This is a great time to be working in cyber security because the problems are pressing but the theory is lacking. In some ways, it is like the problems of algorithmic computation before Turing, electronic communication before Shannon, or coding theory before Hamming. Many problems exist and the need is urgent, but the theories remain elusive.
One of the main issues in cyber security is that it is not fundamentally a problem of technology, although technology plays a central role. The main issue is that security is played out in an adversarial relationship. Each side attempts to gain advantage over the other. When one vulnerability is plugged, adversaries can find another. Another central issue is that neither side has complete information. Given existing methods for sensing events on one's network, a great deal of detail must necessarily be ignored or aggregated. The challenge of finding particular events of interest in a sea of high-speed data is daunting.
To address these issues, I have been drawn to methods in probabilistic modeling, Bayesian inference, and machine learning. These methods are well suited to learning from data and building intelligent cyber security systems that can act despite having only partial and often flawed information. Occasionally, I have been able to augment these methods with pure and applied mathematics, such as graph theory, combinatorial commutative algebra, representation theory, group theory, and computational topology. Here are a few areas I've been working on. See my CV (linked to in the sidebar) for references to papers in these areas. I also have several-page description of my research and teaching interests.