Linkedin-in Youtube
Stay Connected
RISE Mentorship
UWIC 2026

See It To Be It Spotlight

Katie Butler

Torch Law

Managing Attorney

Katie Butler shares how a non-traditional path and a human-first mindset have shaped her perspective on cybersecurity...

I got into cybersecurity through…weirdest origin story ever: writing essays. I majored in English in college and enjoyed my writing assignments so much that I worked at the on-campus writing lab where I tutored my peers. A big part of that was anti-plagiarism coaching. My interest in liberal arts gave me a deep appreciation for the products of the human minds, and understanding the consequences of plagiarism pulled me toward IP law. My first attorney job was on protecting a corporation’s trademarks and IP. I was later hired by a robotics start-up to manage their IP portfolio, but I arrived right as the GDPR became enforceable, which threw me into privacy compliance. You can’t do privacy without understanding tech, so that door opened naturally. A big law firm then hired me to help build its privacy practice, and then COVID hit, ransomware incidents surged, and I got vortexed into incident response. Today, I run Torch Law, a technology and privacy law firm focused on counseling our clients to incorporate cybersecurity and data privacy in all aspects of their business. Cybersecurity found me as much as I found it.  

For me, a positive cyber mindset is…remembering that cybersecurity is really human security. We wouldn’t care about the networks, systems, and infrastructure we’re protecting if it weren’t for the people on the other side of them. Human lives depend on the services those networks provide. A breach isn’t a technical failure in the abstract; it’s harm to real people. This provides so much context to my work: how I prioritize, how I communicate risk, and why it matters that I get it right. 

The skills that helped me transition to a cybersecurity career are…intellectual curiosity and a willingness to be thrown into the deep end. I didn’t seek out roles in privacy compliance, incident response, and cybersecurity law. Rather, they were problems that needed solving and I leaned in. The law is a framework for understanding how the world can and should work; technology is a framework for how it actually does. Learning to hold both at the same time has been the most valuable skill I’ve developed. 

I would tell my younger self…that the path doesn’t have to be linear, or even deliberate, to be satisfying and successful. Going from a writing lab to trademark enforcement to data breach response looks random from the outside. From the inside, it’s all connected by the same thread: what do people create, how do we protect it, and what happens when that protection fails? I’m very proud of the younger version of me that recognized the opportunities in the pivots and was willing to take risks.  

My top tip to those interested in transitioning to a cybersecurity career path is…don’t wait until you feel ready. The field moves too fast for that. Find the intersection of what you already know and where cybersecurity has a gap, and walk through that door. Cybersecurity needs all kinds of people – writers, readers, policy nerds, educators – even lawyers. 

I live by the quote…“Do the next right thing.” 

It’s wonderfully clarifying when you’re in the middle of something that feels complicated, which, in cybersecurity, is most of the time. You rarely have the full picture, but if you can identify the next right thing (and usually you can), you can do that with the confidence that whatever you did, you did it for the right reasons. 

The biggest influencers in my career are…the people who took a chance on me before I had all the credentials to justify it. The attorney who hired me at the robotics start up knew I didn’t have the precise experience the role required and hired me anyway, and then mentored me tirelessly and remains a trusted friend. Peers across many of my legal roles have given me their time and guidance freely. And Edith Santos, who introduced me to the Cyber Guild, has supported me and my business in more ways than I can even keep track of. I wouldn’t be where I am without people who were willing to bet on potential. 

My recommended reads are…This Is How They Tell Me the World Ends by Nicole Perlroth is essential reading for anyone who wants to understand how cybersecurity became a geopolitical crisis. And honestly, anything by Andy Greenberg. For fiction that makes you think differently about technology and humanity: Neuromancer by William Gibson, How Long ’til Black Future Month? by N.K. Jemisin, and Death of the Author by Nnedi Okorafor. 

What I thought I wanted to be when I grew up was…a lawyer. So at least I got that one right. 

My favorite place is…The Ouachita National Forest, Santa Fe, New Mexico, and Ireland — and I refuse to choose between them. 

My inspiration is…people who do hard things quietly. The clients who rebuild after a breach. The tech companies who prioritize privacy by design. The mentees who are breaking into a field that wasn’t designed with them in mind. The professionals who show up every day in roles that didn’t exist a decade ago. 

What I most want to be remembered for is…building a legacy that outlasts me. I hope this includes a law firm with real values, clients who felt genuinely protected, professionals who grew because they worked here or alongside us, and a community that benefited from our work. 

Being an advocate for neurodiversity inclusion in cybersecurity is important because…it’s personal. I was diagnosed with ADHD when I was well into my legal career. I had built an entire identity without understanding how my brain actually worked. Knowing earlier would have changed my life in ways I’m still processing. Neurodivergent people are already in cybersecurity; they’re just often doing it without the right support. The field asks people to think in non-linear, pattern-finding, hyperfocused ways, and then doesn’t always recognize that some of the people best suited for that work are the ones who’ve been told their whole lives that something is wrong with them. Nothing is wrong with us. 

What values drive the way you practice law? 

My legal practice – and therefore the law firm I built to house that practice – is built on three principles: wellness, abundance, and courage. Wellness means we put people first: our clients, our team, and our communities. That shows up in proactive communication, respect for people’s time, and keeping a watchful eye on the bottom line. Abundance means we don’t operate from scarcity. We share knowledge freely, collaborate openly, and genuinely believe there’s enough to go around. And courage means we’re not bound by convention. We say no when something doesn’t align with our values, we advocate for change when change is needed, and we seek out diverse people and perspectives because doing this work well requires it. These values drive the decisions we make every day. 

What did you enjoy most about being a part of UWIC? 

The network. It’s genuinely impressive AND supportive. Members show up for one another with warmth and generosity, and you don’t always find that in professional communities, especially in a field as high-stakes as cybersecurity.  

What is your favorite part about UWIC? 

The caliber of the speakers at the conferences. The people brought in are absolute powerhouses. Their resumes and the intention underlying their work will make you recalibrate what’s possible. They’re inspiring.  

What is your biggest takeaway from the RISE Mentorship Program? 

That structure makes mentorship work. The Cyber Guild has developed a deliberate curriculum that is intended to provide participants with skills they might not otherwise get the opportunity to develop. It’s not just “go find a coffee chat.” That intentionality is rare and it shows in the outcomes. 

What has been your favorite part of being a RISE Mentor? 

Discovering that mentors grow too. I came in expecting to give, and I left each session a better leader. RISE is the most well-organized mentorship program I’ve been a part of. 

Spotlights