ABSTRACT
“Trust is good, but control is much better,” attributed to Vladimir Lenin [1], suggests that being trusting means being vulnerable. Rather, trust is an adaptation to an uncertain, risky situation; humans apply trust to make decisions and minimize risk. At present, cybersecurity occurs in a context characterized by high risk, uncertainty, time pressure, and an almost inconceivable number of agents potentially affecting the security of a network. This environment challenges cybersecurity professionals, who defend organizations 98against threats, and consumer users of the Internet, who are willing or unwilling participants in their own personal and organizational security. These challenges will only increase as computer networks, and attacks on computer networks, grow in their size and sophistication.
