{"title":"Risk vs. threat-based cybersecurity: the case of the EU","authors":"Sarah Backman","doi":"10.1080/09662839.2022.2069464","DOIUrl":null,"url":null,"abstract":"ABSTRACT In a relatively short time, cybersecurity has risen to become one of the EU’s security priorities. While the institutionalisation of EU-level cybersecurity capacities has been substantial since the first EU cybersecurity strategy was published, previous research has also identified resistance from member states to allow the EU to have more control over their cybersecurity activities. Despite a growing literature on EU cybersecurity governance, there are currently extensive gaps in the understanding of this tension. This study suggests that an explanatory factor can be found in the so-far overlooked dynamic of the relative prevalence of risk vs. threat-based security logics in the EU cybersecurity approach. By distinguishing between risk and threat-based logics in the development of the EU cybersecurity discourse over time, this study highlights a shift towards an increasing threat-based security logic in the EU cybersecurity approach. The identified development highlights securitising moves enacting to a larger extent than before objects and subjects of security traditionally associated with national security. The study identifies specific areas of member state contestation accompanying this shift and concludes with a discussion on the findings in relation to the development of the EU as a security actor in the wider international cybersecurity landscape.","PeriodicalId":46331,"journal":{"name":"European Security","volume":"32 1","pages":"85 - 103"},"PeriodicalIF":2.7000,"publicationDate":"2022-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"European Security","FirstCategoryId":"90","ListUrlMain":"https://doi.org/10.1080/09662839.2022.2069464","RegionNum":2,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"AREA STUDIES","Score":null,"Total":0}
引用次数: 5
Abstract
ABSTRACT In a relatively short time, cybersecurity has risen to become one of the EU’s security priorities. While the institutionalisation of EU-level cybersecurity capacities has been substantial since the first EU cybersecurity strategy was published, previous research has also identified resistance from member states to allow the EU to have more control over their cybersecurity activities. Despite a growing literature on EU cybersecurity governance, there are currently extensive gaps in the understanding of this tension. This study suggests that an explanatory factor can be found in the so-far overlooked dynamic of the relative prevalence of risk vs. threat-based security logics in the EU cybersecurity approach. By distinguishing between risk and threat-based logics in the development of the EU cybersecurity discourse over time, this study highlights a shift towards an increasing threat-based security logic in the EU cybersecurity approach. The identified development highlights securitising moves enacting to a larger extent than before objects and subjects of security traditionally associated with national security. The study identifies specific areas of member state contestation accompanying this shift and concludes with a discussion on the findings in relation to the development of the EU as a security actor in the wider international cybersecurity landscape.