Author: Sergio Caltagirone

Almost 20 years ago Sergio Caltagirone took a journey tracking hackers and malware. He followed his passion into computer science and information security at NASA briefly and then the National Security Agency (NSA) for nine years. At NSA he was a founding member and senior-most intelligence analyst at the NSA/CSS Threat Operations Center (NTOC). Sergio focused his energy on hunting many national security cyber threats including those targeting industrial control systems (ICS). He built methods and practices which grew into hundreds of analysts around the world following his footsteps to hunt new threats to the US and Allies. In 2013 Sergio left NSA to become the Director of Threat Intelligence at Microsoft launching the Microsoft Threat Intelligence Center. He directed a mission improving Microsoft’s products and services through intelligence-driven approaches. His team hunted threats against billions of customers adding mitigation, detection, and product improvements to disrupt hundreds of cyber threats within Windows, O365, Azure, and several other leading to the Windows/O365/Azure Advanced Threat Protection (ATP) products and Windows Defender. In 2016, Sergio joined Dragos to start the world’s only dedicated ICS threat intelligence team focused on uncovering cyber threats to ICS. He launched Dragos WorldView in early 2017 delivering threat intelligence on ICS threats to asset owners and operators worldwide. His passion to fight evil takes him to Technical Director at the Global Emancipation Network using technology to counter human trafficking and working to save millions from modern day slavery.

Starting and Growing a Cybersecurity Career

A cyber threat analyst describes a cyberattack to a colleague at work

*All content on this post was human-generated from 20 years of experience. Cybersecurity is a large field of study and practice.  It can be daunting to start and grow a cybersecurity career. However, cybersecurity spans from extremely technical work to legal, policy, governance, and project management providing opportunities to almost everyone’s unique skills and talents.  […]

ChatGPT, Artificial Intelligence, and Cyber Threat Intelligence: a moment in time

ChatGPT, Artificial Intelligence, and Cyber Threat intelligence

It is safe to say that the Chat GPT function from OpenAI has created a firestorm of conversation about the applications of artificial intelligence (AI) in knowledge work and scholarship, which includes cyber threat intelligence.  Can ChatGPT really replace the thought and knowledge work done by many people? That question is outstanding and I cannot […]

CART: The 4 Qualities of Good Threat Intelligence

Threat Intelligence Quality

I write often of poor quality threat intelligence which pervades the security community.  Poor quality threat intelligence not only has a heavy cost on its consumers, it also threatens the confidence threat intelligence consumers place in their providers.  Confidence is the cornerstone of threat intelligence.  Nobody will take intelligence from an untrustworthy source and act – at least they shouldn’t.  It […]

Intelligence or Marketing? Which is it and how to tell using the ADEPT model

blank

It is common to ask whether a blog or whitepaper by a cybersecurity company is marketing FUD (fear, uncertainty, doubt) or valuable threat intelligence. Funding bias is a real issue. Particularly in funded research studies. Funding bias (or sponsorship bias) is more subtle in cyber threat intelligence because private cybersecurity companies rely on customers to […]