Assembling cybersecurity: The politics and materiality of technical malware reports and the case of Stuxnet

Stevens, Clare

doi:10.1080/13523260.2019.1675258

Cited by 31 publications

(20 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We rely on Deleuze and Guattari [10], and DeLanda's [9] foundational concepts and follow Collier [8], Stevens [30], Egloff and Cavelty [16], and Liebetrau and Christensen's [24] approaches to cybersecurity assemblages as a conceptual framework to understand this problem. We apply Li [27] and Puar's [33] understanding of assemblages to see how the quantum threat as a concept is understood and specifically how post-quantum algorithms are used to mandate solutions to security problems, and how these solutions are enforced in policy.…”

Section: Assemblagesmentioning

confidence: 99%

“…The definition of associated challenges within cybersecurity assemblages helps to define how cybersecurity is 'made' and understood. For Stevens [30], cybersecurity includes the technologies, processes, practises, and relationships dealing with any aspect of security in cyberspace. It is an ecosystem of these components that is continuously co-produced by various actors, policies, and frameworks.…”

Section: Cybersecurity Assemblages and The Creation Of The Quantum Threatmentioning

confidence: 99%

“…Collier [8], Stevens [30], Egloff and Cavelty [16], and Liebetrau and Christensen [24] use assemblages to address the complexities and linkages within the environments, realities, and political contestations of cybersecurity. Our use of assemblages aims to explore the arrangements of technologies, the perceptions, discourses, and actors, including experts and knowledge creators.…”

Section: Cybersecurity Assemblages and The Creation Of The Quantum Threatmentioning

confidence: 99%

See 2 more Smart Citations

Post-Quantum Cryptographic Assemblages and the Governance of the Quantum Threat

Csenkey¹,

Bindel²

2021

Preprint

View full text Add to dashboard Cite

Threats against security in the Internet often have a wide-range and can have serious impacts within society. Large quantum computers will be able to break the cryptographic algorithms used to ensure security today, which is known as the quantum threat. Quantum threats are multi-faceted and very complex cybersecurity issues. We use assemblage theory to explore the complexities associated with these threats, including how they are understood within policy and strategy. It is in this way that we explore how the governance of the quantum threat is made visible. Generally, the private and academic sector have been a primary driver in this field, but other actors(especially states) have begun to grapple with the threat and have begun to understand the relation to defence challenges, and pathways to cooperation in order to prepare against the threat. This may pose challenges for traditional avenues of defence cooperation as states attempt to understand and manage the associated technologies and perceived threats. We examine how traditionally cooperating allies attempt to govern the quantum threat by focusing on Australia, Canada, the European Union (EU), New Zealand, the United Kingdom (UK), and the United States (US). We explore the linkages within post-quantum cryptographic assemblages and identify several governmental interventions as attempts to understand and manage the threat and associated technologies. In examining over 40 policy and strategy-related documents between traditionally defence cooperating allies, we identify six main linkages: Infrastructure, Standardization, Education, Partnerships, Economy, and Defence. These linkages highlight the governmental interventions to govern through standardization and regulation as a way to define to contours of the quantum threat.

show abstract

Section: Assemblagesmentioning

confidence: 99%

Section: Cybersecurity Assemblages and The Creation Of The Quantum Threatmentioning

confidence: 99%

Section: Cybersecurity Assemblages and The Creation Of The Quantum Threatmentioning

confidence: 99%

See 1 more Smart Citation

Post-Quantum Cryptographic Assemblages and the Governance of the Quantum Threat

Csenkey¹,

Bindel²

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…First, the security companies, which are one of the main sources of how we learn about cyber conflict, have limited visibility, mostly defined by the technologies employed and the markets they serve. Furthermore, they have a specific prism of what kinds of threats they investigate further (on the political choices made by security companies, see Stevens, 2020). That prism results in highly detailed knowledge about a subset of actors engaging in offensive measures.…”

Section: A Skewed (Public) Picture Of Cyber Conflictmentioning

confidence: 99%

Contested public attributions of cyber incidents and the role of academia

Egloff

2019

Contemporary Security Policy

View full text Add to dashboard Cite

Public attributions of cyber incidents by governments and private industry have become prevalent in recent years. This article argues that they display a skewed version of cyber conflict for several operational and structural reasons, including political, commercial, and legal constraints. In addition, public attribution of cyber incidents takes place in a heavily contested information environment, creating fractured narratives of a shared past. The article uses three cyber incidents (Sony Pictures, DNC, and NotPetya) to show how actors cope with this contested information environment and proposes a changed role of academia to address some of the problems that emerge. To become competent in contesting public attribution discourses, universities would have to work more across physical, disciplinary, and academic boundaries. The main implications for democracies are to be more transparent about how attribution is performed, enable other civilian actors to study cyber conflict, and thereby broaden the discourse on cybersecurity politics.

show abstract

“…Nevertheless, the role of non-state actors remains very peripheral in these authors' analyses of cyber-deterrence; their primary focus is firmly centered on the role of state actors (Burton, 2018;Nye, 2017;Rosenzweig, 2010;Wilner, 2020). Similarly, others have conducted research exploring the role of private sector non-state actors in attributing cyber incidents (Romanosky & Boudreaux, 2019;Stevens, 2020). Others still have explored the private sector's active cyber defense through the lenses of the just war theory (Thumfart, 2020).…”

mentioning

confidence: 99%

Redefining deterrence in cyberspace: Private sector contribution to national strategies of cyber deterrence

Lilli

2021

Contemporary Security Policy

View full text Add to dashboard Cite

This article explores the nature and the desirability of private sector contribution to national strategies of cyber deterrence. The article starts by developing a variation of the concept of cyber deterrence, called RCDC deterrence, which is simultaneously restrictive, comprehensive, dynamic, and complemental. Second, it applies RCDC deterrence to identify and analyze specific areas of cyber deterrence that can benefit the most from private sector contribution. Third, the article cautions about the potential security, legal, and moral issues that could arise from such private contributions. Instead of offering definitive answers on these complex issues, the article ends by suggesting avenues for further research. The ultimate objective is to assist decision-makers in designing policies and regulations aimed at maximizing the benefits of public-private cooperation in cyber deterrence while mitigating its potential downsides.

show abstract

Assembling cybersecurity: The politics and materiality of technical malware reports and the case of Stuxnet

Cited by 31 publications

References 37 publications

Post-Quantum Cryptographic Assemblages and the Governance of the Quantum Threat

Post-Quantum Cryptographic Assemblages and the Governance of the Quantum Threat

Contested public attributions of cyber incidents and the role of academia

Redefining deterrence in cyberspace: Private sector contribution to national strategies of cyber deterrence

Contact Info

Product

Resources

About