Skip to content
Program
Monday, June 23, 2025
18:00-20:00
Welcome reception
Tuesday, June 24, 2025
08:40
Registration open
09:10
Welcome address
09:15-10:30
Session 1: Cyber risk management 1 (Chair: Lei Zhou)
10:30-10:50
Coffee break
10:50-12:30
Session 2: Cryptocurrency, digital cash, and NFT (Chair: Scott Stransky)
12:30-13:45
Lunch
13:45-15:00
Session 3: Privacy (Chair: Rainer Boehme)
15:00-15:20
Coffee break
15:20-16:35
Session 4: Software and vulnerability (Chair: Michel van Eeten)
16:40-17:30
Keynote 1 (Ross Anderson WEIS Lecture) (Chair: David Farber)
  • Securing the Software Supply Chain by Solving the Lemons Market.
    L Jean Camp (Provost Professor, Luddy School of Informatics, Computing, and Engineering, Indiana University)

    The Software Bill of Materials (SBOM) is a list of components that can be used to identify any documented vulnerability associated with the enumerated dependencies. Analogies have been made to safety, as with materials safety data sheets, or with allergens listed in general nutrition labels. How can such a simple document play a role in securing the software supply chain? We argue that SBOMs have the potential to significantly resolve the security lemons problem. I introduce the SBOM and illustrate how it can be used to support decision-making in procurement and in code development. I frame this argument using summaries of empirical results; first showing that information in SBOMs aligns with purchaser interest. Second, we illustrate that SBOM contains data that purchasers of software find important. This implies that developers may have an incentive to use SBOMs to create more secure code. Third, we step back and discuss consumer preferences. If the lemons market were resolved, would consumers pay for security? We close with a quick summary of results showing that security-aware consumers will pay more for security in this case leveraging the U.S. Cyber Trust mark.

17:45
Bus departure for dinner
18:30-20:30
Workshop dinner in Shinjuku
Wednesday, June 25, 2025
08:40
Registration open
09:10-10:50
Session 5: Cyber risk management 2 (Chair: Masaki Ishiguro)
10:50-11:10
Coffee break
11:10-12:00
Session 6: Public policy and cybercrime (Chair: Pallab Sanyal)
12:00-13:40
Lunch
13:40-14:30
Keynote 2 (Chair: Andrew A. Adams)
  • Trends and Risk of AI and How to Mitigate Them.
    Kazuaki Nimura (Japan AI Safety Institute (J-AISI))

    Japan AI Safety Institute(J-AISI) is an organization to study and promote evaluation methods and standards for AI safety in order to realize safe, secure, and reliable AI. To ensure AI safety, it is considered important to address security measures in adversarial manners. J-AISI has issued a red teaming guide with a risk-based methodology and countermeasures incorporating different perspectives of a wide range of stakeholders such as attackers and defenders. Summary of the guide will be introduced with a sample practice as an example.

14:40-15:30
Rump session (Chair: Tyler Moore)
15:30-16:30
Farewell cocktail