From Cyberstalking to Cybersecurity Leadership: Kelley Misata’s Mission to Protect Nonprofits

Show Notes

In this episode of CYBR.SEC.CAST, the hosts sit down with Dr. Kelley Misata, CEO of Sightline Security, to explore the often-overlooked cybersecurity challenges facing nonprofit organizations. Misata shares her powerful origin story — how a personal experience with cyberstalking led her to pursue a PhD in cybersecurity and ultimately launch a nonprofit dedicated to helping mission-driven organizations assess and improve their security posture.

She also discusses the misconceptions surrounding nonprofit cybersecurity, the communication gap between security professionals and nonprofit leaders, and why “nonprofit” is simply a tax designation, not a reflection of an organization’s sophistication or risk exposure.

Misata also explains how Sightline Security’s Kickstart program, built around a simplified interpretation of the NIST Cybersecurity Framework, helps nonprofits identify practical security priorities and build sustainable cyber resilience.

SHOW NOTES:
Things Mentioned:
Website for Sightline Security: https://sightlinesecurity.org/
Kickstarter program: https://sightlinesecurity.org/kickstart
Upcoming CYBR.SEC.Community events: https://www.cybrsecmedia.com/conference/
CYBR.SEC.Careers: https://www.linkedin.com/company/cybr-sec-careers/about/ fundraisers:
Cards for a Cause: https://www.linkedin.com/posts/cybr-sec-careers_cybrseccareers-nonprofit-cybersecurity-activity-7436794892787359744-v4Cz
CYBR CLAY SHOOT: https://www.linkedin.com/posts/cybr-sec-careers_cybrclayshoot-cybersecurity-cybercareers-activity-7435353518951084033-1iw9
Proceeds support CYBR.SEC.Careers mission is to build a strong, diverse workforce by providing career exposure, access to education and certifications, and mentorship for students and veterans pursuing careers in cybersecurity.

EPISODE 63 Timestamps:
4:14 – Kelley Misata’s origin story
Dr. Misata explains how she unexpectedly entered cybersecurity after being the victim of cyberstalking while working at a technology company.
5:25 – Turning a personal crisis into a cybersecurity PhD
Instead of retreating from the experience, Misata pursued a PhD in cybersecurity to better understand how the technology behind the attacks worked.
6:09 – Early work with the Tor Project and open source security
Her research journey led to working with the Tor Project and later serving as president of the Open Information Security Foundation.
6:27 – Researching cybersecurity risks facing nonprofits
Misata describes her doctoral research studying nonprofits that assist domestic violence and human trafficking victims, focusing on how organizations protect both their operations and the people they serve.
8:44 – The moment she realized nonprofits cared about cybersecurity
Her dissertation survey received far more responses than expected, revealing that nonprofit organizations were eager to engage on cybersecurity issues.
9:00 – From dissertation to mission: founding Sightline Security
Encouraged by colleagues, Misata launched Sightline Security in 2018 to help nonprofits understand and assess their cybersecurity posture.
12:00 – Debunking the “security poverty line” myth
Misata explains that nonprofits aren’t necessarily under-resourced—they simply operate under different financial and operational models than traditional businesses.
14:24 – The communication gap between security pros and nonprofits
She shares an example where security practitioners assumed nonprofits lacked basic controls, but the real issue was simply a language mismatch around security terminology.
16:09 – The wide range of nonprofit cybersecurity maturity
Nonprofits span the entire spectrum—from small volunteer organizations to large institutions with enterprise-level infrastructure and IT teams.
19:57 – Why “nonprofit” is just a tax designation