Skip to main content

Fallacies of IT Security

Site search

Fallacies of IT Security

In academia as much as in industry and government, the application of mathematics to derive meaning is often equated with something being scientific. This means that there is a tendency to blindly translate qualitative observations into numerical – and measurable – values. Such quantitative approaches are, however, far from always relevant or, indeed, produce meaningful insights. In some cases, these abstractions are empty, wrong and misleading and may, as a result, pose significant risks to the correctness of the findings.

Information security is not exempt from this critique. There is an abundance of examples within the field which rely on mathematical abstractions to reduce or, indeed, redefine qualitative meanings to fit pre-defined quantitative scales, which are then algebraically manipulated without rigorous justification. Thus also failing to acknowledge subtly distinct discoveries and insights found in qualitative interpretations. Moreover, information security research tends to favour quantitative approaches to studying social phenomena over qualitative ones, which in the process are often redefined as psychological phenomena, stripping them of context and their social dimensions. This is evident in, for example, usable security research, which has traditionally focused on individuals' perceptions, cognition and behaviours in order to test and model them. Finally, the mantra "humans are the weakest link" remains popular among practitioners and academics, revealing a worrying role reversal: IT systems are not conceptualised in service of those who depend on them but people are integrated into these systems and surveilled to enforce compliance, while the latter's failures are blamed on the former.

This research area focuses on criticising these approaches by drawing out their inherent fallacies, studying alternative methods and pointing to the shaky social scientific grounding of some established practices in information security.

Explore Royal Holloway

Arrivals Sept 2017 77 1.jpg

Scholarships

Get help paying for your studies at Royal Holloway through a range of scholarships and bursaries.

clubs-societies_REDUCED.jpg

Clubs and societies

There are lots of exciting ways to get involved at Royal Holloway. Discover new interests and enjoy existing ones.

Accommodation home hero

Accommodation

Heading to university is exciting. Finding the right place to live will get you off to a good start.

Support and wellbeing 2022 teaser.jpg

Support and wellbeing

Whether you need support with your health or practical advice on budgeting or finding part-time work, we can help.

Founders, clock tower, sky, ornate

Departments and schools

Discover more about our academic departments and schools.

REF_2021.png

Research Excellence Framework

Find out why Royal Holloway is in the top 25% of UK universities for research rated ‘world-leading’ or ‘internationally excellent’.

Immersive Technology

Challenge-led research themes

Royal Holloway is a research intensive university and our academics collaborate across disciplines to achieve excellence.

volunteering 10th tenth Anniversary Sculpture - research.jpg

Research institutes and centres

Discover world-class research at Royal Holloway.

First years Emily Wilding Davison Building front view

Royal Holloway today

Discover more about who we are today, and our vision for the future.

RHC PH.100.1.3 Founders south east 1886.w

Our history

Royal Holloway began as two pioneering colleges for the education of women in the 19th century, and their spirit lives on today.

Notable alumni Kamaladevi Chattopadhyay

Our alumni

We’ve played a role in thousands of careers, some of them particularly remarkable.

Governance

Governance

Find about our decision-making processes and the people who lead and manage Royal Holloway today.