References
- Amicelle, A., Aradau, C., & Jeandesboz, J. (2015). Questioning security devices: Performativity, resistance, politics. Security Dialogue, 46(4), 293–306. https://doi.org/10.1177/0967010615586964
- Backman, S. (2022). Risk vs. Threat-based cybersecurity: The case of the EU. European Security, 1–19. https://doi.org/10.1080/09662839.2022.2069464
- Bauer, M., & Erixon, F. (2020). Europe's quest for technology sovereignty: Opportunities and pitfalls, ECIPE Occasional Paper, No. 02/2020. European Centre for International Political Economy (ECIPE), Brussels.
- Bendiek, A. (2012). European cyber security policy. SWP Research Paper. https://www.swp-berlin.org/publications/products/research_papers/2012_RP13_bdk.pdf.
- Bendiek, A., & Porter, A. L. (2013). European cyber security policy within a global multistakeholder structure. European Foreign Affairs Review, 18(2), 155–180. https://doi.org/10.54648/eerr2013011
- Berndtsson, J. (2017). Combining semi-structured interviews and document analysis in a study of private security expertise. In A. Schneiker & A. Kruck (Eds.), Researching non-state actors in international security: Theory & practice (pp. 81–95). Routledge.
- Bradford, A. (2014). Exporting standards: The externalization of the EU's regulatory power via markets. International Review of Law & Economics, 42(535), 158–173. https://doi.org/10.1016/j.irle.2014.09.004
- Brady, H. (2008). Europol and the European criminal intelligence model: A non-state response to organized crime. Policing (Bradford, England), 2(1), 103–109. https://doi.org/10.1093/police/pan014
- Brandão, A. P., & Camisão, I. (2021). Playing the market card: The commission’s strategy to shape EU cybersecurity policy. Journal of Common Market Studies, no. 4. https://doi.org/10.1177/1748895808096472
- Calcara, A., & Marchetti, R. (2021). State-industry relations and cybersecurity governance in Europe. Review of International Political Economy, no. 4. https://doi.org/10.1080/09692290.2021.1913438
- Carr, M. (2016). Public–private partnerships in national cyber-security strategies. International Affairs, 92(1), 43–62. https://doi.org/10.1111/1468-2346.12504
- Carrapico, H., & Barrinha, A. (2017). The EU as a coherent (cyber)security actor? JCMS: Journal of Common Market Studies, 55(6), 1254–1272. https://doi.org/10.1111/jcms.12575
- Carrapico, H., & Barrinha, A. (2018a). European Union cyber security as an emerging research and policy field. European Politics and Society, 19(3), 299–303. https://doi.org/10.1080/23745118.2018.1430712
- Carrapico, H., & Barrinha, A. (2018b, January 16). How coherent is EU cybersecurity policy? LSE Blog. https://blogs.lse.ac.uk/europpblog/2018/01/16/how-coherent-is-eu-cybersecurity-policy/.
- Carrapico, H., & Farrand, B. (2016). Dialogue, partnership and empowerment for network and information security: The changing role of the private sector from objects of regulation to regulation shapers. Crime, Law and Social Change, 67(3), 245–263. https://doi.org/10.1007/s10611-016-9652-4
- Center for Strategic & International Studies. (2016). Hacking the skills shortage: A study of the international shortage of cybersecurity skills. CSIS/McAfee Report. https://www.csis.org/programs/technology-policy-program/cybersecurity-and-governance/ cybersecurity-workforce.
- Ceyhan, A. (2008). Technologization of security: Management of uncertainty and risk in the age of biometrics. Surveillance & Society, 5(2), 102–123.
- Christou, G. (2016). Cybersecurity in the European Union: Resilience and adaptability in governance policy. Palgrave Macmillan.
- Christou, G. (2019). The collective securitisation of cyberspace in the European Union. West European Politics, 42(2), 278–301. https://doi.org/10.1080/01402382.2018.1510195
- Collier, J. (2018). Cyber security assemblages: A framework for understanding the dynamic and contested nature of security provision. Politics and Governance, 6(2), 13–21.
- Collier, S. J., & Lakoff, A. (2008). The vulnerability of vital systems: How “critical infrastructure” became a security problem. In M. Dunn & S. Kristensen (Eds.), The politics of securing the homeland: Critical infrastructure, risk and securitisation (pp. 17–39). Routledge.
