Cyber Risk: Hyperconnectivity and the Political Economy of Uncertainty (original) (raw)
Related papers
Contemporary Politics Limits to a cyber-threat
This paper reveals the limits to representing cyberspace as a threat. In contrast to more conventional threats, the suggestion is that the not-immediately-apparent consequences of a cyber-attack make it largely reliant on official practices of representation. Exploring the implications of this reliance, the paper outlines how attributing meaning and culpability – always contested practices – are amplified in the potential absence of a readily apparent attack. Given these limits, does the cyber-threat then require a different lexicon of danger to both educate and engender a sense of caution? Examining the discursive construction of the cyberthreat, the paper demonstrates how this threat draws upon an established economy of danger – likening it to warfare and terrorism – but also suggests a limit to these representations. Specifically, by engaging post-structuralist literature the paper illustrates that these limits are best understood through an appreciation of the performative and the constitutive ‘lack’ in signification. It thus concludes that the value of the cyber-threat is not determined by transparently representing a cyber-attack. Rather, it is drawn from processes of hyper-securitization and through the establishment of institutions like the NATO Center of Excellence in Cooperative Cyber Defense that retroactively bring into existence the very object it purports to defend against.
Systemic cyber/in/security – From risk to uncertainty management in the digital realm
Recent events have given the impression that cyber incidents are becoming more frequent, more organised and more costly in the damage that they inflict. Yet, while low-level micro disturbances are an everyday reality, the world has yet to see a cyber incident of systemic proportions. Establishing the likelihood of such an occurrence, however, is impossible. Systemic cyber-risks are unpredictable and incalculable due to the uncertainty surrounding them. The complexity of the socio-technical environment that they co-create makes traditional linear risk management approaches lose their meaning. This article argues that rather than trying to establish control over something that we cannot fully grasp, we need to learn how to embrace uncertainty when dealing with the digital realm. This implies a focus on dialogue and information exchange to increase situational awareness, a focus on strengthening technical and social resilience as well as sustained efforts to nurture a fault tolerant political culture that accepts the possibility of failure and lives with a certain and inevitable degree of insecurity.
Cyber risk logics and their implications for cybersecurity
International Affairs, 2024
Cybersecurity in national and international security is frequently discussed in an existential register. However, most cybersecurity activities are normal and routine, including diverse practices of cyber risk management. The intricacies of cyber risk and its connection to security and threat politics have received surprisingly little attention in the cyber politics literature. This article addresses this gap through a twofold theoretical proposition. The first argues that cyber risk in policy and practice inhabits a continuum between 'classical' risk and security postures. The second proposes the existence of multiple risk logics located in different positions on this continuum. To illustrate this, we outline two distinct cyber risk logics-'risk as potential threats' and 'risk as uncertainty'. Through an exploratory case study of UK risk policy and guidance, we find indications of the simultaneous existence of these risk logics, including in specific organisational contexts. We propose that 'risk as potential threats', in particular, acts as a 'bridge' between conventional risk and security. We conclude by discussing how differentiating cyber risk logics facilitates a finer-grained appreciation of cybersecurity policy and practice and provides opportunities for disciplinary engagement with the organisational and institutional politics of cybersecurity and 'the international'.
Austrian Journal for Sociology, 2019
By exploring the political strategies that seek to advance and implement a "culture of cybersecurity" in Austria, we argue that the regimes of digital safety and security (DS&S) that are emerging worldwide should not be merely understood as a political reaction to the risks brought about by digitalization. Rather, cybersecu-rity further constitutes an active site where the incipient digital society is collectively (re-)imagined, negotiated, and created. As such, cybersecurity policies present sites of political articulation and intervention where the very contours of an emerging digital society and the socio-technical relationships of power and control deemed necessary to govern its emergence are (re-)assembled. Our research prompts a rethinking of the relationships between cybersecurity and the digital society to the extent that cybersecurity represents a new globalizing form and rationality of security that encodes and enables new forms of control and intervention, but also new responsibilities at the interface between the state, society, and individuals. *** (GERMAN) Regieren durch Cybersicherheit: Nationale Strategien, globalisierte (Un-)Sicherheit und soziotechnische Visionen der digitalen Gesellschaft Die konzentrierten nationalen Strategien der Schaffung und Implementierung einer "Kultur der Cybersicherheit" müssen als Ausdruck weltweit entstehender globalisierter Regime digitaler Sicherheit verstanden werden. Diese K 116 C. Haddad, C. Binder neuen Cybersicherheitsregime stellen jedoch nicht lediglich eine Reaktion auf zahl-reiche neue Risiken und Unsicherheiten im Kontext der Digitalisierung dar, sondern auch ein Artikulationsfeld entstehender digitaler Gesellschaften. Cybersicherheit ist demnach ein Artikulations-und Experimentierfeld, in dem sowohl die soziotechni-schen Visionen einer wünschenswerten digitalen Gesellschaft als auch das Ensemble von Macht-und Regierungstechniken (neu) entworfen werden, die diese Gesell-schaft hervorbringen und absichern sollen. Die vorliegende Untersuchung soll eine Rekonzeptualisierung des Verhältnisses zwischen Cybersicherheit und digitaler Ge-sellschaft dahingehend anstoßen, dass Cybersicherheit eine neue und globalisierte Form und Rationalität von Sicherheit darstellt, in der die Autoritätsverhältnisse und Verantwortlichkeiten zwischen Staat, Gesellschaft und Individuen neu geordnet wer-den. Schlüsselwörter Cybersicherheit · Digitalisierung · Globale Sicherheit · Gouvernementalität · Soziotechnische Visionen · Sicherheitspolitik
Security Meets Cyberspace: The Politics of Cyber Security
2016
Security risks linked to information and communication technology (ICT) are often condensed in the concept of cyber security. In this article we show how different theorisations of cyber security install certain politics of cyber security in accordance with usual fault lines and understandings of security in security studies. Consequently, we argue, we should be careful to readily limit cyber security to the prevailing politics of security in the literature of security studies. We need to ensure sensibility to how cyber security may also challenge the confines of this. Therefore we, first, introduce Annemarie Mol’s notion of ontological politics and the idea of multiple cyber securities as a way of opening up the politics of cyber security. Second, we point to the importance of technology and technological change through a short overview of how the concept of cyber security entered the political imaginary in debates on critical infrastructure protection and ICT. Third, we engage wit...
Cyber-Security and Threat Politics: US Efforts to Secure the Information Age
This book explores the political process behind the construction of cyber-threats as one of the quintessential security threats of modern times in the US. Myriam Dunn Cavelty posits that cyber-threats are definable by their unsubstantiated nature. Despite this, they have been propelled to the forefront of the political agenda. Using an innovative theoretical approach, this book examines how, under what conditions, by whom, for what reasons, and with what impact cyber-threats have been moved on to the political agenda. In particular, it analyses how governments have used threat frames, specific interpretive schemata about what counts as a threat or risk and how to respond to this threat. By approaching this subject from a security studies angle, this book closes a gap between practical and theoretical academic approaches. It also contributes to the more general debate about changing practices of national security and their implications for the international community.