Advanced search
Publication Cover
Journal of Risk Research Volume 26, 2023 - Issue 7
Submit an article Journal homepage
2,896
Views
0
CrossRef citations to date
0
Altmetric
Articles

Making cyber security more resilient: adding social considerations to technological fixes

Myriam Dunn Caveltya Center for Security Studies, ETH Zürich, Zürich, SwitzerlandCorrespondence[email protected]
,
Christine Eriksena Center for Security Studies, ETH Zürich, Zürich, Switzerland
&
Benjamin Scharteb International Center for Ethics in the Sciences and Humanities, University of Tübingen, Tübingen, Germany
Pages 801-814 | Received 10 Jun 2022, Accepted 05 Apr 2023, Published online: 08 May 2023

References

  • Adger, N. W. 2006. “Vulnerability.” Global Environmental Change 16 (3): 268–281. doi:10.1016/j.gloenvcha.2006.02.006.
  • Adger, N. W., and M. P. Kelly. 1999. “Social Vulnerability to Climate Change and the Architecture of Entitlements.” Mitigation and Adaptation Strategies for Global Change 4 (3/4): 253–266. doi:10.1023/A:1009601904210.
  • Aldrich, D. 2012. Building Resilience: Social Capital in Post-Disaster Recovery. Chicago: University of Chicago Press.
  • Amin, Z. 2019. “A Practical Road Map for Assessing Cyber Risk.” Journal of Risk Research 22 (1): 32–43. doi:10.1080/13669877.2017.1351467.
  • Anderson, R., and T. Moore. 2006. “The Economics of Information Security.” Science (New York, N.Y.) 314 (5799): 610–613. doi:10.1126/science.1130992.
  • Aven, T. 2013. “On the Meaning of a Black Swan in a Risk Context.” Safety Science 57: 44–51. doi:10.1016/j.ssci.2013.01.016.
  • Bailes, A. J. K. 2007. “Introduction: A World of Risk.” In SIPRI Yearbook 2007: Armaments, Disarmament and International Security, 1–20. Stockholm: SIPRI.
  • Behren, M. C. 2013. “Foucault and Technology.” History and Technology 29: 54–104.
  • Bourbeau, P. 2018. On Resilience: Genealogy, Logics, and World Politics. Cambridge: Cambridge University Press.
  • Brooks, S., M. Garcia, N. Lefkovitz, S. Lightman, and E. Nadeu. 2017. “An Introduction to Privacy Engineering and Risk Management in Federal Systems.” NISTIR 8062. https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8062.pdf
  • Buchanan, B. 2020. The Hacker and the State: Cyber Attacks and the New Normal of Geopolitics Cambridge, MA: Harvard University Press.
  • Buzan, B., O. Waever, and J. de Wilde. 1998. Security: A New Framework for Analysis. Boulder, CO: Lynne Rienner.
  • Calderaro, A., and A. J. S. Craig. 2020. “Transnational Governance of Cybersecurity: Policy Challenges and Global Inequalities in Cyber Capacity Building.” Third World Quarterly 41 (6): 917–938. doi:10.1080/01436597.2020.1729729.
  • Carr, M., and F. Lesniewska. 2020. “Internet of Things, Cybersecurity and Governing Wicked Problems: Learning from Climate Change Governance.” International Relations 34 (3): 391–412. doi:10.1177/0047117820948247.
  • Carrapico, H., and B. Farrand. 2017. “Dialogue, Partnership and Empowerment for Network and Information Security’: The Changing Role of the Private Sector from Objects of Regulation to Regulation Shapers.” Crime, Law and Social Change 67 (3): 245–263. doi:10.1007/s10611-016-9652-4.
  • Carrapico, H., and A. Barrinha. 2017. “The EU as a Coherent Actor in the Field of Cyber Security.” JCMS: Journal of Common Market Studies 55 (6): 1254–1272. doi:10.1111/jcms.12575.
  • Chandler, D. 2014. “Beyond Neoliberalism: Resilience, the New Art of Governing Complexity.” Resilience 2 (1): 47–63. doi:10.1080/21693293.2013.878544.
  • Christou, G. 2016. “Cybersecurity in the European Union Resilience and Adaptability in Governance Policy.” London Palgrave Macmillan.
  • Collier, S. J., and A. Lakoff. 2008. “The Vulnerability of Vital Systems: How ‘Critical Infrastructure’ Became a Security Problem.” In The Politics of Securing the Homeland: Critical Infrastructure, Risk and Securitisation, eds. M. Dunn and S. Kristensen. London: Routledge.
