In this episode of CYBR.SEC.CAST, the hosts sit down with Dr. Kelley Misata, CEO of Sightline Security, to explore the often-overlooked cybersecurity challenges facing nonprofit organizations. Misata shares her powerful origin story — how a personal experience with cyberstalking led her to pursue a PhD in cybersecurity and ultimately launch a nonprofit dedicated to helping mission-driven organizations assess and improve their security posture.She also discusses the misconceptions surrounding nonprofit cybersecurity, the communication gap between security professionals and nonprofit leaders, and why “nonprofit” is simply a tax designation, not a reflection of an organization’s sophistication or risk exposure. Misata also explains how Sightline Security’s Kickstart program, built around a simplified interpretation of the NIST Cybersecurity Framework, helps nonprofits identify practical security priorities and build sustainable cyber resilience.SHOW NOTES:Things Mentioned:Website for Sightline Security: https://sightlinesecurity.org/ Kickstarter program: https://sightlinesecurity.org/kickstartUpcoming CYBR.SEC.Community events: https://www.cybrsecmedia.com/conference/ CYBR.SEC.Careers: https://www.linkedin.com/company/cybr-sec-careers/about/ fundraisers:Cards for a Cause: https://www.linkedin.com/posts/cybr-sec-careers_cybrseccareers-nonprofit-cybersecurity-activity-7436794892787359744-v4CzCYBR CLAY SHOOT: https://www.linkedin.com/posts/cybr-sec-careers_cybrclayshoot-cybersecurity-cybercareers-activity-7435353518951084033-1iw9 Proceeds support CYBR.SEC.Careers mission is to build a strong, diverse workforce by providing career exposure, access to education and certifications, and mentorship for students and veterans pursuing careers in cybersecurity.EPISODE 63 Timestamps:4:14 – Kelley Misata’s origin storyDr. Misata explains how she unexpectedly entered cybersecurity after being the victim of cyberstalking while working at a technology company.5:25 – Turning a personal crisis into a cybersecurity PhDInstead of retreating from the experience, Misata pursued a PhD in cybersecurity to better understand how the technology behind the attacks worked.6:09 – Early work with the Tor Project and open source securityHer research journey led to working with the Tor Project and later serving as president of the Open Information Security Foundation.6:27 – Researching cybersecurity risks facing nonprofitsMisata describes her doctoral research studying nonprofits that assist domestic violence and human trafficking victims, focusing on how organizations protect both their operations and the people they serve.8:44 – The moment she realized nonprofits cared about cybersecurityHer dissertation survey received far more responses than expected, revealing that nonprofit organizations were eager to engage on cybersecurity issues.9:00 – From dissertation to mission: founding Sightline SecurityEncouraged by colleagues, Misata launched Sightline Security in 2018 to help nonprofits understand and assess their cybersecurity posture.12:00 – Debunking the “security poverty line” mythMisata explains that nonprofits aren’t necessarily under-resourced—they simply operate under different financial and operational models than traditional businesses.14:24 – The communication gap between security pros and nonprofitsShe shares an example where security practitioners assumed nonprofits lacked basic controls, but the real issue was simply a language mismatch around security terminology.16:09 – The wide range of nonprofit cybersecurity maturityNonprofits span the entire spectrum—from small volunteer organizations to large institutions with enterprise-level infrastructure and IT teams.19:57 – Why “nonprofit” is just a