In the past few years, I have visited a number of universities to address multi-disciplinary audiences on the challenges of cyber security and privacy. Most recently, I visited both the University of Washington and Stanford University, the former to teach a course on cybersecurity and cybercrime; the latter to connect with students and faculty on security, privacy, and big data.
These trips are invariably rewarding: hearing how both long-time experts and a new generation of Internet users are grappling with thorny issues certainly helps shape one’s thinking on security and privacy. It also highlights, time and time again, how emerging issues such as the Internet of Things and Big Data pose a range of challenges which cannot be solved by technology alone, nor by reliance on historical precedents or existing legal regimes. It is for this reason that, even though I have written and spoken about these topics many times, I continue to learn from new discussions that reveal fresh perspectives.
The greatest benefit of discussing these topics in a university environment is that these institutions enable such a broad discussion, one that does not just encompass computer science, but also international relations, law, economics, psychology, politics and other important areas. Indeed, many of the people I talked to were interested in discussing the intersection of technology and law, the interrelationship of privacy models and security, the economics of computer security, and how the enforcement of sovereign laws will be affected by a sovereign-agnostic Internet and an increased need for international cooperation.
It is well understood that defending the world’s networks and digital assets from cybercrime and other threats is a complex task, and the academic community will be an important contributor to crafting meaningful and acceptable solutions. Universities will also play an important role in conducting much needed research and development of new technologies, standards and international frameworks, as well as creating important venues for robust interdisciplinary discussions. But perhaps most importantly, universities serve a societal function which is unmatched elsewhere: they educate, at scale, the leaders of tomorrow. It has long been recognized that there is a critical need for cybersecurity professionals, but in fact we need new thinking in a wide range of disciplines. Future economic, political, and social leaders will all need to understand the transformative changes occasioned by global information and communications technology, and it is critical that university curricula address this growing need.
I am therefore heartened by activities at Stanford, the University of Washington, and other academic institutions that are pursuing these issues in earnest. Addressing cybersecurity challenges will require we bring a large number of smart minds into the discussion and the commitment of these schools will be key to our future success. I look forward to their continued progress, as well as to building closer ties in the days ahead.