minute read Share this article: Enormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems that control crucial infrastructure. Full transparency: Curtis Simpson, CISO at Armis, the enterprise IoT security company, was fundamentally a black hat at the age of 12, before he even knew what a black hat was. One day he got flooded over IRC and was fascinated: What just happened? And how did it happen? He’s since spent the vast majority of his career as a white hat. It was an easy transition, he told us in a recent Threatpost podcast: You take the attacker mindset, where “you think about the tactics and techniques that you would typically apply, and then reverse-engineer those when you think about a program.”