Catherine (Cat) Karow
Cybersecurity veteran, systems architect, and relentless builder—Cat Karow founded ZoraSafe to tackle the threat most teams ignore: the people being targeted.
Gainesville, Florida, United States
Actions
Cat Karow is the Founder & CEO of ZoraSafe, a zero-trust cybersecurity platform built to protect the most targeted (and most overlooked) users online: seniors, kids, and everyday people navigating a world of AI-driven scams and digital manipulation. After two decades building complex, high-impact systems for others, Cat is now building something that hits close to home: real-time protection with human-first design.
Cat led product at Apple, ran U.S. ops for McLaren F1, and secured systems for the White House. She scaled HiPerGator, built enterprise tools for Fortune 100s, and now heads Tech Ops at GuidePoint Security. She's a founding member of Hack The Box and Women in HPC.
But despite the prestige, Cat’s proudest work isn’t behind firewalls, it’s in the living rooms of people who never had protection in the first place. ZoraSafe is her answer to the digital threat crisis: an AI-powered platform that doesn't just detect scams, but teaches users how to defend themselves in real time. Think scam detection meets Duolingo (with teeth).
A disabled, self-taught technologist who built her career without a degree, Cat blends elite experience with unshakable grit. She’s not just here to talk about security—she’s here to rewire how we think about it.
Area of Expertise
Topics
Scamware and the Human Firewall: Protecting People in the Age of Generative AI
As generative AI floods inboxes, messaging apps, and phone calls with ultra-realistic deepfakes and synthetic scams, a new form of cybercrime is emerging: scamware. And most security tools aren’t built to stop it—especially for non-technical users like seniors, students, or frontline workers. This talk explores how cognitive overload, emotional manipulation, and AI-powered deception are rapidly becoming the new threat vector—and how we can defend the human layer with behavioral modeling, real-time education, and digital empathy. Blending cybersecurity with design thinking, this session introduces a fresh approach to digital defense—one that treats users not as the weakest link, but as the first responders of the AI era.
Oops, My Grandma Clicked It Again: Real-Life Lessons from the Frontlines of Scam Prevention
Scams are getting smarter. Victims are getting younger- and older. And cybersecurity still hasn’t figured out how to help the people who need protection the most. This talk walks through real-world examples of modern scams targeting seniors, kids, and everyday users- and the security gaps they exploit. It covers emotional attack patterns, where technical tools fail, and how defenders can design systems that actually work in the wild. From failed alerts to AI-powered coaching, attendees will leave with practical strategies for protecting people who don’t live in the SOC.
This isn’t just another phishing talk. It’s a human story with technical insight, actionable tools, and a bit of dark comedy. Because when your mom forwards you a scam email… you respond with architecture diagrams and empathy.
Play a real (anonymized) scam voicemail
The $10.3B scam economy (FBI IC3 data)
Why seniors are scammer’s #1 target
Kids as the new frontier: fake scholarships, deepfake DMs
Emotional engineering: urgency, shame, false trust
Where Our Tools Fail
Real case study: when antivirus didn’t help, but a chatbot did
UX breakdown: pop-up warning ≠ protection
Building better: AI coaching, empathy-driven design, gamified training
Red team flips: how you can simulate real scams without being evil
What We Can Do Right Now
Teaching scam spotting like a life skill
“Human-centered threat modeling” explained
Top 5 defensive principles for real-world users
Live demo: calm, clear alert vs. fear-based warning
Open-source checklist: Scam Shield Starter Pack
Audience handout (PDF or QR): “How to explain this talk to your family”
Everyone has a grandma, parent, or friend who’s fallen for a scam. Covers real AI and security tooling while grounded in empathy.
Building AI Products for the People Tech Left Behind
What happens when the most powerful technology of our time is designed for the least vulnerable? While enterprise AI accelerates, millions of people—seniors, disabled users, and digital novices—are left without tools that support or protect them. This session explores how to build inclusive, safety-forward AI platforms that adapt to cognitive load, digital literacy, and trust thresholds. Using ZoraSafe as a case study, we’ll examine how to engineer AI products that not only detect threats, but teach and support users in real time. From scam prevention to memory support, this talk is a rallying cry to expand who we build AI for—and how.
When AI Fails the Vulnerable: Risk, Responsibility, and the Real-World Impact of Overlooked Users
Too often, AI risk conversations center around data leakage or model bias- while ignoring the real-world consequences for those most exposed: seniors, disabled users, and non-technical individuals. This talk examines the human cost of AI design that assumes high literacy, digital fluency, or perfect attention. With case studies from scam victims and AI-driven deception, we’ll spotlight failure points in design and deployment- and offer design principles for systems that adapt to human vulnerability instead of punishing it.
Learning Objectives:
Examine how current AI design patterns fail high-risk user populations
Learn principles of inclusive, safety-first AI UX
Build awareness of ethical gaps in real-world AI deployment
Oops, My Grandma Clicked It Again: Real-Life Lessons from the Frontlines of Scam Prevention
Scams are getting smarter. Victims are getting younger- and older. And cybersecurity still hasn’t figured out how to help the people who need protection the most. This talk walks through real-world examples of modern scams targeting seniors, kids, and everyday users- and the security gaps they exploit. It covers emotional attack patterns, where technical tools fail, and how defenders can design systems that actually work in the wild. From failed alerts to AI-powered coaching, attendees will leave with practical strategies for protecting people who don’t live in the SOC.
This isn’t just another phishing talk. It’s a human story with technical insight, actionable tools, and a bit of dark comedy. Because when your mom forwards you a scam email… you respond with architecture diagrams and empathy.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top