Katie Moussouris

With more than 20 years of professional cybersecurity experience, Katie Moussouris has a unique and unparalleled perspective on security research, incident response, vulnerability disclosure, and bug bounty programs. Katie currently serves as the founder and CEO of Luta Security. During her tenure with Microsoft, Katie’s work included industry-leading initiatives such as starting Microsoft Vulnerability Research, which formalized multiparty vulnerability and supply chain vulnerability coordination across hardware and software as well as launching Microsoft’s first bug bounty program. Katie is the co-author and co-editor of ISO 29147 (vulnerability disclosure) and ISO 30111 (vulnerability handling processes). Working with the U.S. Department of Defense, Katie led the launch of the U.S. government’s first bug bounty program, “Hack the Pentagon.” She also worked with the State Department to help renegotiate the Wassenaar Arrangement, specifically changing the export control language to include technical exemptions for vulnerability disclosure and incident response. She serves in three advisory roles for the U.S. government as a member of the Cyber Safety Review Board, the Information Security and Privacy Advisory Board, and the Information Systems Technical Advisory Committee. Katie is also a cybersecurity fellow at New America and the National Security Institute.