Tim Stevens | King's College London (original) (raw)

Books by Tim Stevens

Cyberspace and Instability, 2023

Edward Elgar, 2024

This Research Handbook provides a rigorous analysis of cyberwarfare, a widely misunderstood field... more This Research Handbook provides a rigorous analysis of cyberwarfare, a widely misunderstood field of contemporary conflict and geopolitical competition. Gathering insights from leading scholars and practitioners, it examines the actors involved in cyberwarfare, their objectives and strategies, and scrutinises the impact of cyberwarfare in a world dependent on connectivity.

Bristol University Press, 2023

How will protecting our digital infrastructure shape our future? Cybersecurity is one of the key... more How will protecting our digital infrastructure shape our future?

Cybersecurity is one of the key practical and political challenges of our time. It is at the heart of how modern societies survive and thrive, yet public understanding is still rudimentary: media portrayals of hoodie-wearing hackers accessing the Pentagon don’t convey its complexity or significance to contemporary life.

This book addresses this gap, showing that the political dimension is as important as the technological one. It accessibly explains the complexities of global information systems, the challenges of providing security to users, societies, states and the international system, and the multitude of competing players and ambitions in this arena.

Making the case for understanding it not only as a technical project, but as a crucial political one that links competing visions of what cybersecurity is for, it tackles the ultimate question: how can we do it better?

Time, Temporality and Global Politics

This chapter draws attention to the nature of chronometric administration as a form of global gov... more This chapter draws attention to the nature of chronometric administration as a form of global governance. The chapter explores how global time is governed through an assemblage of institutions, norms, standards, multilateral agreements and technologies that produce the sociotechnical chronos, the dynamic and negotiated ‘time of the world’.

'Cyber security' is a recent addition to the global security agenda, concerned with protecting st... more 'Cyber security' is a recent addition to the global security agenda, concerned with protecting states and citizens from the misuse of computer networks for war, terrorism, economic espionage and criminal gain. Many argue that the ubiquity of computer networks calls for robust and pervasive countermeasures, not least governments concerned at their potential effects on national and economic security, Drawing on critical literature in International Relations, security studies, political theory and social theory, this is the first book that describes how these visions of future cyber security are sustained in the communities that articulate them. Specifically, it shows that conceptions of time and temporality are foundational to the politics of cyber security. It explores how cyber security communities understand the past, present and future, thereby shaping cyber security as a political practice. Integrating a wide range of conceptual and empirical resources, this innovative book provides insight for scholars, practitioners and policymakers.

"The so-called cyber-threat commands the attention of multinational corporations, governments and... more "The so-called cyber-threat commands the attention of multinational corporations, governments and the strategic community, keen as they are to harness the power of digital communications yet anxious to protect their interests. Attacks such as those which disrupted on-line banking in Estonia and defaced government websites in Georgia, as well as the infamous Stuxnet worm that temporarily shut down Iran’s nuclear programme, are vivid examples of what may be possible within this new strategic domain. But are our networked societies really vulnerable, as some have suggested, to a knock-out blow, perpetrated by state-sponsored hackers or terrorists? And what can be done to defend the state from this and from the encroachment of external networks that transcend its borders and breach its laws?

This Adelphi tackles the range of issues raised by our dependence on digital networks. It considers how instantaneous, global communications are challenging national and social orders and what shape those challenges may take as the net is cast ever wider. Comparing the transformations of the Information Age with those of previous generations, when new technologies and emerging transnational threats spread panic in political and strategic circles, the authors examine the real implications for states and statehood."

Articles in English by Tim Stevens

International Affairs, 2024

Cybersecurity in national and international security is frequently discussed in an existential re... more Cybersecurity in national and international security is frequently discussed in an existential register. However, most cybersecurity activities are normal and routine, including diverse practices of cyber risk management. The intricacies of cyber risk and its connection to security and threat politics have received surprisingly little attention in the cyber politics literature. This article addresses this gap through a twofold theoretical proposition. The first argues that cyber risk in policy and practice inhabits a continuum between 'classical' risk and security postures. The second proposes the existence of multiple risk logics located in different positions on this continuum. To illustrate this, we outline two distinct cyber risk logics-'risk as potential threats' and 'risk as uncertainty'. Through an exploratory case study of UK risk policy and guidance, we find indications of the simultaneous existence of these risk logics, including in specific organisational contexts. We propose that 'risk as potential threats', in particular, acts as a 'bridge' between conventional risk and security. We conclude by discussing how differentiating cyber risk logics facilitates a finer-grained appreciation of cybersecurity policy and practice and provides opportunities for disciplinary engagement with the organisational and institutional politics of cybersecurity and 'the international'.

