1 / 11

Two major challenges

This insightful resource delves into the challenges of bridging the gap between political and technical expertise in cybersecurity policy. It offers valuable insights into leveraging social science to understand the political context, adversary motives, and policy coordination obstacles. The text emphasizes the importance of cross-disciplinary collaboration, concrete issue focus, and conditions for policy impact to bridge the gap effectively.

tanaka
Download Presentation

Two major challenges

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Bridging the Gap: Theory and Practice in Cybersecurity PolicyJohan ErikssonThe Swedish Institute of International Affairswww.ui.sejohan.eriksson@ui.se

  2. Two major challenges • Bridging the gap between political and technical expertise • Bridging the gap between theory and practice

  3. Bridging the gap between political and technical expertise • Technical experts dominate research and development in cybersecurity • How? • Why? • Is this a problem? • Social science can help answer questions about for example: • The political context of cybersecurity • The identity, motives, and organizational forms of adversaries • The symbolic-political effects of attacks and countermeasures • Obstacles and opportunities for policy coordination across bureucratic, public-private, and international boundaries

  4. How to bridge the gap between political and technical expertise • Insightful individuals in both camps must take the lead • Appreciate that it takes time to reach an understanding of each others’ perspectives • Do not seek a single joint approach: see differences in methodology as complementary advantages • Join focus on concrete issues, such as particular events or infrastructures • Economic incentive: cross-disciplinary collaboration is supported by major research funds • Fora for cross-disciplinary research, e.g. Journal of Information Technology & Politics

  5. Swedish research collaboration on cybersecurity • CATS/National Defence College and the Swedish Institute of International Affairs • Information operations, cybersecurity, threat analysis • Social science approach • National IT security research network for PhD students (computer science) • Defence Research Establishment (mainly technical expertise) • Royal Technical University, and Kista Science Center • Technical expertise, computer science • Lindholmen Science Park, Security Arena (lindholmen.se) • Public-private partnership (Ericsson, IBM, Volvo, Chalmers Technical University, Göteborg University) • Crisis management and CIP, computer science focus

  6. How to bridge the gap between theory and practice • From research and analysis to policy and action • The two cultures • What can researchers contribute with? • Conditions for policy impact

  7. Usable research? • Research as data – instrumental utilization • Improving the factual knowledge-base of policy • Research as ideas – conceptual utilization • Shaping practitioners’ understanding of the nature and consequences of problems and alternative responses • Research as arguments – symbolical utilization • Legitimating decisions which have already been made, or supporting critique of decisions

  8. Conditions for utilization • Research as data is more likely to be used: • When there is consensus on values and interests • Absence of conflict within and between agencies • When decision makers (or their staff) are analytically sophisticated • When input of research into policy is institutionalized

  9. Conditions for utilization, continued • Research as ideas is more likely to be used: • When a crisis opens opportunities for reform, creating a demand for new ideas • When there is consensus that there is a need for a new policy • When decision makers are intellectually inclined (”thinkers” more than ”doers) • When a new idea fits within the overarching policy paradigm

  10. Conditions for utilization, continued • Research as arguments is more likely to be used: • In parliaments and in courts • When there is conflict over basic values and interests • After the fact: when decisions have already been made

  11. If you have lots of time to read: Eriksson, J. & G. Giacomello, eds (2007) International Relations and Security in the Digital Age (Routledge). Eriksson, J. & G. Giacomello (2006) The Information Revolution, Security, and International Relations: (IR)relevant Theory?, International Political Science Review, 27(3): 221-244. Eriksson, J. (2006) Power Disparity in the Digital Age. In O.F. Knudsen (ed.) Security Strategies, Power Disparity and Identity: The Baltic Sea Region (Ashgate Publishing). Contact: johan.eriksson@ui.se Tel +46 (0)8 511 768 21 Thank You!

More Related