First page Back Continue Last page Summary Graphics
Lack of Science II
Most information protection research is poor science
- Very few 'researchers' actually review the literature
- Very few theories put forth are testable
- Metrics are almost non-existent
- Metrics in use are typically ONLY designed to make a plausible argument to managers who don't understand the issues
- Incremental improvements against infinite problems are foolish
- Almost no experimental basis for most 'research'
- Most of the limited experimental basis is designed only for confirmation and NOT for refutation
- We will test it to see if it works by demonstrating things that it does
- We will try to show that it fails by trying to make it fail
- Reporting of results is poor - NO failures are reported!!!
Notes: