Science and Cyber Security are closely related in the sense of the research methods used to answer a question or solve a problem. Just as evolutionist prosed questions the more humans evolved, as the internet evolves, we are prosing more question about how to be safe and secure online. How are we answering these questions within Cyber Security? We can answer them by applying the Scientific method.

For example, an organization is researching phishing due to hearing about a recent phishing attack. Questions start to rise such as how vulnerable are we? Do our employees understand how phishing can devastate an organization’s reputation or lead to financial losses? Organizations that collect and store sensitive data will purchase phishing simulators to evaluate how their employees are responding to suspicious emails. This answers how likely the organizations employees are to click or report a suspicious email. Then the research collected from the simulated phishing experiment is analyzed to draw solutions regarding how we can lessen the susceptibility of our associates to these attacks. These solutions often include awareness trainings, communications, or allocating more funds for security software. These solutions are then communicated to reduce susceptibility, then the process starts again with another question. The same empirical research method used in the natural and social sciences can also be applied to answer and provide solutions to the complex privacy and security problems online.