ROSS ANDERSON is professor of security engineering at Cambridge University. He is one of the founders of the field of information security economics. This work started before 9/11, but was accelerated by the events of that day. Many security failures can be traced to wrong incentives rather than technical errors, and economic analysis has shed new light on many problems that were previously thought to be intractable. Security economics gives us deep insights into the safety and dependability of online systems, as well as into the more traditional security problems of interest to law enforcement and the insurance industry.
He is now bringing together security engineers with behavioral economists and psychologists to extend this work into the behavioral sciences. His research interests range from small-scale questions such as the nature of deception (why we lie, how we detect it, and how it's changing as we move online) to large-scale questions such as the misapprehension of risk and its manipulation (why our societies are so vulnerable to terrorism, and the evolution of the politics of fear).
He believes the grand challenge facing engineers today is to understand the complex socio-technical systems on which we are all coming to rely. To evolve dependable global-scale systems with millions of competing principals, we need to understand economics and psychology as well as software and systems.
Anderson has also made many technical contributions to computer science and system engineering, having been a pioneer of peer-to-peer systems, hardware tamper-resistance, copyright marking and API security. He chairs the Foundation for Information Policy Research, the main UK think-tank on Internet policy issues. He is a fellow of the Royal Society, the Royal Academy of Engineering, the IET and the IMA. He is the winner of the Lovelace Medal, the UK's top award in computing. He also wrote the definitive textbook Security Engineering: A Guide to Building Dependable Distributed Systems.
