Category: Threat Seeker
Name: Kristina Sisk
Title: Director of Threat Hunting and Threat Intelligence
Company: Capital One
Why Nominated: An evangelist dedicated to sharing her knowledge of team-based threat hunting campaigns and enabling teams to construct them from ground zero, Kristina Sisk is responsible for building hunt and threat intelligence teams to protect Capital One from nation-state attackers.
Profile: A natural blue-teamer who finds greater reward and challenge in defense than in offense, Sisk leads a large team at the financial institution, and is bent on creating a hunt program based on predefined models and pack roles and responsibilities, in order to develop distinct campaigns and execute well-planned hunt operations.
Lauded for her expertise in getting into attackers’ minds and understanding how they operate to carry out their misdeeds, Sisk parlays her knowledge of tactics and techniques into finding evidence across platforms and operating systems. She has used open source frameworks, like the MITRE ATT&CK matrix, to conquer an ever-changing and complex threat landscape.
Her Happy Threat Hunting blog is aimed at directors and seasoned analysts, helping them built hunt teams from the ground up and follow a set of best practices. She also sits on the board of FireEye’s Women in Technology and Security Chapter, where she promotes mentorship, networking, collaboration, and community outreach for the company.
What Colleagues Say: “Kristina Sisk is a threat huntress focused on “Finding Evil.” She leverages her knowledge of adversary tradecraft from… hundreds of incident response investigations and traditional intelligence analysis techniques. She has operationalized threat hunting within larger organizations. Kristina has influenced her leadership to invest in a world-class threat hunting program, build a stellar team, and execute at scale to protect the network from nation-state attacks. Her influence extends beyond her organizational leadership.