  • Collins, T. W. 2010. “Marginalization, Facilitation, and the Production of Unequal Risk: The 2006 Paso Del Norte Floods.” Antipode 42 (2): 258–288. doi:10.1111/j.1467-8330.2009.00755.x.
  • Committee on National Security Systems. 2010. National Information Assurance (IA) Glossary, CNSS Instruction No. 4009. https://www.dni.gov/files/NCSC/documents/nittf/CNSSI-4009_National_Information_Assurance.pdf
  • Cretney, R. 2014. “Resilience for Whom? Emerging Critical Geographies of Socio-Ecological Resilience.” Geography Compass 8 (9): 627–640. doi:10.1111/gec3.12154.
  • Deibert, R. 2018. “Toward a Human-Centric Approach to Cybersecurity.” Ethics & International Affairs 32 (4): 411–424. doi:10.1017/S0892679418000618.
  • Dillon, M., and L. Lobo-Guerrero. 2008. “Biopolitics of Security in the 21st Century: An Introduction.” Review of International Studies 34 (2): 265–292. doi:10.1017/S0260210508008024.
  • Dodel, M., and G. Mesch. 2018. “Inequality in Digital Skills and the Adoption of Online Safety Behaviors.” Information, Communication & Society 21 (5): 712–728. doi:10.1080/1369118X.2018.1428652.
  • Doorn, N. 2017. “Resilience Indicators: Opportunities for Including Distributive Justice Concerns in Disaster Management.” Journal of Risk Research 20 (6): 711–731. doi:10.1080/13669877.2015.1100662.
  • Dunn Cavelty, M., M. Kaufmann, and K. Søby Kristensen. 2015. “Resilience and (in)Security: Practices, Subjects, Temporalities.” Security Dialogue 46 (1): 3–14. doi:10.1177/0967010614559637.
  • Dunn Cavelty, M. 2008. Cyber-Security and Threat Politics: US Efforts to Secure the Information Age. London: Routledge.
  • Dunn Cavelty, M. 2014. “Breaking the Cyber-Security Dilemma: Aligning Security Needs and Removing Vulnerabilities.” Science and Engineering Ethics 20 (3): 701–715. doi:10.1007/s11948-014-9551-y.
  • Dunn Cavelty, M. 2018. “Cybersecurity Research Meets Science and Technology Studies.” Politics and Governance 6 (2): 22–30. doi:10.17645/pag.v6i2.1385.
  • Dunn Cavelty, M., and M. Smeets. 2023. “Regulatory Cybersecurity Governance in the Making: The Formation of ENISA and Its Struggle for Epistemic Authority.” Journal of European Public Policy 1–23. doi:10.1080/13501763.2023.2173274.
  • Dunn Cavelty, M., and F. J. Egloff. 2019. “The Politics of Cybersecurity: Balancing Different Roles of the State.” St Antony’s International Review 15: 37–57.
  • Dunn Cavelty, M., and A. Wenger. 2020. “Cybersecurity Meets Security Politics: Complex Technology, Fragmented Politics, and Networked Science.” Contemporary Security Policy 41 (1): 5–32. doi:10.1080/13523260.2019.1678855.
  • Dupont, B. 2019. “The Cyber-Resilience of Financial Institutions: Significance and Applicability.” Journal of Cybersecurity 5 (1): tyz013. doi:10.1093/cybsec/tyz013.
  • Dwyer, A. C., C. Stevens, I. Pijnenburg Muller, M. Dunn Cavelty, L. Coles-Kemp, and P. Thornton. 2022. “What Can a Critical Cybersecurity Do?.” International Political Sociology 16(3): olac013. doi:10.1093/ips/olac013.
  • Eadie, P., and Y. Su. 2018. “Post-Disaster Social Capital: Trust, Equity, Bayanihan and Typhoon Yolanda.” Disaster Prevention and Management: An International Journal 27 (3): 334–345. doi:10.1108/DPM-02-2018-0060.
  • Easton, D. 1965. A Systems Analysis of Political Life. New York: John Wiley.
  • Eiser, R. J., A. Bostrom, I. Burton, D. M. Johnston, J. McClure, D. Paton, J. van der Pligt, and M. P. White. 2012. “Risk Interpretation and Action: A Conceptual Framework for Responses to Natural Hazards.” International Journal of Disaster Risk Reduction 1: 5–16. doi:10.1016/j.ijdrr.2012.05.002.
  • Elliott, D. 2013. Fukushima: Impacts and Implications. London: Palgrave Macmillan.
  • Eriksen, C., and G. Simon. 2017. “The Affluence-Vulnerability Interface: Intersecting Scales of Risk, Privilege and Disaster.” Environment and Planning A: Economy and Space 49 (2): 293–313. doi:10.1177/0308518X16669511.
