack groups, security-focused newsletters, and social media tracking
• AI’s dual impact as attackers leverage it to lower barriers to entry while defenders use it to process larger data volumes
• How increased law enforcement success against ransomware groups may push criminals deeper underground

Too busy; didn’t listen:

• Curiosity and willingness to continuously learn outweigh formal technical credentials in security analysis.
• Building trust in distributed security teams requires consistent reliability during high-pressure incidents, empathy for teammates’ technical gaps, and proactive communication.
• AI effectively processes unstructured public threat reports when outputs are verified and prompts are refined to prevent hallucinations.
• Diverse career backgrounds create superior analytical products because varied perspectives allow approaching security problems from angles purely technical analysts miss.
• Maintaining professional networks before needing help, documenting analytical processes publicly despite existing coverage, and staying active in informal sharing communities builds the resilience security professionals need for long-term success.

Skip to the Highlight of the Episode

11:45-12:11 “You need to be able to trust and rely on the support of your colleagues to get through those moments. So understanding where folks are coming from, what challenges they might be facing, certainly on a technical aspect, knowing all of your teammates and where they’re maybe a little bit stronger, maybe a little bit weaker, and being able to proactively jump in and help out and fill in some of those gaps. Close collaboration and communication go hand in hand with everything I just said as well.”