| Srl | Item |
| 1 |
ID:
171962
|
|
|
|
|
| Summary/Abstract |
Public attributions of cyber incidents by governments and private industry have become prevalent in recent years. This article argues that they display a skewed version of cyber conflict for several operational and structural reasons, including political, commercial, and legal constraints. In addition, public attribution of cyber incidents takes place in a heavily contested information environment, creating fractured narratives of a shared past. The article uses three cyber incidents (Sony Pictures, DNC, and NotPetya) to show how actors cope with this contested information environment and proposes a changed role of academia to address some of the problems that emerge. To become competent in contesting public attribution discourses, universities would have to work more across physical, disciplinary, and academic boundaries. The main implications for democracies are to be more transparent about how attribution is performed, enable other civilian actors to study cyber conflict, and thereby broaden the discourse on cybersecurity politics.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2 |
ID:
171963
|
|
|
|
|
| Summary/Abstract |
Cybersecurity experts foster a perception of cybersecurity as a gloomy underworld in which the good guys must resort to unconventional tactics to keep at bay a motley group of threats to the digital safety of unsuspecting individuals, businesses, and governments. This article takes this framing seriously, drawing on film studies scholarship that identifies certain aesthetic themes as associated with moral ambiguity in noir films. This article introduces the term “cyber-noir” to describe the incorporation of noir elements in cybersecurity expert discourses. It argues that the concept of cyber-noir helps explain the persistence of practices that blur legal, moral, and professional lines between legitimate and malicious activity in cyberspace. Consequently, changing cybersecurity requires not only institutional and technological measures, but also a re-constitution of cybersecurity identities themselves.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|