Journal of Cyber Policy, 2024

How does a reflexive scholarly practice matter for producing useful cybersecurity knowledge and p... more How does a reflexive scholarly practice matter for producing useful cybersecurity knowledge and policy? We argue that staking relevance without engaging in reflexivity diminishes the usefulness of knowledge produced both in academia and in policy. To advance a reflexive research agenda in cybersecurity, this forum offers a collective interrogation of the liminal positionality of the cybersecurity scholar. We examine the politics
of ‘the making of’ cybersecurity expertise as knowledge practitioners who are located across and in between the diverse and overlapping fields of academia, diplomacy and policy. Cybersecurity expertise, and the practices of the cybersecurity epistemic community more broadly, rely heavily on the perceived applicability and actionability of knowledge outputs, on the practical dependency on policy practitioners regarding access, and thus on the continuous negotiation of hierarchies of knowledge. Participants in this forum reflect on their research practice of negotiating such dilemmas. Collectively, we draw on these contributions to identify obstacles and opportunities towards realising a reflexive research practice in cybersecurity.

Journal of Cyber Policy, 2021

Digital espionage has ColdWar origins, but states are still determining how to respond when they ... more Digital espionage has ColdWar origins, but states are still determining
how to respond when they are found to be its latest victims. In
multilateral discussions about norms of responsible state behaviour
in cyberspace, digital political espionage is the elephant in the
room. Like other aspects of inter-state intelligence competition,
digital espionage is ‘business as usual’ but can also lead to tensions,
particularly when operations become public. The strategic
consequences of digital espionage appear significant, as
asymmetries of state power and poor understanding of technical
aspects of cyber operations lead to uncertainty about appropriate
responses to ‘cyber victimhood’. We offer multiple propositions to
frame state responses to digital espionage, focusing on the
relational power of the victim and spying states and their bilateral
relationships. States will generally respond proportionately to stateon-
state digital espionage, whilst domestic-political factors pressure
them to adopt more robust, cost-imposing measures that may
exacerbate the strategic consequences of digital espionage. We
illustrate these propositions with three recent cases – the Snowden
revelations (2013); the Office of Personnel Management breach
(2014); and the SolarWinds breach (2020) – and explore the
importance of calibrated responses to digital political espionage for
strategic stability and state behavioural norms in cyberspace.

European Journal of International Security, 2020

As staples of science fiction, space technologies, much like outer space itself, have often been ... more As staples of science fiction, space technologies, much like outer space itself, have often been regarded as being ‘out there’ objects of international security analysis. However, as a growing subset of security scholarship indicates, terrestrial politics and practices are ever more dependent on space technologies and systems. Existing scholarship in ‘astropolitics’ and ‘critical astropolitics’ has tended to concentrate on how such technologies and systems underpin and impact the dynamics of military security, but this article makes the case for wider consideration of ‘orbital infrastructures’ as crucial to conceptions and governance of planetary security in the context of the ‘Anthropocene’. It does so by outlining and analysing in detail Earth Observation (EO) and Near-Earth Object (NEO) detection systems as exemplary cases of technological infrastructures for “looking in” on and “looking out” for forms of planetary insecurity. Drawing on and extending recent theorisations of technopolitics and of Large Technical Systems, we argue that EO and NEO technologies illustrate, in distinct ways, the extent to which orbital infrastructures should be considered not only part of the fabric of contemporary international security but as particularly significant within and even emblematic of the technopolitics of planetary (in)security.

The RUSI Journal, 2019

Brexit is likely to have an effect on UK–EU cyber security cooperation. While there are ongoing r... more Brexit is likely to have an effect on UK–EU cyber security cooperation. While there are ongoing reasons to be positive about the state of UK–EU cyber security, Tim Stevens and Kevin O’Brien show how Brexit will have negative impacts on cybercrime policing and cyber threat intelligence sharing, particularly in a ‘no-deal’ scenario, and argue that the absence of a negotiated settlement will damage the cyber security of the UK and the EU.

