Cybersecurity is a complex ecosystem that is based on several contradicting requirements. For this reason, it is often defined as an arms race between attackers and defenders: for example, when a new security model or algorithm is devised, it could act as a double-edged sword since it might both enhance the security posture of a system and introduce additional vulnerabilities. Similarly, many of the novel technological solutions that are used to improve the security of systems and networks are also being used by those who wish to threaten well-established algorithms and protocols. For example, it is already known that when large-scale quantum computers become available, they will be able to break almost all the public-key cryptographic algorithms currently in use. Security is also about balancing several trade-offs, e.g. security vs privacy, security vs trust, security vs usability, security vs cost, research vs standardization, academic research vs real applications, to name just a few. For example, while artificial intelligence provides the ability to efficiently analyze massive data streams to detect patterns of anomalous behaviour, it also threatens user privacy by enabling the analysis of individual behaviours, and democratic government by subverting opinions via electronic media. Likewise, the use of trustworthy computing and trusted hardware: while it fortifies systems by providing stronger security and operational assurance guarantees, it also allows attackers to perform stealthy attacks and could be used to damage user privacy. The goal of the CYSARM workshop is to foster collaboration and discussion among cyber-security researchers and practitioners to better understand the various facets and trade-offs of cybersecurity and how new security technologies and algorithms might impact the security of existing or future security models.