| Trust is earned, not given. The word "Science" came from a type of knowledge/knowledge-seeking that has been very successful from the age of Newton to present day. But Science's success has become it's curse. Lots of fields now call themselves "Sciences" even if they're not employing the kinds of standards and methodologies that lead to the early successes. People with ulterior motives (economic, ideological, political, social or religious) have for a long time claimed to represent Science. Lately, "Science" has warped into "the Science", meaning a world view promoted by a set of authorities that can be highly partisan. In many cases, the kind of mechanisms that ensured (eventual) falsification of bad ideas have been abandoned. Instead, "the Science" now must now often comply with what is what we WANT to believe, rather than with evidence. Understanding real Science is still as useful as ever. Not only does an actual scientific education give access to undertanding directly, it also helps us see through those who claim to represent "the Science", but who are not respecting the Scientific Method. People without a proper scientific education will, today, be helpless in distinguishing between real Science, cargo cult Science and outright fraud. I would argue the same goes for IT security. At least a few decision makers in an organization needs to have a fairly good understanding of it if the organization of the topic to know how to deal with it, either internally or through service or software vendors. |