You might ‘know’ Katie Moussouris as the pink-haired bug bounty queen who worked for Microsoft, did a lot in the Pentagon and testified in front of Congress at the Uber breach hearing. After reading this interview, you’ll know a hell of a lot more than that about the neuro-atypical, feminist, future punk-rock-hacker President of the United States. Let Eleanor Dallaway introduce you to the real Katie Moussouris...
“I will run for President. Everything I decide to do, eventually I do,” Katie Moussouris tells me, looking me straight in the eye. She detects hesitance, and hopefully also admiration, in my wide-eyed stare and she retorts, “You’re like, ‘are you serious?’ aren’t you? Oh yeah, I’m serious! I’m totally fucking serious.”
This statement comes at the beginning of the interview that takes place in the W hotel in San Francisco. I have serendipity to thank for bringing us here. A chance encounter in an RSA ladies’ room has landed me one of my bucket list interviewees.
I remember watching Katie testify in front of Congress for the Uber hearing in 2018 and immediately adding her to my list of dream security interviewees. Two years later, and the one-hour interview that I pitch to her in that chance encounter turns into over four hours in each other’s company.
Katie is mesmerizing. She is utterly unique and I find myself increasingly in awe of her as our conversation evolves and her remarkable passion for so many things unravels. Rather than retell Katie’s story in a way that has been done by so many journalists before me, I will instead endeavor to tell you about her and our conversation in a way that will leave you feeling that you too have had the privilege of getting to know Katie.
“We’re All Mulan…Until we’re Mulan’s Grandma”
Katie Moussouris is 45 years old but, quite frustratingly, doesn’t look a day over 30. “I’m a half-native Pacific islander, so I’ve got good DNA from my mom’s side,” Katie says. “We’re really lucky until suddenly we’re not. You go to bed one night looking like Mulan and then the next morning you look like Mulan’s grandmother,” she laughs. “However, my DNA says I’m going to look like this for another 30 years.” She also credits a lack of sunlight – “I never go outside because I’m a goth and it’s hard to read the screen in bright sunlight” – for her youthful appearance.
Katie was born in Boston, Massachusetts, but she credits the culture and heritage of her mother’s native island, Rota (or Luta to the locals) for her ambitious drive and believes herself the first half-Greek, half-Chamorro human being in history, her sister being the second. “I was raised by a strong single mom, and actually the culture of the Chamorro people was matrilineal, it’s about inheritance and knowing where you come from. My family were the chiefs of that tiny island in the middle of nowhere, so I am the descendant of the leaders of my own people.” Katie has only traveled to Rota Island twice, once as a young teenager and again four years ago. “I have terrible trouble sleeping wherever I am,” she tells me, “but I never have trouble sleeping there.”
Katie talks about her Mother so much during the interview, often finding herself (and consequently me) close to tears. She lost her mother to breast cancer in 2011, and it occurs to me that many of the missions Katie has today are inspired by, and in honor of, her late Mother. Katie sadly also lost her Father to a heart attack eight weeks before, which she admits was tough but counters “all hard things are an opportunity to learn and grow.” Katie and her Father didn’t talk for a very long time but made amends before he lost his life.
“My family were the chiefs of that tiny island in the middle of nowhere”
“I Was a Super-Goth in High School”
Katie was “super-goth” in high school (her words), but also super-talented (my words) from a really young age, perhaps due to her Mother’s academic ‘encouragement.’ “An A- was basically a D in our house. I got a Commodore 64 when I was eight; it came with a programming manual and one game. We didn’t have enough money to buy more games, so I wrote a new one myself.”
She had a natural curiosity that she attributes to her Mother, a scientist who specialized in reproduction. She grew up in Boston, then lived in San Francisco, but found her way to Seattle where she lives now.
“In high school it was very much black hoodies, I was never a pink person,” she says pointing to her hair ironically. Her hair has been what I’d consider ‘trademark pink’ for three years. Katie admits that the hair is so intrinsically linked to her personal brand that it’s probably here to stay until the brand of her company Luta (named after her native island) exceeds her own personal brand. Is that something she aspires to? “Absolutely. Like many people in our industry and in the world, I’m quite anxious all the time, and I would like nothing more than to disappear off the internet like a Luddite and just live in a cave somewhere with a satellite phone.
“I really can’t stand social media,” she says, “it’s really hard for women, I’ve literally been piled on just for using the word ‘wow.’ I will block people for unsolicited advice, it’s super-annoying,” Katie says, exasperated.
