Privacy and Presented at Cybersecurity Summit

Today’s most prevalent and widely discussed attacks exploit code-level flaws such as buffer overruns and type-invalid input. We need to anticipate tomorrow’s attacks and think beyond buffer overruns, beyond code-level bugs, and beyond the horizon. To be ready for threats of the future, we need to be doing more basic research in cybersecurity today. This talk will outline a few suggestions for important research directions in cybersecurity: the foundations of trustworthy computing, security architectures, privacy, usability, and security metrics.

System trustworthiness is needed for security, reliability, survivability, safety, and for many application areas such as critical infrastructures, robust networking, and high-integrity elections. Trustworthiness ultimately requires many changes in the way systems are developed today. Being respectful of privacy needs requires further care. This talk considers a variety of approaches that can enhance system trustworthiness, sensible system development practices, and a system-oriented view toward achieving the desired changes.