  • Eriksen, C., G. Simon, F. Roth, S. J. Lakhina, B. Wisner, C. Adler, F. Thomalla, et al. 2020. “Rethinking the Interplay Between Affluence and Vulnerability to Aid Climate Change Adaptive Capacity.” Climatic Change 162 (1): 25–39. doi:10.1007/s10584-020-02819-x.
  • Farrand, B, et al. 2020. “Managing Security Uncertainty with Emerging Technologies: The Example of the Governance of Neuroprosthetic Research.” In Emerging Security Technologies and EU Governance: Actors, Practices and Processes, ed. Calcara. Abingdon, Oxon: Routledge, 192–205.
  • Farrand, B., and H. Carrapico. 2022. “Digital Sovereignty and Taking Back Control: From Regulatory Capitalism to Regulatory Mercantilism in EU Cybersecurity.” European Security 31 (3): 435–453. doi:10.1080/09662839.2022.2102896.
  • Folke, C. 2006. “Resilience: The Emergence of a Perspective for Social-Ecological Systems Analyses.” Global Environmental Change 16 (3): 253–267. doi:10.1016/j.gloenvcha.2006.04.002.
  • Gaillard, J.-C. 2010. “Vulnerability, Capacity and Resilience: Perspectives for Climate and Development Policy.” Journal of International Development 22 (2): 218–232. doi:10.1002/jid.1675.
  • Graham, S., and S. Marvin. 2001. Splintering Urbanism: Networked Infrastructures, Technological Mobilities and the Urban Condition. New York: Routledge.
  • Haworth, B. T., E. Bruce, J. Whittaker, and R. Read. 2018. “The Good, the Bad, and the Uncertain: Contributions of Volunteered Geographic Information to Community Disaster Resilience.” Frontiers in Earth Science 6:183. doi:10.3389/feart.2018.00183.
  • Haworth, B., C. Eriksen, and S. McKinnon. 2019. “Online Tools can Help People in Disasters, but do they Represent Everyone?” The Conversation 30 May 2019. https://theconversation.com/online-tools-can-help-people-in-disasters-but-do-they-represent-everyone-116810
  • Herrington, L., and R. Aldrich. 2013. “The Future of Cyber-Resilience in an Age of Global Complexity.” Politics 33 (4): 299–310. doi:10.1111/1467-9256.12035.
  • Hiermaier, S., and B. Scharte. 2019. “Fault-Tolerant Systems.” In Digital Transformation, ed. R. Neugebauer, 285–300. Berlin: Springer.
  • Holling, C. S. 1996. “Engineering Resilience Versus Ecological Resilience.” In Engineering within Ecological Constraints, ed. P. E. Schulze, 31–43. Washington DC: National Academy Press.
  • Jackson, S., and T. L. J. Ferris. 2013. “Resilience Principles for Engineered Systems.” Systems Engineering 16 (2): 152–164. doi:10.1002/sys.21228.
  • Joseph, J. 2013. “Resilience as Embedded Neoliberalism: A Governmentality Approach.” Resilience 1 (1): 38–52. doi:10.1080/21693293.2013.765741.
  • Kott, A., and I. Linkov. 2019. Cyber Resilience of Systems and Networks. Cham: Springer.
  • Lewis, J. D., and A. J. Weigert. 1985. “Trust as a Social Reality.” Social Forces 63 (4): 967–985. doi:10.2307/2578601.
  • Linkov, I., T. Bridges, F. Creutzig, J. Decker, C. Fox-Lent, W. Kröger, J. H. Lambert, et al. 2014. “Changing the Resilience Paradigm.” Nature Climate Change 4 (6): 407–409. doi:10.1038/nclimate2227.
  • Little, A. 2012. “Political Action, Error and Failure: The Epistemological Limits of Complexity.” Political Studies 60 (1): 3–19. doi:10.1111/j.1467-9248.2011.00901.x.
  • Llansó, T., and M. McNeil. 2021. “Towards an Organizationally-Relevant Quantification of Cyber Resilience.” Proceedings of the 54th Hawaii International Conference on System Sciences. https://scholarspace.manoa.hawaii.edu/server/api/core/bitstreams/eae8138b-0a79-4753-90ee-f3accfb98ea3/content. doi:10.24251/HICSS.2021.849.
  • Lobo-Guerrero, L. 2011. Insuring Security: Biopolitics, Security and Risk. London: Routledge.
