Katie Moussouris

Cybersecurity Policy Fellow

Katie Moussouris is the founder and CEO of a new company, Luta Security (lutasecurity.com), named for the tropical island where her mother was born in the U.S. Commonwealth of the Northern Mariana Islands, a beautiful place that is still home to many members of Moussouris’s family. Not only is Luta Security the only company offering gap analysis and guidance on ISO 29147 vulnerability disclosure, and how to implement a vulnerability coordination program (which may or may not include bug bounties), it is also a 100 percent female-owned and Native Pacific Islander-owned tech company. Luta Security advises companies, lawmakers, and governments on the benefits of hacking and security research to help make the internet safer for everyone. Moussouris is a hacker—first hacking computers, now hacking policy and regulations. 

Moussouris's most recent work was in helping the U.S. Department of Defense start the government's first bug bounty program, called "Hack the Pentagon." Her earlier Microsoft work encompassed industry-leading initiatives such as Microsoft's bug bounty programs and Microsoft Vulnerability Research. Moussouris is also an invited technical expert selected to assist directly in the US Wassenaar negotiations on the inclusion of intrusion software and intrusion software technology, helping to renegotiate broad wording to minimize unintended consequences to the defense of the Internet. 

She is also a subject matter expert for the U.S. National Body of the International Standards Organization (ISO) in vuln disclosure (29147), vuln handling processes (30111), and secure development (27034). Moussouris is a visiting scholar with the MIT Sloan School, doing research on the vulnerability economy and exploit market. 

She is a New America cybersecurity fellow and Harvard Belfer affiliate. Moussouris is on the CFP review board for RSA, O'Reilly Security Conference, Shakacon, and is an advisor to the Center for Democracy and Technology.

All Work

CYBERSECURITY INITIATIVE, INTERNATIONAL SECURITY and OPEN TECHNOLOGY INSTITUTE
Influencers: Trump Won’t Improve Cybersecurity

Peter Singer, Katie Moussouris, Peter Swire, Robert Lee, and Kevin Bankston were interviewed as cyber policy experts in Passcode.


CYBERSECURITY INITIATIVE
Bug Bounty Guru Katie Moussouris Will Help Hackers and Companies Play Nice

Katie Moussouris was profiled in Wired.


CYBERSECURITY INITIATIVE
To Modernize Military, Pentagon Turns to Hackers

Katie Moussouris was interviewed in US News & World Report about bug bounties at the Pentagon.


CYBERSECURITY INITIATIVE and NEW AMERICA
Not All Hackers Are Evil

In the 1983 movie WarGames, a teenage hacker nearly starts a nuclear war.


CYBERSECURITY INITIATIVE and NEW AMERICA
Military Hits Snag in Silicon Valley Recruitment

Katie Moussouris was quoted in the Hill about military recruitment in Silicon Valley.


CYBERSECURITY INITIATIVE and NEW AMERICA
Why Don’t Companies Want to Hear About Their Security Problems?

One of these is HackerOne, a startup founded in 2012 to connect companies with the white hat (ethical) hackers who want to break sites and s


CYBERSECURITY INITIATIVE
Don’t hate the hacker - hate the vulnerability!

CYBERSECURITY INITIATIVE and NEW AMERICA
Katie Moussouris Wants Us to Pay Hackers to Find Our Bugs

Katie Moussouris is on a mission to convince the government that security research is vital to keeping us all safe. It’s a tough sell when r


CYBERSECURITY INITIATIVE and OPEN TECHNOLOGY INSTITUTE
New America's Cybersecurity Initiative at Black Hat and DefCon

Las Vegas, NV - This week, two members of New America’s Cybersecurity Initiative will address DefCon and Black Hat, two of the largest compu


CYBERSECURITY INITIATIVE
You Need to Speak Up For Internet Security. Right Now.

Summary goes here