Cybersecurity policy refers to a course of action adopted by a state, an organization, or a set of actors with the aim of ensuring cybersecurity and/or digital competitiveness as well as defining the individual and collective responsibilities in pursuit of that goal.
Introduction: What Is Cybersecurity Policy and Why Does It Matter?
Cybersecurity policy refers to a course of action adopted by a state, an organization, or a set of actors with the aim of ensuring cybersecurity and/or digital competitiveness as well as defining the individual and collective responsibilities in pursuit of that goal. Broadly conceived, this area of public policy concerns complex, multifaceted, and dynamic security and business innovation related to information and communications technology (ICT). Cybersecurity policymaking includes legal, regulatory, technical, organizational, behavioral, international, and other capacity-building areas. Policy dimensions attached to these include information...
KeywordsAdaptive policymaking (APM) Agile governance Attribution Budapest Convention Critical infrastructure Cyber Cyberattack Cybercrime Cybersecurity European Union (EU) Evidence-based policymaking Geopolitics Incident response International relations Mutual legal assistance treaty (MLAT) UK National Cyber Security Centre (NCSC) National cyber security strategy (NCSS) US National Cyber Strategy (NCS) US National Security Strategy (NSS) Polycentric governance Public policy Public-private partnership Socio-technical Tallinn Manual United Kingdom (UK) United Nations (UN) United States (USA) Wicked problem
- Ansley, R. (2017, February 15). Tallinn manual 2.0: Defending Cyberspace. Atlantic Council Blog.Google Scholar
- Bartholomew, B., & Gurrero-Saade, J. A. (2016). Wave your false flags! Deception tactics muddying attribution in targeted attacks. In Virus bulletin conference, October.Google Scholar
- BIICL. (2014, October 9). State responsibility for Cyber operations: International law issues: Event report. British Institute of International and Comparative Law.Google Scholar
- Carr, M. (2016b). Crossed wires: International cooperation on Cyber security. Journal of International Affairs, 2015/2016(2), 1–2.Google Scholar
- Clemente, D. (2013). Adaptive internet governance: Persuading the Swing States. Internet Governance Papers, No. 5, October.Google Scholar
- Hussain, A., Shaikh, S. A., Chung, A., Dawda, S., & Carr, M. (2018). An evidence quality assessment model for cybersecurity policymaking. In Technical proceedings: International Federation for Information Processing (IFIP) Conference, 13 March, Arlington.Google Scholar
- Mussington, D. (2018). Governing Cyber Security in Canada, Australia and the United States. In C. Leuprect & S. MacLellan (Eds.), Centre for International Governance Innovation: Special Report, April.Google Scholar
- Osborne, G. (2015). Chancellor’s speech to GCHQ on Cyber Security. UK HM Treasury online.Google Scholar
- Parcell, J., & Holden, S. H. (2013). Agile policy development for digital government: An exploratory case study. In Conference: Proceedings of the 14th annual international conference on digital government research.Google Scholar
- Tanczer, L., Brass, I., Elsden, M., Carr, M., & Blackstock, J. (2018). The United Kingdom’s emerging internet of things (IoT) policy landscape. In R. Ellis & V. Mohan (Ed.), Rewired: Cybersecurity governance. Hoboken: Wiley.Google Scholar
- techUK. (2015). UK’s digital economy is world leading in terms of proportion of GDP. 1 May.Google Scholar
- Her Majesty’s Government. (2016). National Cyber security strategy 2016–2021 (cited as NCSS).Google Scholar
- NCS. (2018). National Cyber strategy of the United States of America ‘National Cyber Strategy of the United States of America.’ The White House, Washington, DC, September.Google Scholar
- NSS. (2017). National Security strategy of the United States of America. The White House, Washington, DC, December.Google Scholar