This thematic issue advocates a range of novel theoretical and methodological directions applicab... more This thematic issue advocates a range of novel theoretical and methodological directions applicable to cybersecurity studies. Drawing on critical International Relations theory, Science and Technology Studies, participant observation, quantitative political science, and other social science methods and theory, the contributors advance modes of invigorating the exploration of cybersecurity as an assemblage of sociotechnical practices. In so doing, this issue seeks to enhance understanding of the politics and strategies of cybersecurity, one of the most complex and diverse technical and political challenges of our contemporary world.

John H. Herz (1908-2005) is better known for his theorisation of the security dilemma than for hi... more John H. Herz (1908-2005) is better known for his theorisation of the security dilemma than for his conviction that human survival is threatened by the conditions of late modernity. This article explores extinction and survival in his work to interrogate his persistent characterisation as an incorrigible pessimist. In his preoccupation with extinction, Herz would seem a first-rank pessimist, but his intellectual commitments belie this easy categorisation. Specifically, his appeals to interdisciplinary 'survival research' suggest a qualified pessimism that does not foreclose on the potential of humankind to overcome structural, political and normative obstacles. This is consistent with current understandings of pessimism with the broader realist tradition. Herz expressed an 'open' and 'linear' temporality that challenges cyclical and linear-progressive temporalities inherent to realism and liberalism, respectively. Herz articulates, therefore, a 'productive pessimism' that charts a different path for pessimist thought beyond its pejorative connotations. This article contributes to the literature on classical realism, to a growing interest in Herz's intellectual legacy, and to the developing appreciation of time and temporality in International Relations theory and practice. It also provides a foundation for rethinking our assumptions about pessimism and international politics.

Lebbeus Woods convierte a la arquitectura en un sistema critico con el que interviene en los deba... more Lebbeus Woods convierte a la arquitectura en un sistema critico con el que interviene en los debates sobre la violencia urbana. Su aparente catastrofismo es una invitacion a transformar la realidad.

The internet plays a contributory role in radicalisation, but is only one of a number of mechanis... more The internet plays a contributory role in radicalisation, but is only one of a number of mechanisms currently deployed to win recruits to global jihad. Technical regulation of online content is difficult and may be counter-productive, driving forums deeper underground or alienating users. Tim Stevens argues that adopting a social approach that educates and empowers online communities could have more success.

This article relates US efforts to develop strategic ‘cyber deterrence’ as a means to deter adver... more This article relates US efforts to develop strategic ‘cyber deterrence’ as a means to deter adversarial actions in and through global cyberspace. Thus far, interests-based cyber deterrence theory has failed to translate into effective US policy and strategy, due to a divergence between the operational idiosyncrasies of cyberspace and an over-reliance on Cold War models of deterrence. Even whilst explicit cyber deterrence strategy falters, the US is pursuing a norms-based approach to cyber strategy generally, and hopes to derive deterrent effects from its attempts to broker international agreements pertaining to the ‘rules of the road’ for the proper and productive use of cyberspace. The US is not the only norm entrepreneur in this policy space, however, and this article examines how a range of other state and non-state actors are complicating efforts to develop normative regimes that might reduce risks to and from cyberspace. The article concludes that a norms-based approach to cyber deterrence might engender deterrent effects at the state level but is unlikely to do so in the case of ‘rogue’ states and many non-state actors. States will continue, therefore, to develop punitive deterrence capabilities to respond to these actors.

Cyberspace and Instability, 2023

Edward Elgar, 2024

Bristol University Press, 2023

How will protecting our digital infrastructure shape our future? Cybersecurity is one of the key... more How will protecting our digital infrastructure shape our future?

Time, Temporality and Global Politics

International Affairs, 2024

Journal of Cyber Policy, 2024

Journal of Cyber Policy, 2021

European Journal of International Security, 2020

The RUSI Journal, 2019

Taddeo’s recent article, ‘Information Warfare: A Philosophical Perspective’ (Philos. Technol. 25:... more Taddeo’s recent article, ‘Information Warfare: A Philosophical Perspective’ (Philos. Technol. 25:105–120, 2012) is a useful addition to the literature on information communications technologies (ICTs) and warfare. In this short response, I draw attention to two issues arising from the article. The first concerns the applicability of ‘information warfare’ terminology to current political and military discourse, on account of its relative lack of contemporary usage. The second engages with the political and ethical implications of treating ICT environments as a ‘domain’, with its ramifications for the pursuit of ‘dominion’, particularly through military action.

