Social research methods in cyber security: From criminology to industrial cyber security

The application of social research methods in cyber security requires a multidisciplinary combination since the security of technologies and communication networks is made up of a set of uses, techniques, and results directly conditioned by the parameters of confidentiality, data availability, integrity, and privacy. However, each of these technological concepts is prepared and subject to conditions of use that involve ethical, sociological, economic, and legal aspects. Firstly, social engineering techniques in cybercrime tend to combine social investigation techniques with computational engineering and telecommunications elements. Secondly, research on cyber security phenomena in industrial environments implies the adaptation to the organizational specificity of each sector. In this chapter, the social research topics commonly addressed by leading companies and researchers in cyber security at a global level are analyzed from a comparative point of view, extracting a taxonomy of social research on cyber security.