Here is just a quick list, off the top of my head, of some of the topics I would like to see someone do talks about at security events this summer. If you are in need of a research topic, or something to dig into for a deep dive, give one of these a try. Who knows, maybe you will see me in the audience. If so, then feel free to sit down for a cup of coffee and a chat! 

Here’s the list, in no particular order:

1. machine learning,  analytics in infosec
2. detection capabilities with nuance visibility at scale
3. decision support from security analytics & automated systems based on situational awareness
4. rational controls and how to apply them to different industries
5. crowdsourcing of policies and processes – wiki-based approaches
6. internal knowledge management for security teams
7. tools for incident response beyond the basics
8. tools and processes for business continuity after a breach – show us your guide to “Ouchies!”
9. attacker research that is actually meaningful and that does NOT revolve around IOCs
10. skills and capability mapping techniques for security teams and their management
11. new mechanisms for log management and aggregation beyond Splunk & SEIM – how would the death star handle logs?
12. near-real time detection at a meaningful level – even better if admins can make decisions and take actions from their iPhone/iWatch, 😛
13. extrusion/exfiltration testing capabilities & metrics-focused assessment approaches for testing exfil robustness
14. network mapping and asset discovery techniques and tools – how would the death star map their IT networks? 🙂