/
제로 트러스트 세그멘테이션

What Nonprofits are Teaching the Cybersecurity Industry

Dr. Kelley Misata, founder and CEO of Sightline Security
Dr. Kelley Misata, founder and CEO of Sightline Security

What if we approached cybersecurity not as a compliance checkbox or a crisis response but as an act of service?  

That was the question I kept returning to after my conversation with Dr. Kelley Misata, founder and CEO of Sightline Security, on the latest episode of The Segment.  

Misata's path into cybersecurity wasn't typical. It was personal. After being stalked for years by someone using anonymizing technologies, she pursued a Ph.D. in information security to understand how digital tools could protect and harm.  

That experience shaped her empathy-first approach and her belief in demystifying security for everyone.

The nonprofit cyber gap

Misata’s work sits at the intersection of cybersecurity and the nonprofit world, where mission-driven organizations often operate on razor-thin margins and with limited technical support.  

But as she made clear, that doesn't mean they lack sophistication or purpose. In fact, the opposite is often true.

Whether it's a domestic violence shelter, a food bank, or a suicide prevention nonprofit, the stakes are human, not just financial. That means traditional approaches to cybersecurity don't always translate.  

Language like “asset inventory” or “control frameworks” can feel abstract or even alienating in environments where people simply try to help others survive the day.

A powerful story Kelley shared was about a suicide support organization that intentionally runs an open forum. When Kelley raised potential risks, the founder explained that their community needed a place to observe and feel safe before participating.

“‘This is what our community needs,’” the founder told Misata.

That moment changed how she viewed security risk, not as something to stamp out but as something to work with thoughtfully.

Building security into everyday behavior

Misata advocates for a mindset shift — one that embeds cybersecurity into everyday behavior instead of relegating it to siloed IT departments.

“My dream is that we're going to step back and we're going to say, ‘Huh, maybe we should think again about it,’” she said. “So, it's almost taking that pause instead of it being like, ‘Oh gosh, we've got to go talk to the security team.’”

That kind of cultural shift takes time. “I think folks in the security space are impatient when it comes to that,” she said. “And I hope that maybe I bring a little bit of patience to the conversation to say, ‘It's okay. We've made progress. Let’s just keep going.’”

Listen first, then secure

This mindset mirrors Misata’s work at Sightline Security, where she and her team translate security frameworks into language that makes sense for nonprofits. They do this not by dumbing things down but by listening first.

“I might know cybersecurity, but I don't know your mission. So, let’s start there,” she tells nonprofits.

But she cautioned against rushing in with answers.

“Don't go in like a superhero,” she said. “Go in with humility. Ask how they operate. What do they care about? That's how you make progress.”

We also discussed the growing role of open-source software, especially in nonprofit environments, where cost-effective solutions are essential.  

Misata’s advice: Treat open-source projects like third-party vendors. Ask questions. Understand governance. Know who's maintaining the code.

Building cybersecurity trust in a Zero Trust world

We often talk about Zero Trust in terms of architecture: verifying users, segmenting networks, and eliminating implicit trust.  

But Misata’s work reminds us that Zero Trust is also a cultural posture. It’s about not making assumptions — about people, about technology, about what “good security” looks like.

Instead, it's about curiosity. It's about meeting organizations where they are and asking, what do you need to be secure in your context?

Misata’s message is refreshingly human in a world that prizes speed and control. Security isn’t about being the smartest person in the room. It’s about being the most present — listening, learning, and adapting.

Her story is a reminder that real cyber resilience doesn’t come from perfect tools or airtight perimeters. It comes from a deep understanding of people — their fears, their missions, and their realities.

That’s the work that matters. And it starts by asking, not telling.

Listen, subscribe, and review The Segment: A Zero Trust Leadership Podcast

Want to hear my full discussion with Dr. Kelley Misata? Listen to this week’s episode on Apple Podcasts, Spotify, or wherever you get your podcasts. You can also read a full transcript of the episode.  

관련 주제

항목을 찾을 수 없습니다.

관련 기사

제약 산업에서 마이크로세그멘테이션 이니셔티브를 주도하는 원인
제로 트러스트 세그멘테이션

제약 산업에서 마이크로세그멘테이션 이니셔티브를 주도하는 원인

딜로이트에 따르면 제약 산업은 관련 지적 재산에 기인하는 막대한 가치와 시장의 디지털화 증가로 인해 전 세계적으로 사이버 범죄자들의 표적이 되는 분야가 점점 더 커지고 있습니다.

AI 및 머신 러닝이 제로 트러스트 세분화를 가속화하는 방법
제로 트러스트 세그멘테이션

AI 및 머신 러닝이 제로 트러스트 세분화를 가속화하는 방법

AI 및 ML의 혁신이 제로 트러스트 세그멘테이션의 구현을 가속화하는 강력한 도구가 될 수 있는 방법을 알아보십시오.

두바이의 GITEX Global에서 일루미오를 만나보세요
제로 트러스트 세그멘테이션

두바이의 GITEX Global에서 일루미오를 만나보세요

10월 16일부터 20일까지 두바이에서 열리는 올해의 GITEX Global에서 Illumio 제로 트러스트 세그멘테이션 전문가들을 만나보십시오.

사이버 보안의 비난 문화에 대한 사이버 심리학자의 견해
제로 트러스트 세그멘테이션

사이버 보안의 비난 문화에 대한 사이버 심리학자의 견해

스트레스, AI 위협 및 인간 행동이 제로 트러스트를 사이버 레질리언스에 어떻게 필수적으로 만드는지 알아보십시오.

Medusa 랜섬웨어가 중요 인프라에 대한 위협이 커지는 이유
랜섬웨어 억제

Medusa 랜섬웨어가 중요 인프라에 대한 위협이 커지는 이유

Medusa 랜섬웨어의 작동 원리와 전 세계 중요 인프라에 왜 그렇게 위험한지 알아보십시오.

가시성을 넘어서는 길: Illumio Insights가 주요 보안 점을 연결하는 방법
사이버 레질리언스

가시성을 넘어서는 길: Illumio Insights가 주요 보안 점을 연결하는 방법

사이버 위험을 이해하고 줄이는 데 옵저버빌리티가 중요한 이유를 알아보십시오.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?