“I’ll Be the First Punk-Rock-Hacker President”
She considers the ‘satellite phone in a cave’ a 15-year plan, “because that has to happen after I’m President of the United States.” I laugh, she doesn’t. “It’s achievable,” she tells me earnestly. “I mean look, we’ve got the ‘orange one’ at the moment, so why not? I’ll be the first punk-rock-hacker President! It’s certainly not like I could cheapen the dignity of the office, in fact, I would elevate it quite soundly.”
Katie tells me she’ll run for the House first. “I do a lot of work with members of Congress. I’m going to go ahead and assume that everybody knows that a long pink-haired punk person is probably a Democrat, and I probably am, but I work with Republican senators all the time too.”
In fact, the Senator who invited Katie to that Uber hearing in front of Congress was “the lovely Republican Senator Moran from Kansas. His staff were great too. I just want to work with people who want to make the internet safer.” She recollects that “at the hearing, the members of Congress could never get my name right. The fifth time they did it, I made T-Rex arms to show them how to pronounce Moussouris.”
Name pronunciation aside, I ask Katie how she felt having been asked to testify. “It was certainly an honor,” she says, “but quite frankly, I was annoyed that it had taken them 20 years to finally invite a lady hacker. It was also a useful opportunity for me to clarify that bounties should never be used to cover up a breach.”
In 2013, Katie was invited as a technical expert to directly assist in the US Wassenaar Arrangement negotiations, helping to rewrite the amendment to adopt end-use decontrol exemptions based on the intent of use. “This foreign policy experience in negotiating cyber-weapons arms control on behalf of the United States and its allies is relevant experience for the next leader of the free world,” she says.
So when exactly does Katie plan to run? “Probably 2024, why the hell not?”
“My Anxiety is Just a Pet I Have to Take for a Walk”
We speak about Katie’s anxiety around public speaking – which she calls “near-debilitating stage fright” – and I wonder how this will serve her as future President of the United States, but, she tells me, she has coping mechanisms. “My anxiety is like a pet, I’m just like, ‘oh, there you are, flaring up.’ You need to take a walk outside!”
Katie describes herself as neuro-atypical. “I’m anxious all the time, I get nervous, and sometimes I just need to take some time,” she says, explaining that when I pounced on her in the ladies’ room the day before to request this interview she had been taking 10 minutes to decompress.
“I will do things that are typical of OCD people like me to sooth myself. I will play stupid repetitive games that are mindless, or I just start singing Adele!” (I’ll come back to Katie’s singing later!) It’s hard for her, she admits, to exist in the world without these coping mechanisms.
“It has taken me a lifetime of therapy to get here. Things like this interview right now, I’ll require some recovery cave person time after, because it’s so intense. It’s so valuable and I really enjoy it, but it’s draining to be so emotionally present and I’m always emotionally present.”
She isn’t wrong. Katie is beautifully emotional, opaque and raw. Passion radiates from her and she makes sure every word she speaks matters, and she speaks a lot of them!
“I used to work on the human genome project [at the MIT Whitehead Institute] and when I think of how the human race evolved, it was all designed for an evolutionary purpose of survival,” she explains. “Neurodiverse types may find certain tasks to be very challenging, like concentrating for a long period of time. So while everybody else is able to concentrate on farming or basket-weaving, or whatever the heck it is, we’re the ones who spotted a tiger out of the corner of our eye, and manage to shout ‘run!’ We’re absolutely integral to the survival of society, and we belong.”
Call it a coping mechanism, a guilty pleasure or her favorite hobby – all of which are accurate – Katie shares her passion for karaoke with me. “It’s kind of crazy given my stage fright, but it’s a relaxing thing. Music is such a part of me, the legend in my family is that I sang before I spoke, and singing allows me to relax and be present in a very different way.”
Our conversation evolves into what quickly becomes the absolute highlight of my time with Katie: the story of when she gave a keynote performance of a lifetime.
“I descended on the lyra whilst singing a bastardized version of Sia's Chandelier”
“I’m Absolutely a Feminist”
“So I did a really funny thing once, trying to push the boundaries of my own anxiety disorder,” Katie begins. I don’t know what I’m expecting, but it isn’t what she reveals. Katie approached Kiwicon with an idea for a keynote talk about export controls and the Wassenaar Arrangement, “but I suggested I do a musical number right before my talk to open the show.” Despite the constant buzz of background noise that anyone who has been in the W bar during RSA knows is inescapable, as Katie tells me this story, her voice is all I can hear.
After a quick trip to Seattle circus school, Katie traveled to New Zealand and “descended on the lyra (see page 28) whilst singing a bastardized version of Sia’s Chandelier with my own lyrics, that I called ‘Cyberlier’ to open Kiwicon.
