This article draws on a comprehensive new data set of crisis management capacities at the European Union level to highlight key patterns in their development and use. Organised within the categories of detection, sense‐making, decision‐making, coordination, meaning‐making, communication, and accountability, the data show considerable accumulation of capacities in detection and sense‐making, while decision‐making capacities lag behind. We find that most capacities are sector‐oriented rather than cross‐sectoral, and reside primarily within the European Commission rather than other EU institutions. Comparing the data to previous studies, we note that capacities overall are increasing and some are undergoing evolution; for example, horizon‐scanning tools once limited to collecting information have increasingly been given an analytical, “information enrichment” function akin to sense‐making.
In a few decades, cybersecurity issues have risen from being mainly the concern of IT-security experts to become a national security priority of modern states, with a considerable impact on contemporary diplomatic, financial and political affairs.Despite this rapid increase in cybersecurity interest, the speed of technological development and innovation cannot be matched by state cybersecurity initiatives or even the private cybersecurity sector. Combined with the digitalization of modern societies, including the quick expansion of IoTs (Internet of Things) and connectivity of critical infrastructure through ICS-systems (industrial digital control systems), societies are more vulnerable than ever when it comes to cyber related risks and threats.Meanwhile, we struggle with defining what cyber space should be for us as a globalized society and how to frame it as a security issue, both practically and academically. The internet grew out of structures and norms based on a worldview of developers which emphasized transboundary freedom, consensus, connection and sharing of information. This, however, might not be the internet of tomorrow. National approaches to cybersecurity and cyber crisis prevention today range from the openness-oriented line echoing the founding principles of the internet to protectionism and state-centric lines. The fact that an increasing number of actors are involved in cyber space and that it tends to blur important dichotomies such as internal/external, public/ private and civilian/military (Carrapico & Barrinha, 2017) adds to the challenge. As Pawlak and Missiroli put it, "The growing number of actors involved in the governance of cyberspace and the wide range of institutional and legal solutions adopted by those actors make a shared understanding of what 'cyber' is about more elusive. This occurs not only at the level of conceptual clarity (i.e. what is cyber?) but also, and maybe especially, with regard to transparency and accountability of decision-making for cyberspace (i.e. who is responsible and/ or accountable for what?)" (Pawlak & Missiroli, 2019:129).
The emerging trend in practises of organising national cybersecurity management via national cybersecurity centres unifies preventive and reactive cybersecurity measures and moves towards an all-hazard approach. These centres constitute some of the most modern ways of organising national cybersecurity management and originate from a holistic view of cybersecurity. Based on the empirical examples from the UK, the US, Finland, Germany and The Netherlands, the paper identifies basic motivational aspects behind the creation of national cybersecurity centres, as well as common features, such as strategy documents, organisational frameworks, tasks and responsibilities. Moreover, this paper seeks to identify if the national cybersecurity centres appear to be successful. The paper finds that the national cybersecurity centres are given increasing amounts of resources, tasks, responsibilities and/or freedom of action by their governments. This implies that practices of organising national cybersecurity management in national cybersecurity centres has indeed been successful, and that the examined countries aim to further develop and empower them. The paper concludes in recommendations for organising national cybersecurity centres, drawing on the examples of the studied countries.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.