1) we need solid encryption, with decently secure keys, BY DEFAULT, on EVERY box, BEFORE it leaves the box. If it hits a network, it's encrypted first. Period. Even if you're running Windows. Even on your Grandmother's Windows computer. Email, IMs, and Web browsing, file sharing, voice, the works. If I choose to encrypt my transmitted data, I don't want to accrue suspicion because I stand out, because EVERYTHING is encrypted. If the government wants to know what I'm sending or receiving, they can ask for my encryption keys. Depending on the law, maybe they'll get them. But then a) I'll KNOW they're watching me, and b) watching me doesn't automatically let them watch my neighbors. Decrypting one computer at a time doesn't scale well.
This is really, really, hard, and won't happen overnight. But we've learned a lot since the Internet was young, I think it's workable from a technical standpoint. It's the social part that will be hardest, convincing companies that the additional expense is justified and convincing people that a little extra complexity (hopefully none at all -- except maybe when you set up your computer for the first time) is worth it.
2) we need REALLY secure interfaces. Part of this is accomplished by part 1) but not all. We need to work towards fewer viruses, fewer zero-day exploits, and we need them fixed faster and with less manual intervention. Why are botnets STILL possible? This is also really hard. But the government should want this, too. Every time we hear about how vulnerable our power grids, or automobiles, or pacemakers, or telecom might be to cyber warfare, we should be shouting about this. Instead the government wants to exploit the zero-days for themselves, because they are dependent on them for their own cyberwar offensives. Yes, Microsoft might own some of the heat for this, (but not all, by any stretch of the imagination) but by their omnipresence they are in the best position to make a serious dent in the problem, too. IF it was worthwhile for them to do so. I might be interested in Windows 9 or 10 if security -- REAL security, designed in from the ground up, not marketecture -- was the goal. But again, motivating software companies is a social problem, not a technical one.
I'm sure there are other things we need, but these are the ones that seem most important to me.