PRESS RELEASE - February 3, 2022 - Today, Luta Security Founder and CEO, Katie Moussouris was appointed to serve as a member of the U.S. Department of Homeland Security (DHS)’s newly established Cyber Safety Review Board (CSRB).
The CSRB’s mission will be to review and assess significant cybersecurity incidents so that government, industry, and the broader security community can work together to better protect our nation’s networks and infrastructure. The CSRB is composed of 15 federal government and private sector cybersecurity leaders who will deliver strategic recommendations to the President and the Secretary of Homeland Security. The CSRB’s first review will focus on the vulnerabilities in the log4j software library that were discovered in late 2021.
Moussouris was also recently appointed to the Information Systems Technical Advisory Committee (ISTAC) and the Information Security and Privacy Advisory Board (ISPAB). The ISTAC advises the U.S. Department of Commerce on the technical parameters for export controls applicable to dual-use commodities and technology and the administration of those controls. The ISPAB identifies emerging managerial, technical, administrative, and physical safeguard issues relative to information security and privacy. It also advises the National Institute of Standards and Technology (NIST), the Secretary of Homeland Security, and the Director of the Office of Management and Budget (OMB) on information security and privacy issues pertaining to the federal government’s information systems.
“I am truly honored to serve as a member of the Cyber Safety Review Board,” said Katie Moussouris, founder and CEO, Luta Security. “I look forward to working with CISA, and my fellow Board members, to thoroughly review critical cybersecurity incidents and identify improvements that can be made in processes, staffing, and technology to help elevate our nation’s cybersecurity posture.”
Moussouris has more than 20 years of professional cybersecurity experience, specializing in the areas of security research, incident response, vulnerability disclosure, and bug bounty programs. Before founding Luta Security, her work at Microsoft included industry-leading initiatives such as starting Microsoft Vulnerability Research, which formalized multiparty vulnerability and supply chain vulnerability coordination across hardware and software. She also led the launch of the first bug bounty programs for both the U.S. government (Hack the Pentagon) and Microsoft. Additionally, Moussouris worked with the U.S. government to help renegotiate the export control language of the Wassenaar Arrangement to include technical exemptions for vulnerability disclosure and incident response. Moussouris is the co-author and co-editor of ISO 29147 (vulnerability disclosure) and ISO 30111 (vulnerability handling processes), and she is a cybersecurity fellow at New America and the National Security Institute. Moussouris is also the founder of the Pay Equity Now (PEN) Foundation, and through the PEN Foundation, she established the Anuncia Donecia Songsong Manglona Lab for Gender and Economic Equity at Penn State Law in University Park.
About Luta Security
Luta Security implements a holistic approach to advance the security maturity of governments and other complex organizations around the world. We identify and help address the gaps in organizations' people, processes, and technology to mature their vulnerability management and improve the ROI for their security investments. Luta Security advises organizations across all phases of vulnerability coordination and bug bounty programs. Luta Security: Identifying gaps, addressing weaknesses, and advancing security maturity.
# # #
VP, Communications & Government Affairs, Luta Security