A Year of Growth: How Philosophy, Trust, and Public Policy Are Shaping My View of Cybersecurity
It’s May 15, 2015, the semester is over and I can finally take a moment to reflect on what has been an extraordinary year. I have now reached a milestone in my Ph.D - I have completed my first academic year, and as I settle into this academic journey, I’m feeling more confident, more inspired, and more curious than ever before. I’ve successfully completed my first year—a year that, at first, was daunting and full of uncertainty, but now, in hindsight, feels like a period of immense personal and intellectual growth.
Coming into the program, I was laser-focused on one thing: the technical aspects of cybersecurity. I saw myself as someone who could solve security problems with code, algorithms, and engineering solutions. The technical challenges thrilled me—the intricacies of cryptography, network security, and system vulnerabilities were like puzzles waiting to be solved. But now, as I reflect on my journey, I realize something unexpected has happened. Over the past few months, I’ve developed a deep and growing interest in aspects of computing I had never given much thought to before: philosophy, ethics, psychology, and digital public policy.
This shift in my thinking began to take root earlier this year when I was assigned to read Ken Thompson’s Reflections on Trusting Trust in CS 626, taught by Professor Eugene Spafford. I can confidently say that this paper, more than any other single moment in my academic life, has fundamentally reshaped how I view cybersecurity—not just as a technical challenge but as a human one.
In Thompson’s paper, I found a profound argument: trust in computing systems goes far beyond code and tools. It extends to the people who create those systems. Thompson’s exploration of how trust can be subverted at a fundamental level—by tampering with a compiler, for instance—brought to light a vulnerability that no amount of technical proficiency could entirely fix. The issue wasn’t the code, it was trust. And trust, as I’ve come to realize, isn’t something that can be engineered or enforced—it’s something that’s earned and maintained by the integrity of people.
This realization opened up an entirely new world for me. Suddenly, cybersecurity wasn’t just about ensuring the technical soundness of systems; it was about understanding human behavior, trust, and responsibility. I began to explore the non-technical dimensions of cybersecurity more deeply, and to my surprise, I discovered a new passion. I find myself gravitating toward topics like the philosophy of technology, the ethics of data privacy, and even the psychology behind human error and malicious intent. These areas, which once seemed so far removed from the engineering mindset I had embraced, are now becoming central to how I think about cybersecurity.
In fact, I’m realizing that no technical solution can exist in isolation. Every firewall, every encryption protocol, every piece of software is created, managed, and ultimately trusted by people. And people are imperfect, driven by motives, biases, and influences that no amount of technical skill can control. This has led me to a newfound love for exploring the ethics of technology—questions like how we should design systems that protect user privacy, the role of consent in digital spaces, and the responsibility of engineers and technologists in safeguarding human rights.
Equally fascinating to me now is the intersection between cybersecurity and public policy. As our world becomes more digitized, the decisions we make in cybersecurity aren’t just technical—they’re political, legal, and moral. This has brought me to consider the role of digital public policy in shaping how we as a society approach cybersecurity. Governments, regulators, and international organizations are starting to play bigger roles in cybersecurity, and their decisions will have wide-reaching impacts on everything from national security to individual freedoms. Understanding these broader implications has become a key interest of mine, and I’m eager to explore how technical experts like myself can engage with policymakers to drive meaningful, responsible change.
One of the most surprising things about this intellectual journey is how natural it feels. Before starting my Ph.D., I would have never imagined that I’d be so intrigued by philosophical debates or the nuances of digital policy. I was an technie (systems engineer) through and through, focused on solving problems with tools and systems. But now, I see the value in broadening my perspective. By considering the human, philosophical, and ethical dimensions of cybersecurity, I’m becoming a more well-rounded scholar and, ultimately, I believe, a better cybersecurity professional.
As I move into my second year, I am more determined than ever to continue balancing both the technical and non-technical aspects of my field. I want to build secure systems, yes—but I also want to ensure that those systems reflect ethical principles, protect individual rights, and contribute to a more just digital society. I’m excited about the prospect of working at the intersection of these areas, perhaps one day influencing not only the design of secure technologies but also the policies and frameworks that govern them.
This first year has been transformative, not just in terms of the technical knowledge I’ve gained, but in the way I think about cybersecurity and computing as a whole. I now understand that trust, ethics, and public policy are as integral to our field as encryption and firewalls. As I continue on this journey, I’m excited to keep exploring these broader questions, pushing myself to think not only as a technologist but as a philosopher, an ethicist, and perhaps even a policymaker.
If someone had told me back in August 2014 that I’d be spending this much time thinking about philosophy and ethics, I probably would have laughed. But now, as I sit here, reflecting on the past year, I couldn’t be more excited about the path ahead. I feel like I’m standing at the intersection of so many fascinating fields—engineering, ethics, psychology, and policy—and I can’t wait to see where this journey will take me next.