- Council of the European Union. (2003, February 28). Proposal for a council framework decision on attacks against information systems.
- Council of the European Union and European Commission. (2000, 14 June). Europe 2002: An information society for all-action plan.
- Dewar, R. (2017). The European Union and cybersecurity: A historiography of an emerging actor’s response to a global security concern. In M. O’Neill & K. Swinton (Eds.), Challenges and critiques of the EU internal security strategy (pp. 113–148). Cambridge Scholars Publishing.
- Diphoorn, T. (2017). An ethnographic approach to non-state security: Participation observation among private security officers. In A. Schneiker & A. Kruck (Eds.), Researching non-state actors in international security: Theory & practice (pp. 171–186). Routledge.
- Dunn Cavelty, M., & Egloff, F. (2019). The politics of cybersecurity: Balancing different roles of the states. St Antony’s International Review, 15(1), 37–57.
- Dunn Cavelty, M., & Hagmann, J. (2021). The politics of security and technology in Switzerland. Swiss Political Science Review, 27(1), 128–138. https://doi.org/10.1111/spsr.12430
- Dunn Cavelty, M., & Suter, M. (2009). Public-private partnerships are no silver bullet: An expanded governance model for critical infrastructure protection. International Journal of Critical Infrastructure Protection, 2(4), 179–187. https://doi.org/10.1016/j.ijcip.2009.08.006
- Dunn Cavelty, M. (2008). Cyber-security and threat politics: US efforts to secure the information age. Routledge.
- Dunn Cavelty, M. (2013). From cyber-bombs to political fallout: Threat representations with an impact in the cyber-security discourse. International Studies Review, 15(1), 105–122. https://doi.org/10.1111/misr.12023
- Dunn Cavelty, M., & Wenger, A. (Eds). (2022). Cyber security politics: Socio-technological transformations and political fragmentation. Routledge.
- Einstein, K., Palmer, M., & Glick, D. (2019). Who participates in local government? Evidence from meeting minutes. Perspectives on Politics, 17(1), 28–46. https://doi.org/10.1017/S153759271800213X
- ENISA. (2004, November 12). Minutes of the third meeting of the ENISA Management Board. https://www.enisa.europa.eu/about-enisa/structure-organization/management-board/mb-minutes/mb_minutes_03.pdf.
- ENISA. (2005). General report 2005. https://www.enisa.europa.eu/publications/corporate/general_report_2005.pdf.
- ENISA. (2006, March 3). Minutes of the seventh ENISA Management Board Meeting. https://www.enisa.europa.eu/about-enisa/structure-organization/management-board/mb-minutes/mb_minutes_07.pdf.
- ENISA. (2013, March 21). Minutes of the 23rd Meeting of the ENISA Management Board. https://www.enisa.europa.eu/about-enisa/structure-organization/management-board/mb-minutes/mb-minutes-23.
- ENISA. (2016a, January). ENISA’s position on the NIS directive. https://www.enisa.europa.eu/publications/enisa-position-papers-and-opinions/enisas-position-on-the-nis-directive/.
- ENISA. (2016b). Impact evaluation on the implementation of Article 13a incident reporting scheme within EU. https://www.enisa.europa.eu/publications/impact-evaluation-article13a.
- ENISA. (2017a). Incident notification for DSPs in the context of the NIS Directive. https://www.enisa.europa.eu/publications/incident-notification-for-dsps-in-the-context-of-the-nis-directive.
- ENISA. (2017b, May 15). WannaCry Ransomware: First ever case of cyber cooperation at EU level. https://www.enisa.europa.eu/news/enisa-news/wannacry-ransomware-first-ever-case-of-cyber-cooperation-at-eu-level.
- ENISA. (2019). About ENISA. www.enisa.europa.eu/about-enisa.
- ENISA. (2020, February 2). ENISA management board extraordinary meeting.https://www.enisa.europa.eu/about-enisa/structure-organization/management-board/mb-minutes/2020-02-03-mb-extraordinary-meeting-minutes_approved.
- ENISA. (2021a, February 3). ENISA management board extraordinary meeting. https://www.enisa.europa.eu/about-enisa/structure-organization/management-board/mb-minutes/2020-02-03-mb-extraordinary-meeting-minutes_approved.
