Explain how the principles of science relate to cybersecurity.

In today’s lecture, social science was linked to the same principles (relativism, objectivity, parsimony, empiricism, ethical neutrality, and determinism) as natural science. There are principles of social science that when defined and manipulated can be layered over cybersecurity and act as a guide in order gain an understanding of the human element in this field. The principles of science used in cybersecurity are relativism, objectivity, parsimony, empiricism, skepticism, ethical neutrality, and determinism.

 Relativism is about how everything is connected or related. More so now with everything being connected through the internet we can draw a link or correlation from one topic to another. Objectivity is about seeing a topic without the sway of values or bias. In the world we live in today where everything is either controversial or polarizing it is important to distill the information presented without succumbing opinion. Parsimony is another way of saying “keep it simple for the common person.” Empiricism is all about the tangible and definable facts. Ethical neutrality is what I would call the other half of objectivity where you not only want to remove bias but conduct the science in a way that is without controversy or moral ambiguity. Determinism is almost like prediction or stereotyping where a series of events or indicators will lead to a logical conclusion regardless of extraordinary standards.

If you are a religious person, you believe that a higher power has set in motion a series of events since the beginning of time to lead you to sit at your desk at this exact moment, part of an unexplainable grand plan. If you believe in free will, the juxtaposition to an omnipotent entity’s plan, to this idea where people make the conscience decisions that influence their current station/situation in life. I believe that determinism is aligned more with one’s belief versus science; more of an invisible unconscious hand or suggestion that leads people or events to their inevitable situation.

In addition to these principles, like any natural science discipline, cybersecurity uses the scientific method to ask who, what, when, where, why, and how. Who is responsible? What are the priorities? When is this due? Where are we most vulnerable/strongest? Why are we using a specific program? How are we encrypting data? The scientific method is a process used to answer these questions. While there is a 7-step method, there is a 5-step version: define a question to investigate, make predictions, gather data, analyze the data, and draw conclusions.

A final thought: A professor once mentioned in class that in science there are few absolutes and everything else is a confidence level. This resonated with me and gave me a different perspective; the idea that there is more to be discovered and that a topic or idea can have facets with different interpretation based on lived or learned experience. Science strives to be accurate and repeatable. As our understanding and technological advancements become greater our reliance on older studies or documents must be updated.