Governing Uncertainty or Uncertain Governance? Information Security and the Challenge of Cutting Ties

Slayton, Rebecca

doi:10.1177/0162243919901159

Cited by 15 publications

(21 citation statements)

References 70 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The study of governance of cybersecurity requires interdisciplinary research [30] drawing, among others, from governance theory, actor-network theory, and the study of sociotechnical regimes [35]. Research on Internet governance has already utilised actor-network theory and interpretative policy analysis to conceptualise multi-stakeholder arrangements engaging heterogeneous actors [36,37].…”

Section: Methodsmentioning

confidence: 99%

Towards the Design of a Collaborative Cybersecurity Networked Organisation: Identification and Prioritisation of Governance Needs and Objectives

Тагарев

2020

Future Internet

View full text Add to dashboard Cite

The effective response to the proliferation and growing diversity and sophistication of cyber threats requires a broad spectrum of competencies, human, technological and financial resources that are in the powers of very few countries. The European Union is addressing this challenge through an initiative to establish one or more cybersecurity competence networks. A number of existing technologies can support collaboration in networked organisations; however, network governance remains a challenge. The study presented in this article aimed to identify and prioritise network governance issues. Towards that purpose, qualitative and quantitative methods were applied in the analysis of norms and regulations, statutory documents of existing networks, academic sources and interviews with representatives of funding organisations and potential major customers. The comprehensiveness and complementarity of these primary sources allowed to identify 33 categories of governance issues and group them in four tiers, indicative of the respective priority level. The results of the study are currently used to inform and orient the development of alternative models for governance of a cybersecurity network and a set of criteria for their evaluation. They will support informed decision-making on the most appropriate governance model of a future networked organisation, evolving from a project consortium.

show abstract

Section: Methodsmentioning

confidence: 99%

Towards the Design of a Collaborative Cybersecurity Networked Organisation: Identification and Prioritisation of Governance Needs and Objectives

Тагарев

2020

Future Internet

View full text Add to dashboard Cite

show abstract

“…More specifically, if provision of water is a matter of public interest, what about the protection of industrial facilities, algorithms and data surrounding it? In analyzing the notion of governance, we take on board its conceptual fluidity and multiple meanings across disciplines (Rothstein et al 2013;Slayton 2020). For our analysis, we understand governance and its outcomes (i.e., regulations) as actions and actors aiming to achieve specific goals pertaining to the protection of public interest.…”

Section: Introductionmentioning

confidence: 99%

Reconfiguring governance: How cyber security regulations are reconfiguring water governance

Michalec

Milyaeva

Rashid

2021

Regulation & Governance

View full text Add to dashboard Cite

Developments in improved monitoring, asset management, and resource efficiencies led to the water industry promising a step‐change in the design and operation of these facilities: the “blending” of traditional engineering equipment with digital technologies. These apparent benefits inevitably produce new challenges of regulating an emerging techno‐political landscape. One of the regulations is Europe's Network and Information Systems Security Directive, which aims to improve cyber security across critical infrastructure providers. This paper focuses on the implementation of Network and Information Systems in the context of the water sector in England. At the national and supranational levels, Network and Information Systems acts as a boundary object that gathers diverse communities of practice without the need to establish common goals. Further, in the process of transposing the Directive into the sectoral context, Network and Information Systems requires interpretation by expert communities. We show how translating the regulatory scope to the sectoral landscape involves prioritizing some water governance goals over others. As diverse expert communities converge in their collaboration practices, their priorities align or stand in tension with public interests. We argue that cyber security regulations have potential to reconfigure water governance by refocusing strategic priorities away from traditional concerns of environmental governance. We suggest ways to maintain diverse collaborations across engineering, computing, and water expertise that Network and Information Systems implementation remains aligned with the goals of water governance.

show abstract

“…In particular, most studies have not comprehensively or clearly explained the processes of establishing security governance in organizations or provided guidelines for its implementation [6,21]. Implementing security governance remains difficult in complex connected digital environments because of "cutting ties", i.e., tensions [14]. Conflicts between information security values and work efficiency are the most common [5].…”

Section: Introductionmentioning

confidence: 99%

“…However, security governance literature is relatively immature, i.e. largely descriptive and provides both limited practical and theoretical guidance [6,13,14]. In particular, studies lack empirical understanding about the processes of establishing security governance in organizations or provided guidelines for its implementation [6,21].…”

Section: Introductionmentioning

confidence: 99%

“…In this study we bridge this research gap and provide empirical insight on implementation tensions. As explained earlier, implementing digital security governance in complex connected digital environments remains difficult because conflicting forces often exist that reveal tensions [14,15]. Focusing on tensions can provide important insights for both researchers and practitioners, helping them to become aware of possible tensions in security governance designs as well of coping strategies and practices to tackle these tension.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Tensions that Hinder the Implementation of Digital Security Governance

Schinagl

Khapova

Shahim

2021

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

General rightsCopyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights.• Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain • You may freely distribute the URL identifying the publication in the public portal ? Take down policyIf you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim.

show abstract

Governing Uncertainty or Uncertain Governance? Information Security and the Challenge of Cutting Ties

Cited by 15 publications

References 70 publications

Towards the Design of a Collaborative Cybersecurity Networked Organisation: Identification and Prioritisation of Governance Needs and Objectives

Towards the Design of a Collaborative Cybersecurity Networked Organisation: Identification and Prioritisation of Governance Needs and Objectives

Reconfiguring governance: How cyber security regulations are reconfiguring water governance

Tensions that Hinder the Implementation of Digital Security Governance

Contact Info

Product

Resources

About