Final published version
Licence: CC BY-NC-ND: Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - Desecuritising cybersecurity
T2 - towards a societal approach
AU - Burton, Joe
AU - Lain, Clare
PY - 2020/9/1
Y1 - 2020/9/1
N2 - Cybersecurity is often treated as a national security issue with responses to attacks implemented by military and intelligence agencies. This has created path dependencies in which tensions between the private sector and government have continued, where over-classification of cyberthreats has occurred, and where the broader societal impacts of malicious use of the internet have been underestimated. Drawing on the societal security concept established by the Copenhagen School of International Relations, we seek to reframe cybersecurity theory and policy. In the first section of the article we establish a theoretical approach to cybersecurity that emphasises the impact of cyberattacks on society, including on the health, energy and transport sectors. The second section draws on the history of cyberconflict to assess the ways the internet has been used to exacerbate societal tensions between identity groups and to create incohesion and societal security dilemmas. This section reinterprets the way the Kosovo War, Millennium (Y2 K) Bug, 9/11 and the WannaCry incident shaped and reflected cyber policy. The final section explores how a process of cyber desecuritisation might be achieved, including through discursive change and an enhanced role for the societal sector in the event of major cyberattacks.
AB - Cybersecurity is often treated as a national security issue with responses to attacks implemented by military and intelligence agencies. This has created path dependencies in which tensions between the private sector and government have continued, where over-classification of cyberthreats has occurred, and where the broader societal impacts of malicious use of the internet have been underestimated. Drawing on the societal security concept established by the Copenhagen School of International Relations, we seek to reframe cybersecurity theory and policy. In the first section of the article we establish a theoretical approach to cybersecurity that emphasises the impact of cyberattacks on society, including on the health, energy and transport sectors. The second section draws on the history of cyberconflict to assess the ways the internet has been used to exacerbate societal tensions between identity groups and to create incohesion and societal security dilemmas. This section reinterprets the way the Kosovo War, Millennium (Y2 K) Bug, 9/11 and the WannaCry incident shaped and reflected cyber policy. The final section explores how a process of cyber desecuritisation might be achieved, including through discursive change and an enhanced role for the societal sector in the event of major cyberattacks.
U2 - 10.1080/23738871.2020.1856903
DO - 10.1080/23738871.2020.1856903
M3 - Journal article
VL - 5
SP - 449
EP - 470
JO - Journal of Cyber Policy
JF - Journal of Cyber Policy
SN - 2373-8871
IS - 3
ER -