Dear Readers,
Is it possible to secure the software and computers that control our modern infrastructure? What level of security is "good enough"? One of the last policy directives by the Biden administration was to mandate that software supplied to the Federal government must have ironclad security. This is a matter of national security. Can regulation force solutions to problems that seem intractable? How much added security can be bought for each dollar spent over and above current "standards" for security? Can we afford secure computer systems? These questions are likely to be argued in the coming months. My forecast is that it will be full of sound and fury.
The devastating fires in Los Angeles show how calculated risk can result in massive losses. Nature is not cooperative with statistical means, nor more so than hackers are with zero day discoveries. The result is that protective measures can cost far more than what is being protected. If we are entering an era of deregulation and unlimited expansion, we should expect larger disasters, both from nature and from computers.
On those happy notes, the fruits of research investments will be on display at the many academic security workshops and conferences that are available throughout the year. Each published paper brings us one step closer to true security? How long is that road?
The gravity of the situation has crushed levity.