The prevalence of cyber-dependent crimes (i.e illegal activities that can only be performed using a computer, computer networks or other forms of information communication technology) has significantly increased during the last decade in the USA and around the world. However, although cybersecurity efforts have increased substantially, very little attention has been focused on identifying potential comprehensive human-based interventions within the local ecology in which these crimes develop and persist.
An evidence-based cybersecurity approach provides an ideal framework for conceptualizing an interdisciplinary problem like cyber-dependent crime because it stresses moving beyond decision makers’ political, financial, social backgrounds and personal experiences to a model in which policy decisions are made based on scientific research findings. Moreover, this approach draws on the assumption that solutions to human behaviors may be affected by the interconnected behavior of victims, offenders and law enforcement agencies operating within the cyber realm, and that the effectiveness of the different interventions in achieving its goals should be assessed through rigorous scientific research methods.
The evidence-based cybersecurity approach encourages its followers to think of the situational environments that provide the structural resources and social opportunities for cyber-dependent crimes to emerge. As a result, advocates of this approach suggest that effective protection of computer environments should be the product of empirically proven "nudges” that push legitimate users of the environment to comply with organizational cybersecurity polices, while driving illegitimate users of the system to behave in predicable ways on an attacked system.