  • Mandiant. 2022. M-Trends report. https://www.mandiant.com/m-trends
  • Maschmeyer, L. 2022. “A New and Better Quiet Option? Strategies of Subversion and Cyber Conflict.” Journal of Strategic Studies. doi:10.1080/01402390.2022.2104253.
  • Maschmeyer, L., R. J. Deibert, and J. R. Lindsay. 2021. “A Tale of Two Cybers – How Threat Reporting by Cybersecurity Firms Systematically Underrepresents Threats to Civil Society.” Journal of Information Technology & Politics 18 (1): 1–20. doi:10.1080/19331681.2020.1776658.
  • Prior, T., and J. Hagmann. 2014. “Measuring Resilience: Methodological and Political Challenges of a Trend Security Concept.” Journal of Risk Research 17 (3): 281–298. doi:10.1080/13669877.2013.808686.
  • Renn, O., A. Klinke, and M. van Asselt. 2011. “Coping with Complexity, Uncertainty and Ambiguity in Risk Governance: A Synthesis.” Ambio 40 (2): 231–246. doi:10.1007/s13280-010-0134-0.
  • Ruan, K. 2017. “Introducing Cybernomics: A Unifying Economic Framework for Measuring Cyber Risk.” Computers & Security 65: 77–89. doi:10.1016/j.cose.2016.10.009.
  • Sawyer, S., and M. H. Jarrahi. 2014. “Sociotechnical Approaches to the Study of Information Systems.” Chapter 5 in Computing Handbook: Information Systems and Information Technology, eds. H. Topi, and A. Tucker, 3rd Ed. New York: Chapman and Hall/CRC. doi:10.1201/b16768.
  • Shandler, R., M. Gross, and D. Canetti. 2023. “Cyberattacks, Psychological Distress, and Military Escalation: An Internal Meta-Analysis.” Journal of Global Security Studies 8 (1): ogac042. doi:10.1093/jogss/ogac042.
  • Slupska, J. 2022. “Safer (Cyber)Spaces: Reconfiguring Digital Security Towards Solidarity.” PhD Thesis. https://ora.ouls.ox.ac.uk/objects/uuid:9e2484a0-a29a-4623-84ff-22379fb0dfec/files/dms35t913n.
  • Smit, B., and J. Wandel. 2006. “Adaptation, Adaptive Capacity and Vulnerability.” Global Environmental Change 16 (3): 282–292. doi:10.1016/j.gloenvcha.2006.03.008.
  • Statistica 2023. Technology Market Insights, Cybersecurity. Accessed March 2023. https://www.statista.com/outlook/tmo/cybersecurity/worldwide#cost.
  • Sword-Daniels, V., C. Eriksen, E. E. Hudson-Doyle, R. Alaniz, C. Adler, T. Schenk, and S. Vallance. 2018. “Embodied Uncertainty: Living with Complexity and Natural Hazards.” Journal of Risk Research 21 (3): 290–307. doi:10.1080/13669877.2016.1200659.
  • Thoma, K., B. Scharte, D. Hiller, and T. Leismann. 2016. “Resilience Engineering as Part of Security Research: Definitions, Concepts and Science Approaches.” European Journal for Security Research 1 (1): 3–19. doi:10.1007/s41125-016-0002-4.
  • Thomalla, F., M. Boyland, K. Johnson, J. Ensor, H. Tuhkanen, Å. Gerger Swartling, G. Han, J. Forrester, and D. Wahl. 2018. “Transforming Development and Disaster Risk.” Sustainability 10 (5): 1458. doi:10.3390/su10051458.
  • Tierney, K. 2014. The Social Roots of Risk: Producing Disasters, Promoting Resilience. Stanford: Stanford University Press.
  • UN. 2015. The 17 Sustainable Development Goals (SDGs) of the 2030 Agenda for Sustainable Development. Geneva: United Nations. https://www.un.org/sustainabledevelopment/.
  • UNDRR. 2015. Sendai Framework for Disaster Risk Reduction 2015–2030. Geneva: United Nations Office for Disaster Risk Reduction. https://www.unisdr.org/we/coordinate/sendai-framework.
  • Walker, J., and M. Cooper. 2011. “Genealogies of Resilience: From Systems Ecology to the Political Economy of Crisis Adaptation.” Security Dialogue 42 (2): 143–160. doi:10.1177/0967010611399616.
  • Williams, M. J. 2008. “(In)Security Studies, Reflexive Modernization and the Risk Society.” Cooperation and Conflict 43 (1): 57–79. doi:10.1177/0010836707086737.
  • Wisner, B., P. Blaikie, T. Cannon, and I. Davis. 2004. At Risk: Natural Hazards, People’s Vulnerability and Disasters. London: Routledge.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.