Abstract: Computing and communications infrastructures have become commodities which societies largely depend on, transacting huge quantities of data and exhibiting pervasive interconnections, sometimes in critical conditions. However, the actual magnitude that security and dependability risks may assume, is often misperceived. The information society has been assuming risk behaviours, without the adequate protection. Many stakeholders, not only end-users but vendors, service providers, public administrations and --- what may be surprising --- even governments, seem to ignore those risks, in different ways.
Yet, as will be shown in the talk, the problem should be obvious from the symptoms that have lately seen the light. Threats are everyday more powerful, massive or targeted attacks and advanced persistent threats entered the situational awareness agenda of nations. However, systems remain flaky, sometimes seemingly intentionally, vulnerabilities persist, and partial and/or specific fixes imperfectly mend what are sometimes global problems. Grand challenges deserve grand solutions, and so the talk will conclude along two lines of discussion, as a contribution to the debate on science of cybersecurity: effective strategies for cybersecurity are in dire need; advanced research breaking with traditional paradigms is required.