Securing a vast digital ecosystem like Google’s demands more than a one-size-fits-all approach. This talk explores the critical need for a multi-layered assurance framework—a model where a secure baseline underpins all products while we push for the highest verifiable security on our most critical components, enabling an entire system to deliver high-assurance functionality. This unlocks the future of computing, enabling use cases like national-scale Digital IDs, ultra-personalized AI agents, and highly assured content provenance. We will demonstrate how this model builds user trust at scale and provides a blueprint for the industry to deliver the next generation of verifiably secure and intelligent experiences.

The UK MOD has invested significantly in computing engineering. Much of this investment showed excellent promise but eventually failed in the market as alternative products proved to be more popular. Some of these technologies were all part of extensive, and well funded, MOD/Government research programs. This presentation will look at three ground breaking and well received research technologies that MOD supported extensively but still failed in the market. The presentation will explore why these engineering technologies were consider “sliced bread”, their attributes and why they possibly failed in the system and software engineering market and became “Toast”.

The three technologies are:

Product Security is a relatively new discipline of engineering, and one that is of increasing importance from a safety, regulatory and business standpoint. It is sometimes perceived as being principally a ‘technology problem’ with corresponding ‘technology solutions’. In this talk, Alex will explore some of its wider characteristics - business, organisational and cultural - and share some observations on the associated challenges and opportunities.