Security Dialogue, Apr 19, 2013

This article is an attempt to interrogate some of the predominant forms of analogical reasoning w... more This article is an attempt to interrogate some of the predominant forms of analogical reasoning within current cyber-security
discourse, with a view to clarifying their unstated premises, major
strengths and, vitally, points of conceptual failure. It seeks to
improve dialogue between and across the various epistemic
communities involved with cyber-security policy. As we seek to
adapt to the new security realities of the information age, it is
incumbent upon scholars and strategists to address the benefits
of connectivity, in all its dimensions, as much as the threats it
presents. Current cyber-security discourse channels us into a
winner-takes-all modality that is neither desirable nor necessary
in the current strategic reality.

International Political Sociology, 2015

Virtual worlds, persistent online spaces of social interaction and emergent game-play, have hithe... more Virtual worlds, persistent online spaces of social interaction and emergent game-play, have hitherto been neglected in international studies. Documents disclosed by Edward Snowden in December 2013 suggest that intelligence agencies, including the National Security and GCHQ, have not been so reticent in exploring and exploiting these environments, specifically for gathering signals and human intelligence. This article introduces virtual worlds as sociological sites in the matrix of international politics and explores how the intelligence community (IC) has conducted operations in these environments, principally for counter-terrorism purposes. Reconstructing the activities of the IC shows how virtual worlds have been drawn into the ambit of state surveillance practices, particularly as a means to generate intelligence from virtual world behaviours that correlate with and predict ‘real-world’ behaviours indicative of terrorism and other subversive activities. As such, the articulations of the IC with virtual worlds express the anticipatory and pre-emptive logics of state security and surveillance. These intelligence activities portend a general colonisation by the state of previously unregulated interstices of the sociotechnical Internet and their analysis contributes to our understanding of the relationship between government and the Internet in the early 21st century.

Palgrave Communications, 2017

Cyberweapons are a relatively new addition to the toolbox of contemporary conflict but have the p... more Cyberweapons are a relatively new addition to the toolbox of contemporary conflict but have the potential to destabilize international relations. Since Stuxnet (a malicious computer worm) in 2010 demonstrated how computer code could be weaponised to generate political effect, cyberweapons have increasingly been discussed in terms of potential regulation and prohibition. Most analyses focus on how global institutions and regimes might be developed to regulate the development and use of cyberweapons and identify the political and technical obstacles to fulfilling this ambition. This focus on centralized authority obscures identification of existing governance efforts in this field, which together constitute an emerging global governance architecture for offensive cyber capabilities. This article explores three sources of cyberweapons governance—cyberwarfare, cybercrime and export controls on dual-use technologies—and briefly describes their political dynamics and prospects. It is argued that although fragmented, the global governance of cyberweapons should not be dismissed on this basis. Fragmentation is a condition of global governance, not its antithesis, and policy should respect this fragmentation instead of regarding it as an impediment to further development of cyberweapons governance. This article is published as part of a collection on global governance.

This article explores the non-emergence of a global governance regime for cyberweapons. Cyberweap... more This article explores the non-emergence of a global governance regime for cyberweapons. Cyberweapons are malicious software entities deployed to cause harm to adversaries' computer networks and systems. They threaten the integrity and functionality of digital systems that enable global circuits of communication and exchange, with significant potential impacts on social, economic and political order. Using a power-analytical approach, this article identifies four areas in which power works to constrain regime formation: the productive power of NATO's Tallinn Manual Process; the structural power of US involvement in cyberweapons markets; the institutional power of Internet technologies; and diplomatic claims to sovereignty that mask the operations of compulsory power. These work together to prevent a unified global approach to the regulation of cyberweapons. The article concludes that there are substantial obstacles to effective cyberweapons governance but that these should not prevent ongoing efforts to tackle this important and ubiquitous security issue.

