ABSTRACT
The early 2000s saw a sharp rise in cybercrime incidents around the globe, followed by a steep increase in the volume of industry-based reports, highlighting the prevalence of cybercrime and its high costs to victims. Numerous studies report enthusiasm among individuals and organizations for discovering the new ‘best solution’ to various internet security issues. In response, this chapter aims to define scientific research, explain different types of research applicable to cybersecurity, and show why the cybersecurity discipline should adopt rigorous scientific research designs. It also details common methods to evaluate cybersecurity operations and explains the importance of field experiments, longitudinal surveys, and observations to improve cybersecurity.