“I was balanced on the hoop, the curtains were down, and the back-up dancers start spinning the hoop, and I’ve got what I call ‘cyber-dreads’ on – purple tubes of LEDs. I’m whipping around in this thing and I start singing. The choreography is unbelievable.” As the pyrotechnics go up and the performance ends in a blackout, Katie is waiting, dizzy, at the podium with her slides on export control behind her when the lights come back on. “People were like ‘what the actual fuck was that?’” she exclaims. By this point my cheeks actually ache from laughing.
“Is that the craziest thing you’ve ever done?” I ask, “not even close,” she responds with a grin. She won a Pwnie Award for that performance, but maintains that she can actually really sing when she’s not being whipped around on circus equipment. “It wasn’t my best vocal performance, but like Britney Spears, do you really need to be a good singer to be a good performer? I don’t think so!”
One thing I notice about Katie is how she is comfortable sticking labels on herself: goth, neuro-atypical, feminist.
“I’m absolutely a feminist, because feminism isn’t about female superiority. Feminism is about equality and women’s rights are human rights.” Amen to that. Of all her plights and all her ambitions, equality for women is the one that our conversation loops back to time and time again.
Enraged and inspired by her mother’s “lifetime of underpayment,” Katie is on a quest to achieve gender pay equality within her lifetime. “My mom, a pioneer in her field, was always paid half of what lesser-qualified men, that she had trained herself, were paid. Her life, in a lot of ways, tragically ended due to a lifetime of underpayment.”
“I Wouldn’t Look Away, and I Wouldn’t Let the World Look Away”
So when Katie left Microsoft in 2014 after an impressive seven-year tenure which included her founding the Microsoft Vulnerability Research program, running the Security Community Outreach and Strategy team as part of the Microsoft Security Response Center and most notably creating Microsoft’s first bug bounty program, she filed a discrimination class-action lawsuit against the tech giant in federal court in Seattle in 2015.
Katie alleged that Microsoft’s hiring practices upheld a practice of sex discrimination against women in technical and engineering roles, not just in relation to pay, but also promotions and other terms of employment. “When I was looking back over my shoulder at all the women who did not have the opportunities I had, I could not leave them behind.” Katie recognizes that it would have been much easier to just “have some lawyer draw up an offer and say, ‘I’ll shut up if you pay me’, but that’s not what I wanted or needed.”
She considers herself fortunate. “I have name recognition, hair recognition, all kinds of recognition and I have opportunities galore, but if [Microsoft] were doing it to me, they were doing it to all of us, and I couldn’t leave them behind. I needed Microsoft to change and a lot of women at Microsoft have come up to me and thanked me for what I did.” Remembering this, Katie gets really emotional and an escapee tear rolls into her cocktail. “They thanked me because things did get better, just because I stood up, I wouldn’t look away, and I wouldn’t let the world look away.”
The case has been denied Class Action status, which Katie blames on the legislative climate being “unfriendly towards all types of people, not just women and unrepresented minorities.” It’s certainly not an active climate for gender parity and equality right now, she says sadly.
In a conversation that Katie and I have during press week, months after our initial interview took place, she has an update for me. After Class Action was denied, less than 20 women were being considered in settlement talks by Microsoft for compensation and Katie tells me that the amount offered was “a complete insult.” Not only that, but she considers it unacceptable to leave so many women out. “The culture hasn’t changed, gaslighting still goes on and the patriarchy is being used to manipulate me,” she says.
Having known from the beginning that she wouldn’t keep any settlement money, the initial plan was to donate her portion to create a law center or clinic on pay equality at a university; her plan changed when she saw the “pitiful” offer from Microsoft. “I reject the premise of silencing women for a settlement which is a fraction of what they should have been paid in the first place,” she says.
So Katie offered to pay the other women in the settlement talks the same or a greater amount from her own pocket, saving them from having to accept an NDA. Some accepted. Her next move, with the first donation from Luta itself, is to launch a foundation – The Pay Equity Now Foundation (www.payequitynowfoundation.org) – that will work towards the goal of pay and promotion equality in our lifetime. “I will continue to amplify other voices, I have never been fighting for myself, but I recognize that I’m the right candidate to fight for everyone else.
“The court system has failed me, failed women, so I’ve decided I can build something [the foundation] to take the fight past my lifetime. Companies like Microsoft are always happy to pay their lawyers more than what they’d entertain paying the women suing them, and that is unjust. It’s maintaining the power and money away from the women who rightfully earned it. It’s wage theft.”
