The field of Information Security is not sufficiently understood.
The domain has existed for a few decades, during which time a dramatic shift has occurred in the ways we create, transmit, process and store information. (As an example, consider recent changes in how the average household uses photography.)
We need more research, more and better education, but also more and better interaction between academia and practitioners. What works, asks the criminologist. And so should we be asking in InfoSec.