Ross Anderson, professor of computer science at the University of Cambridge and author of the acclaimed textbook "Security Engineering", passed away unexpectedly on March 28, 2024. Ross was a researcher and consultant in many areas of computer and information security and played key roles in identifying and exposing coverups of technical failures in computer systems. He was also a prolific blogger, co-creator of and frequent contributor to the Workshop on the Economics of Information Security (WEIS), and the Security and Human Behavior (SHB) workshop. Early in his career, he was the creator of Computer and Communications Security Reviews (CCSR), which sought to abstract all research publications in the security field. His numerous awards include election as a Fellow of the Royal Society and the Royal Academy of Engineering. He was a Fellow at Churchill College at the University of Cambridge.

Ross attended ACSAC regularly, including his 1999 Distinguished Lecture, his 2002 keynote, "Why Information Security is Hard - An Economic Perspective" (one of the most cited publications in ACSAC history, and a winner of the ACSAC Test of Time award in 2019), and his 2012 classic book presentation, "Security Economics - A Personal Perspective". He served as the European co-chair for the ACSAC conference for several years. Ross was an ACSAC Layered Assurance Workshop (LAW) supporter throughout the years and we always valued his insight. He will be greatly missed by the ACSAC community!

I first met Ross in about 1990, when he was creating the Computer and Communications Security Reviews, and joined him as one of the editors, which helped both of us in our graduate studies by incentivizing us to read the published literature. In an era when meeting people online was not a "thing" and video conferencing didn't really exist, Ross and I became colleagues and friends via email, although it was probably another five years before we actually met. I had the opportunity to spend time at ACSAC and other conferences with Ross and his wife Shireen, and they generously hosted me during several visits to Cambridge. One visit included a High Table dinner at Churchill College, and another included dinner at Ross and Shireen's home, which included Ross showing and playing his collection of bagpipes. Like many Americans, I failed to understand the difference between English and Scottish, and he set me straight - he was proudly Scottish. During the development of the first edition of his Security Engineering text, I was honored to be one of the people he consulted for assistance and was thrilled when the book became known as one of the key books in the field.

I had planned to attend the Security and Human Behavior workshop which Ross organized in Cambridge in spring 2020, which of course became virtual, and had looked forward to finally punting with Ross. In recent years, Ross had encountered difficulties getting a visa to enter the US, so I was hoping to see him later this year when I plan to visit the UK. I most recently exchanged emails with him a few months ago when I needed information on a particular topic, and he was as always extremely generous, pointing me to people and publications on the topic, and suggesting alternate angles to my questions. And ever the host, he invited me to visit him in Cambridge, or to meet up at a conference.

Ross was known for his strong opinions, and his willingness to speak truth to power. He was arguably the most famous computer scientist in Britain. But when away from the scientific space where he was well known and respected, Ross was a quiet and generous friend and host, always listening and eager to help.

I will miss him.

Jeremy Epstein