New York, New York, United States
Michael Sikorski is the CTO for Unit 42 at Palo Alto Networks, leading the Engineering, Product, and Threat Intelligence teams. Previously at Mandiant and the NSA, Mike has over 25 years of experience in cybersecurity, most of it responding to high-profile incidents and leading high-performing teams. Combining a deep background in reverse engineering as the author of Practical Malware Analysis with AI security expertise that includes congressional testimony, Mike brings a unique breadth of experience, spanning hands-on technical analysis to advising on security policy at the highest levels of government and corporate leadership. Committed to advancing the field through education and industry-wide collaboration, Mike teaches cybersecurity at Columbia University and serves on the Board of Directors for the Cyber Threat Alliance.
Leads the Unit 42 Engineering, Product, and Threat Intelligence teams. Scaling Unit 42 into the industry leader by automating service delivery with AI and building a world-class threat intelligence business. Engineering & AI Innovation ▪️Intelligence Integration: Orchestrated a modernization of Palo Alto Networks’ telemetry architecture and threat tracking, enabling Unit 42 visibility across the product portfolio. ▪️Agentic Transformation: Architecting GenAI-driven automation for business operations and Incident Response workflows to increase operational scale and speed. ▪️Client Command Center: Developed and launched an external-facing digital platform, taking it from concept to global client adoption for centralized consulting engagements and threat intelligence delivery. Strategic Advisory & Product ▪️AI & Policy Leadership: Industry expert on AI security and adversarial AI; evidenced by congressional testimony and keynote addresses at industry forums. ▪️Executive Advisory: Strategic technical partner to the global sales organization, personally conducting 100+ CISO-level briefings annually to align global defensive postures with Unit 42’s intelligence and Palo Alto Networks’ product portfolio. ▪️Market Leadership: Drove strategic initiatives such as securing Unit 42’s first ever Forrester Leader category for Incident Response. Threat Intelligence Operations & Brand ▪️Global Threat Research: Direct Nation-State and Crimeware tracking; oversee the Unit 42 Research Center and digital strategy to secure dominant market share of voice. ▪️Rapid Response: Orchestrate global crisis operations, mobilizing cross-functional teams to provide customer protections and industry leadership during major cyber outbreaks.
Create and teach Malware Analysis and Reverse Engineering to undergraduate and graduate students. Provide office hours, meetings, and career advice to students. Develop custom malware for exams and student projects. Advisor to the CUCyber student organization.
The Cyber Threat Alliance (CTA) is a coalition of cybersecurity companies committed to sharing threat information in order to enhance collective defenses around the world. As a board member, I help foster actionable threat intelligence sharing, drive new member recruitment, and contribute to a roadmap that increases collaboration through process and technology.
Trinity Cyber is a Cybersecurity Startup focused on proactive threat interference. Serve as technical advisor to engineering and intelligence teams, and serve as business advisor to CEO, President, and investors. Participate in onsite strategic planning meetings.
Led research and development for Mandiant. Provided direction for the Mandiant Advantage Platform including Threat Intelligence, Malware Analysis, and Validation products. Served as technical lead on all external facing Mandiant releases such as open source, blogs, and responsible disclosures. Provided escalation support for Incident Response, Red Team, Engineering, Marketing, and Intelligence teams. Directly interfaced with the legal team regarding intellectual property, ethical code release, and inbound / outbound code matters. Helped guide company and technical teams through the divestiture of the FireEye business.