About Katie Nickels
This is Katie’s personal blog. Katie’s day job is as the Director of Intelligence for Red Canary. She is also a SANS Certified Instructor for FOR578: Cyber Threat Intelligence. Katie was previously the ATT&CK Threat Intelligence Lead at The MITRE Corporation. She has worked in Security Operations Centers and cyber threat intelligence for over a decade, hailing from a liberal arts background with degrees from Smith College and Georgetown University. Katie has shared her CTI and ATT&CK expertise with presentations at many conferences as well as through Twitter, blog posts, and podcasts, which you can view below. She was the 2018 recipient of the President’s Award from the Women’s Society of Cyberjutsu. Katie is also the Program Manager for the Cyberjutsu Girls Academy, a program for teenage girls that seeks to inspire exploration and learning in cybersecurity and STEM.
Presentations
Keynote: The Human Side of Threats: Why it Matters that Adversaries are Human Too
SANS Security Awareness Forum, August 2020
MITRE ATT&CK: The Play at Home Edition
August 2019, Black Hat
Mythbusters: Cyber Threat Intelligence Edition (slides available upon request)
August 2019, The Diana Initiative
Putting MITRE ATT&CK into Action with What You Have, Where You Are (Slides)
May 2019, Sp4rkcon
Turning Intelligence into Action with MITRE ATT&CK
March 2019, FIRST CTI Symposium
CTI 101: Frameworks and Why We Use Them
ATT&CK Your CTI: Lessons Learned from Four Years in the Trenches
January 2019, SANS Cyber Threat Intelligence Summit
ATT&CKcon End User Panel Discussion (moderator)
October 2018, MITRE ATT&CKcon
ATT&CKing FIN7: The Value of Using Frameworks for Threat Intelligence (Slides)
October 2018, FireEye Cyber Defense Summit
Threat-Based Adversary Emulation with MITRE ATT&CK
September 2018, SANS Threat Hunting & Incident Response Summit
ATT&CKing the Status Quo: Improving Threat Intel and Cyber Defense with MITRE ATT&CK (Slides)
August 2018, BSides Las Vegas
Blog Posts and Publications
Endpoint security: what’s changed and what hasn’t?
Red Canary, May 2020
A practical approach to threat modeling
Red Canary, May 2020
The Attribution Game: When Knowing Your Adversary Matters
Red Canary, February 2020
Getting Started with ATT&CK: Threat Intelligence
MITRE Corporation, June 2019
Open Invitation to Share Cyber Threat Intelligence on APT29 for Adversary Emulation Plan and ATT&CK Evaluations
MITRE Corporation, February 2019
Defense evasion: why is it so prominent & how can you detect it?
Joint blog post with Red Canary and Carbon Black, May 2019
MITRE ATT&CK™ : Design and Philosophy
MITRE Corporation, July 2018
Using ATT&CK to Advance Cyber Threat Intelligence
MITRE Corporation, June 2018
Evaluating Cyber Threat Intelligence Services
MITRE Corporation, October 2016
Podcasts and Webcasts
Understanding and Applying Threat Intelligence
Blueprint Podcast with John Hubbard, July 2020
Using MITRE ATT&CK to Identify Advanced Threats: Operation Soft Cell
Joint Webinar with Cybereason, September 2019
MITRE ATT&CK — This Is Not Just Another Framework
At the Edge, ITSPmagazine, September 2019
The Cycle of Cyber Threat Intelligence
SANS Institute, August 2019
Paul’s Security Weekly
July 2019
ATT&CK Deep Dive: Defense Evasion
Joint Webinar with Red Canary and Carbon Black, May 2019
MITRE ATT&CK Part 2
Brakeing Down Incident Response Podcast, December 2018
State of the Hack Episode 06: Black Hat USA 2018 Edition
FireEye, August 2018
MITRE ATT&CK Framework and the Mueller GRU Indictment
Digital Shadows, “Shadow Talk,” July 2018
ATT&CK Your Adversary
CYVERITY, “Cyber Security Threat Actions This Week,” July 2018
Uniting Women in Cyber Podcast
Uniting Women in Cyber Symposium, March 2018
Media Quotations
MITRE’s ATT&CK Prioritizes Cyber Defenses
Forbes, August 2019
MITRE ATT&CK Framework Not Just for the Big Guys
Dark Reading, July 2019
Battling nation-state cyberattacks in a federal leadership vacuum
TechTarget, February 2019
Experts advocate for ‘ATT&CK’ as go-to framework to share threat intel
CyberScoop, October 2018
*****
This blog reflects Katie’s personal views only, and does not reflect the opinions of her current or past employers.