Few professionals embody the spirit of cyber defense like Aurora Johnson, whose leadership and research at SpyCloud are redefining what responsible, intelligence-driven security looks like.
A former Senior Analyst at CISA and recipient of the President’s Volunteer Service Award, Aurora combines deep technical expertise with a public service mindset. At SpyCloud, she leads the company’s Responsible Disclosure Program, ensuring that when SpyCloud uncovers breached or stolen data, affected organizations – whether customers or not – are alerted swiftly, ethically, and with actionable intelligence. Under her leadership, the program has completed 200+ disclosures this year, including a coordinated global outreach to organizations impacted by the Mother of All Breaches (MOAB), helping them assess exposure and safeguard their users.
But Aurora’s influence extends well beyond disclosure. As the Manager of Security Research Partnerships with SpyCloud Labs – SpyCloud’s in-house research team – she helps power the world’s largest repository of darknet intelligence – with nearly a trillion assets recaptured from more than 65,000 breaches, malware infections and successful phishes.
She is one of the key forces keeping the SpyCloud team ahead of the curve on emerging cyber threats. She already has her finger on the pulse of Cybercrime Enablement Services—an ecosystem where criminals are commoditizing the tools and infrastructure of cyberattacks to operate at scale. Through her analysis of malware families and platforms like LummaC2 and Phemedrone, she’s generating critical insights into how PHaaS and other service-based models are fueling a new criminal economy and reshaping how defenders fight back.
In the past year alone, Aurora’s work has helped reveal systemic data leaks from inside China’s surveillance infrastructure, exposed the VenusTech and Salt Typhoon incidents, and in partnership with other SpyCloud Labs researchers uncovered criminals’ shift to using Meta’s Threads as a new marketplace for stolen financial data. Her research regularly informs enterprise and government defenses – and has been featured in Wired, The Register, and other leading outlets.
Aurora is also a sought-after voice in cybersecurity, speaking at top industry forums including CYBERWARCON and LABScon, just in the past year where she shares her original research and field-tested tactics that advance the industry’s collective defense.
Through her relentless pursuit of security excellence , Aurora’s work is redefining how organizations protect people, not just data, through greater transparency and collaboration.