Under Xi Jinpings leadership, China has actively promoted " Internet sovereignty " as a means to ... more Under Xi Jinpings leadership, China has actively promoted " Internet sovereignty " as a means to reshape the discourse and practices of global cyber governance. By analyzing Chinese-language literature, this article unpacks the Chinese discourse of Internet sovereignty. Despite significant interest in promoting it as Chinas normative position on cyberspace, we find that Chinese formulations of Internet sovereignty are fragmented, diverse, and underdeveloped. There are substantial disagreements and uncertainty over what Internet sovereignty is and how it can be put into practice. This is principally due to the evolving pattern of Chinese policy formation, whereby political ideas are often not clearly defined when first proposed by Chinese leaders. This article argues that an underdeveloped domestic discourse of Internet sovereignty has significantly restricted Chinas capacity to provide alternative norms in global cyberspace. Appreciating this ambiguity, diversity, and, sometimes, inconsistency is vital to accurate understanding of transformations in global cyber gover-nance occasioned by Chinas rise.

RUSI Commentary, 2023

Six experts react to the National Cyber Forceʼs new document, which outlines the UKʼs approach to... more Six experts react to the National Cyber Forceʼs new document, which outlines the UKʼs approach to cyber operations. On 4 April, the UK government released a new document on the National Cyber Force (NCF). ʻResponsible Cyber Power in Practiceʼ sets out for the rst time the operating principles and thought process behind UK cyber operations.

Cyber risk arises from contemporary conditions of informational hyperconnectivity and consequent ... more Cyber risk arises from contemporary conditions of informational hyperconnectivity and consequent relations of value and dependence. As the Covid-19 pandemic has illustrated, increased use of and reliance upon digital networks and systems has heightened awareness of these dynamics and deepened attention to cyber risk as the object of public policy, corporate practice and user behaviours. Scholarship on cyber risk management, as found in the cybersecurity literature and adjacent fields, has yet to fully link these processes and practices to wider conceptions of societal and systemic risk, particularly to sociological accounts of the contemporary 'risk society'. This paper explores the notion of 'cyber risk', asking how we might understand it through a sociotechnical lens. It pays specific attention to how we can theorise cyber risk as an assemblage of sociotechnical 'riskscapes', in which our understanding of risk goes beyond organisational imperatives of 'risk management' and into treating cyber risk as a set of productive knowledges and practices within a political economy of uncertainty. This emergent research programme will contribute to theoretical and methodological innovation at the intersection of International Relations (IR) and International Political Economy (IPE).

Adelphi Series

... as kinetic propaganda by deed.27 See Neville Bolt and David Betz, Propaganda of the Deed 2008... more ... as kinetic propaganda by deed.27 See Neville Bolt and David Betz, Propaganda of the Deed 2008: Understanding the Phenomenon, Whitehall Paper (London: Royal United Services Institute, 2008). View all notes. It bears a ...

Pessimism in International Relations

John H. Herz (1908–2005) was a lifelong pessimist, but this did not prevent him from articulating... more John H. Herz (1908–2005) was a lifelong pessimist, but this did not prevent him from articulating a positive research programme for avoiding nuclear and environmental catastrophe he termed ‘Survival Research’. This chapter explores Herz’s pessimism as a grounded, rational approach to the world that identified problems amenable to scholarly attention and potential solution. Without this pessimism, Survival Research would perhaps not have existed, a conclusion from which we can learn about our engagement with the world in International Relations. Moreover, if we understand pessimism as a ‘productive’ resource for developing world views and forms of scholarly action, we can overcome its characterization as negative or fatalistic. In this sense, both pessimism and Survival Research might be rehabilitated and guide us in the uncertain times of the Anthropocene.

Regulating Global Security

This chapter renders explicit what is submerged in previous analyses of cyberweapons regulation a... more This chapter renders explicit what is submerged in previous analyses of cyberweapons regulation and governance: the operations of power in shaping this field of politics and policy. It addresses nascent attempts to regulate cyberweapons and explores the operations of power in the global information-technological assemblage that shape their development, possession and use. First, a short preamble sets out the conceptual foundations of the chapter in terms of both regime theory and power analysis in International Relations. There follow four outline case studies, each focusing on an aspect of cyberweapons regulation and governance previously established as problems for the development of a global cyberweapons regime. The first concerns productive power and the role of the NATO Tallinn Manual Process in constructing cyberweapons as legitimate military instruments. The second is the role of US structural power in incentivising cyberweapons markets, which undermines multilateral attempts to regulate dual-use technologies associated with cyberweapons. The third examines the Internet as a source of institutional power, arguing that the design of the Internet provides affordances for cyberweapons. The fourth addresses compulsory power and diplomatic relations between the great powers, which resolve to differing interpretations of sovereignty that constrain the emergence of a global cyberweapons regime.

