Bom desafio em Segurança?

O que é um bom desafio em segurança informática? Segundo Carl Landwehr da Universidade de Maryland e actual "editor in chief" da IEEE Security & Privacy, deve ter três características:
  1. It must be difficult enough, and relevant enough, that accomplishing it will lead to a measurable advance of some sort in security technology.
  2. It must be possible to impartially and repeatedly rank the results of efforts by different competitors.
  3. It must be interesting enough to attract widespread interest and simple enough to explain to those not involved in the field.

Do editorial da edição de Jan/Fev dessa revista.