The only way Katie can envision any kind of agreement with Microsoft is a seven-figure donation to the PEN Foundation and a meeting with CEO Satya Nadella himself. “I’ve stood up for women and that can’t be erased. I didn’t ask Microsoft to discriminate against me – but oh boy, they picked the wrong chick!”
Katie argues that she had to set up her own company to be paid anything close to what she is worth. “That shouldn’t be what women and under-represented minorities have to do. There should be a method to address systemic bias in a system.”
So the PEN Foundation achieving pay equality in her lifetime is plan A. Plan B? “Become President and sign an executive on day one,” she smiles.
“If I’m not doing something out of passion, then I’m just wasting time”
“You Don’t Need to be Rich Off My Ideas”
Katie founded Luta four years ago. The company has received no outside funding, but not through the want of trying. “Last year I thought about building a product to operationalize a lot of what we do and thought a faster way to do that would be to raise a small amount of seed capital. Despite hearing a lot of yeses throughout the process, the lead VCs kept circling the drain” and ultimately asked Katie to return when she had a minimum viable product (MVP), or to her complete and utter outrage, when she found herself a technical co-founder. “My jaw hit the floor so many times it’s drilled through the core of the earth and is in China right now!” Her rage is, quite understandably, palpable. Katie is one of the most skilled tecchies I’ve ever met, a professional hacker for seven years of her life who wrote the ISO standard on disclosure vulnerability. “I don’t need investment once I have the MVP, I need investment to build it!” she says exasperated, “but fine, you don’t need to be rich off my ideas then!”
As a female entrepreneur in a profession that is majority male, Katie witnesses societal biases with every encounter. “Men who have zero technical experience can walk into a room and people presume competence and expertise. I walk into a room, and if they don’t know me, or even if they do, they presume I’m an evangelist.”
Despite these frustrations, Katie does not hesitate in telling me “I already have my dream job.” Her dream client, she explains, would be the United States government, “if they figured out they actually need to pay for expertise. They want me to be part of this think tank, this advisory council, on an election security advisory council…they want my expertise…” but they don’t want to pay for it. “Look, no more unpaid female labor,” she preaches.
The UK government was one of Luta’s first clients, and Katie remembers visiting the National Cyber Security Centre (NCSC) as it was formed. “The paint was still fresh, the Queen had been there the day before; I swear I smelled something between paint and the Queen when I got there – it smelt amazing, historic and very, very regal!”
“Have as Much Fun as You Can, it’s Later than You Think”
Professionally, her greatest pride lies in carving her own path, and setting her own rules. “I just wish I’d done it sooner,” she adds. ‘Personally?’ I ask, and my probing is rewarded. “I never talk about this on the record, so this is unique, but I’m most proud of my two children. I’m fighting for a better world for both of them.” I see another side to Katie as she tells me all about her children and I have so much respect for her determination to shape a better world for them.
Katie doesn’t have regrets, “because I wouldn’t be who I am today,” but admits to many ‘mistakes.’ “The advice I give is don’t make the mistake of loyalty to a company; it’s like loving a robot, it makes no sense. Also, shielding a team – by standing between them and interference from above or around – means taking a lot of acid rain on your back and eventually you will disintegrate.” Lastly, she says, “don’t make the mistake of being loyal to a particular mission.”
Had she had her own advice 20 years ago, “I would have already served my two terms as President of the United States,” she states.
She may not have served a term as President yet, but she has been on the Pentagon’s speed-dial list since her time at Microsoft. Later, when she was at HackerOne, she created the Department of Defense’s Hack the Pentagon pilot program. There’s no doubting she has some pretty impressive contacts, which she credits to her willingness to travel and meet people face-to-face. “Being here this week, running into people who are incredible, like yourself, and being able to spend quality time where we laugh, we cry, we drink coffee and maybe this cocktail, there’s no substitute for it.”
Katie’s favorite advice, from one of her online heroes – sadly now deceased Royal Air Force veteran, Harry Leslie Smith – is “have as much as fun as you can, because it’s later than you think.” Nobody is promised a single day, she warns. “So why would I ever stop pushing for everything I want and everything I think the world needs? I never will. I have nothing to lose, but what I didn’t realize sooner was, I never did.”
Everything Katie does is personal and when I put this to her she nods. “Of course! If I’m not doing something out of passion, then I’m just wasting time that could be spent running after my dreams and building something I really believe in.”
There are already a lot of people out there grateful for Katie running after her dreams and building what she believes in, and after our time together, I count myself as one of them. “I will not go quietly into the night” she said to me earlier in our conversation about the PEN foundation, and there isn’t a single part of me that believes she will.
Remember me when you’re writing the invite list for the White House correspondents’ dinner, please Katie. Until then…go loudly into the night.