Digital War

Cybersecurity protects citizens and society from harm perpetrated through computer networks. Its ... more Cybersecurity protects citizens and society from harm perpetrated through computer networks. Its task is made ever more complex by the diversity of actors—criminals, spies, militaries, hacktivists, firms—operating in global information networks, so that cybersecurity is intimately entangled with the so-called grey zone of conflict between war and peace in the early twenty-first century. To counter cyber threats from this environment, cybersecurity is turning to artificial intelligence and machine learning (AI) to mitigate anomalous behaviours in cyberspace. This article argues that AI algorithms create new modes and sites of cybersecurity knowledge production through hybrid assemblages of humans and nonhumans. It concludes by looking beyond ‘everyday’ cybersecurity to military and intelligence use of AI and asks what is at stake in the automation of cybersecurity.

Adelphi Series

... 2011), http://mercatus.org/publication/beyond-cyber-doom. See also, Myriam DunnCavelty, Cyber... more ... 2011), http://mercatus.org/publication/beyond-cyber-doom. See also, Myriam DunnCavelty, Cyber-Security and Threat Politics: US Efforts to Secure the Information Age (London and New York: Routledge, 2008). View all notes. ...

Political Science Quarterly

Digital War, Mar 31, 2020

Adelphi Series

... Richard Stiennon, Surviving Cyberwar (Lanham, MD: Government Institutes, 2010), pp. ... herit... more ... Richard Stiennon, Surviving Cyberwar (Lanham, MD: Government Institutes, 2010), pp. ... heritage of freedom of expression have ordinarily been reluctant to control information and ideas, this is ... for the Internet to be 're-engineered'; Mike McConnell, 'To Win the Cyber-War, Look to ...

Politics and Governance

Proceedings of the Society of Antiquaries of Scotland, 2005

Cyber Security and the Politics of Time, 2015

Philosophy & Technology, 2012

Adelphi Series, 2011

This working paper explores the potential of ‘temporal ecologies’ as a conceptual schema for inte... more This working paper explores the potential of ‘temporal ecologies’ as a conceptual schema for interrogating the politics of in/security. Renewed attendance to the temporal dynamics of security practices and politics is a welcome recent addition to the security studies project in International Relations (IR). Valuable attempts have been made to reframe existing IR theories in ‘temporal’ terms, revealing methodological lacunae that deserve sustained scholarly attention. Explicit attention to time and temporality as constitutive factors in security politics and policy has similarly opened up productive avenues of enquiry into the ontologies and epistemologies of contemporary security. These studies highlight time as a key factor in theories and practices of security politics, establishing security itself as an ‘inherently temporal proposition’. This work complements and augments, first, a conventional IR understanding of time as ‘history’ alone, and, second, a more ‘traditional’ IR focus on spatial aspects of security. However, attempts to formulate an integrative approach to the different ‘levels’ and ‘scales’ of time and temporality are still required, as are tools to enable coherent analytical application of such an holistic approach.

This paper intervenes in this discussion by introducing the concept of ‘temporal ecologies’ as a theoretical lens through which to view time and temporality and to guide empirical research into the politics of in/security. It draws upon recent meta-theoretical and methodological work on sociotemporality and ‘temporal assemblages’ and sociological formulations of the ‘ecology of social time’. It recognises that time is constitutive of social actions like security and treats time as ‘neither merely a type of research variable nor a theoretical enigma removed from social reality’. The first section outlines the concepts of sociotemporality and temporal assemblage, establishing their utility to the study of the politics of in/security. It addresses the problem of integrating the meta-theoretical with the methodological and introduces in the second section the concept of temporal ecologies as a possible analytical bridge between the two. This section also enumerates a range of variables that might form the basis of an analytical ‘toolbox’, specifically duration, tempo, acceleration, and timing. The third section suggests several case studies from cybersecurity that might be amenable to such an ecological approach. The concluding section proposes a range of issues for discussion.