- ENISA. (2021b, December 15). Joint statement on Log4Shell. https://www.enisa.europa.eu/news/enisa-news/statement-on-log4shell.
- ENISA. (2021c). CSIRTs in Europe. https://www.enisa.europa.eu/topics/csirts-in-europe.
- ENISA. (2022). Cybersecurity institutional map. https://www.enisa.europa.eu/cybersecurity-institutional-map/results.
- European Commission. (2013, February 7). EU Cybersecurity plan to protect open internet and online freedom and opportunity. https://ec.europa.eu/commission/presscorner/detail/en/IP_13_94.
- European Commission. (2018). Regulation of the European Parliament and of the Council establishing the European Cybersecurity Industrial Technology and Research Competence Centre and the Network of National Coordination Centres. https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52018PC0630&from=EN.
- European Commission. (2020). New EU Cybersecurity Strategy and new rules to make physical and digital critical entities more resilient. https://ec.europa.eu/commission/presscorner/detail/en/IP_20_2391.
- European Commission. (2021). NIS Directive. https://digital-strategy.ec.europa.eu/en/policies/nis-directive.
- European Council. (2017). Cyber attacks: EU ready to respond with a range of measures, including sanctions. Press Release. https://www.consilium.europa.eu/en/press/press-releases/2017/06/19/cyber-diplomacy-toolbox/#.
- European Cyber Security Association. (2022). The European Parliament adopts the NIS 2 Directive. https://ecs-org.eu/newsroom/the-european-parliament-adopts-the-nis-2-directive.
- European Defence Agency. (2022). Cyber defence. https://eda.europa.eu/what-we-do/all-activities/activities-search/cyber-defence.
- European Parliament. (2013). ENISA: A new mandate to face the challenges of network and information security. https://www.europarl.europa.eu/news/en/press-room/20130416IPR07353/enisa-a-new-mandate-to-face-the-challenges-of-network-and-information-security.
- European Parliament and the Council of the European Union. (2004). Establishing the European Network and Information Security Agency. 460. https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX%3A32004R0460.
- European Parliament and the Council of the European Union. (2016). DIRECTIVE (EU) 2016/1148 concerning measures for a high common level of security of network and information systems across the Union. https://eur-lex.europa.eu/eli/dir/2016/1148/oj.
- Fuster, G. G., & Jasmontaite, L. (2020). Cybersecurity regulation in the European Union: The digital, the critical and fundamental rights. In M. Christen, M. Christen, B. Gordijn, and M. Loi (Eds.), The ethics of cybersecurity. Springer.
- Hansen, L., & Niessenbaum, H. (2009). Digital disaster, cyber security, and the Copenhagen school. International Studies Quarterly, 53(4), 1155–1175. https://doi.org/10.1111/j.1468-2478.2009.00572.x
- Hofmann, H. (2016). A European Regulatory Union – The role of agencies and standards. In P. Panos Koutrakos & J. Snell (Eds.), Research handbook on the EU’s internal market (pp. 46–479). Elgar Publishing.
- Igra, D. (2008, June 11). ‘Doomed’ security agency rises from dead. Politico. https://www.politico.eu/article/doomed-security-agency-rises-from-dead/.
- Ilbiz, E., & Christian, K. (2021). Europol and cybercrime: Europol’s sharing decryption platform. Journal of Contemporary European Studies, 1–14. https://doi.org/10.1080/14782804.2021.1995707
- ISACA. (2022). State of cybersecurity 2022, global update on workforce efforts, resources and cyberoperations. https://www.isaca.org/go/state-of-cybersecurity-2022.
- Jawad, W. K. (2021). Assessing an organization security culture based on ENISA approach. In A. Abraham, V. Piuri, N. Gandhi, P. Siarry, A. Kaklauskas, & A. Madureira (Eds.), Intelligent systems design and applications. ISDA 2020. Advances in intelligent systems and computing (pp. 1351). Springer.
- Klimburg, A., & Tirmaa-Klaar, H. (2011). Cybersecurity and cyberpower: Concepts, conditions and capabilities for cooperation for action within the EU, Study for the directorate-general for external policies of the Union.
