The Fifth Workshop on the Economics of Information Security (WEIS 2006)
Ross Anderson has announced that the fifth WEIS will be held in Cambridge (England) 26-28 June 2006. Papers due March of next year.
I’m sad that I’ve only made one of the WEIS workshops so far. (Life keeps interfering.) What’s there is amongst the most interesting bits being done in security. I hope they continue to be a venue for new ideas, rather than refining the ones that have been discussed.
Maybe I’ll write something about the development of new security product, and why we’ll never see the end of “using email like a stupid person.”
This year there was a lot of talk about moving away from a workshop approach to a more standard conference. In part, it’s getting too large; I think this is a good thing. As the community grows, I think we will see more refinement, but hopefully not an end to cool new ideas.
On one hand, as a social scientist, I think we need more data and a whole lot more methodological rigor. There are still some low-hanging fruits that can be picked off by opening up Mas-Colell, Winston & Green to a random page and applying it (often cleverly) to some IT policy issue. But, as Mr. Holmes noted, you cannot make bricks without clay.
On the other hand, I would love to see a 1 year rspite from theoretic models of liability-disclosure policies.