- Kruck, A., & Weiss, M. (2023). The regulatory security state in Europe. Journal of European Public Policy, 30(7), 1205–1229. https://doi.org/10.1080/13501763.2023.2172061
- Lannon, E. (2019). EU cybersecurity capacity building in the Mediterranean and the Middle East. IEMed Mediterranean, Yearbook. https://www.iemed.org/publication/eu-cybersecurity-capacity-building-in-the-mediterranean-and-the-middle-east/#_ftn11.
- Liebetrau, T., & Christensen, K. K. (2021). The ontological politics of cyber security: Emerging agencies, actors, sites, and spaces. European Journal of International Security, 6(1), 25–43. https://doi.org/10.1017/eis.2020.10
- Mallinder, L. (2008). ENISA – An agency fighting for its survival. Politico. https://www.politico.eu/article/enisa-an-agency-fighting-for-its-survival/.
- Markopoulou, D., Papakonstantinou, V., & de Hert, P. (2019). The new EU cybersecurity framework: The NIS directive, ENISA’s role and the general data protection regulation. Computer Law & Security Review, 35(6), 105336. https://doi.org/10.1016/j.clsr.2019.06.007
- Mihr, A. (2017). Semi-structured interviews with non-state and security actors. In A. Schneiker & A. Kruck (Eds.), Researching non-state actors in international security: Theory & practice (pp. 65–80). Routledge.
- Monsees, L. (2020). ‘A war against truth’ – Understanding the fake news controversy. Critical Studies on Security, 8(2), 116–129. https://doi.org/10.1080/21624887.2020.1763708
- Moret, E., & Pawlak, P. (2017). The EU cyber diplomacy toolbox: Towards a cyber sanctions regime?. European Union Institute for Security Studies. https://www.iss.europa.eu/sites/default/files/EUISSFiles/Brief%2024%20Cyber%20sanctions.pdf.
- Negreiro, M. (2021). The NIS2 directive a high common level of cybersecurity in the EU. European Parliament Briefing. https://www.europarl.europa.eu/RegData/etudes/BRIE/2021/689333/EPRS_BRI(2021)689333_EN.pdf.
- Pohle, J., & Thiel, T. (2020). Digital sovereignty. Internet Policy Review, 9(4). https://doi.org/10.14763/2020.4.1532
- Robinson, N. (2012). European cyber security policy. In K. Andreasson (Ed.), Cybersecurity, public sector threat and responses (pp. 159–192). Routledge.
- Rosamond, B. (2000). Theories of European integration. Macmillan.
- Schouten, P. (2014). Security as controversy: Reassembling security at Amsterdam airport. Security Dialogue, 45(1), 23–42. https://doi.org/10.1177/0967010613515014
- Shires, J., & Smeets, M. (2017). Contesting “Cyber”. New America Report. https://d1y8sb8igg2f8e.cloudfront.net/documents/ContestingCyber12.12.17.pdf.
- Smeets, M. (2022). No shortcuts: Why states struggle to develop a military cyber-force. Hurst & Oxford University Press.
- Timmers, P. (2018). The European Union’s cybersecurity industrial policy. Journal of Cyber Policy, 3(3), 363–384. https://doi.org/10.1080/23738871.2018.1562560
- van Eeten, M. (2017). Patching security governance: An empirical view of emergent governance mechanisms for cybersecurity. Digital Policy, Regulation and Governance, 19(6), 429–448. https://doi.org/10.1108/DPRG-05-2017-0029
- Vogel, T. (2013). Network security agency moves staff out of Crete. Politico. https://www.politico.eu/article/network-security-agency-moves-staff-out-of-crete/.
- Voss, G. W. (2021). The concept of accountability in the context of the evolving role of ENISA in data protection, ePrivacy and cybersecurity. In A. Arcuri & F. Coman-Kund (Eds.), Technocracy and the law: Accountability, governance and expertise (pp. 247–284). Routledge.
- Weiss, M., & Biermann, F. (2021). Cyberspace and the protection of critical national infrastructure. Journal of Economic Policy Reform, Latest articles, 1–18. https://doi.org/10.1080/17487870.2021.1905530
- Weiss, M., & Jankauskas, V. (2019). Securing cyberspace: How states design governance arrangements. Governance, 32(2), 259–275. https://doi.org/10.1111/gove.12368
- Whyte, C. (2021). European Union: Policy, cohesion, and supranational experiences with cybersecurity. In N. Scott, S. N. Romaniuk, & M. Manjikian (Eds.), Routledge companion to global cyber-security strategy. Routledge.