{"title":"欧盟网络事件和危机管理作为复杂公益的制度设计分析","authors":"Mazaher Kianpour, Christopher Frantz","doi":"10.1111/rego.12640","DOIUrl":null,"url":null,"abstract":"Effective cyber incident response and crisis management increasingly relies on the coordination of relevant actors at supranational levels. A polycentric governance structure is one of the institutional arrangements that can promote active participation of involved actors, an aspect decisive for the rapid and effective response to cyber incidents and crises. This research aims to dissect whether, and to what extent, a polycentric structure is manifested within the cyber crisis management framework of the European Union (EU) and assesses the extent to which these policies signal a balance between centralization and decentralization. By employing Institutional Grammar 2.0, we examine the roles and interactions among actors delineated within four key policies to identify the structural characteristics, institutional essentials, and prerequisites indicative of a polycentric governance system. Additionally, we apply network analysis to evaluate dyadic relationships of actors, further assessing the balance between centralization and decentralization in the EU's cyber crisis management framework. Our analysis reveals that the EU has adopted a polycentric governance model for cyber crisis management, characterized by a nuanced distribution of responsibilities and authorities. The findings highlight a tendency toward centralization, especially in the roles of Member States and the European Union Agency for Cybersecurity (ENISA), while maintaining a polycentric structure that blends centralization and decentralization. This balance can ensure structural integrity and coherence of the system, while theoretically providing the flexibility and resilience needed to adapt to the dynamic cyber threat landscape. The study contributes methodologically, offering a framework that can be applied to other domains, and provides insights into the effective coordination of cyber incident response and crisis management at supranational levels.","PeriodicalId":21026,"journal":{"name":"Regulation & Governance","volume":"34 1","pages":""},"PeriodicalIF":3.2000,"publicationDate":"2024-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Analysis of Institutional Design of European Union Cyber Incident and Crisis Management as a Complex Public Good\",\"authors\":\"Mazaher Kianpour, Christopher Frantz\",\"doi\":\"10.1111/rego.12640\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Effective cyber incident response and crisis management increasingly relies on the coordination of relevant actors at supranational levels. A polycentric governance structure is one of the institutional arrangements that can promote active participation of involved actors, an aspect decisive for the rapid and effective response to cyber incidents and crises. This research aims to dissect whether, and to what extent, a polycentric structure is manifested within the cyber crisis management framework of the European Union (EU) and assesses the extent to which these policies signal a balance between centralization and decentralization. By employing Institutional Grammar 2.0, we examine the roles and interactions among actors delineated within four key policies to identify the structural characteristics, institutional essentials, and prerequisites indicative of a polycentric governance system. Additionally, we apply network analysis to evaluate dyadic relationships of actors, further assessing the balance between centralization and decentralization in the EU's cyber crisis management framework. Our analysis reveals that the EU has adopted a polycentric governance model for cyber crisis management, characterized by a nuanced distribution of responsibilities and authorities. The findings highlight a tendency toward centralization, especially in the roles of Member States and the European Union Agency for Cybersecurity (ENISA), while maintaining a polycentric structure that blends centralization and decentralization. This balance can ensure structural integrity and coherence of the system, while theoretically providing the flexibility and resilience needed to adapt to the dynamic cyber threat landscape. The study contributes methodologically, offering a framework that can be applied to other domains, and provides insights into the effective coordination of cyber incident response and crisis management at supranational levels.\",\"PeriodicalId\":21026,\"journal\":{\"name\":\"Regulation & Governance\",\"volume\":\"34 1\",\"pages\":\"\"},\"PeriodicalIF\":3.2000,\"publicationDate\":\"2024-11-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Regulation & Governance\",\"FirstCategoryId\":\"91\",\"ListUrlMain\":\"https://doi.org/10.1111/rego.12640\",\"RegionNum\":2,\"RegionCategory\":\"社会学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"LAW\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Regulation & Governance","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1111/rego.12640","RegionNum":2,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}
Analysis of Institutional Design of European Union Cyber Incident and Crisis Management as a Complex Public Good
Effective cyber incident response and crisis management increasingly relies on the coordination of relevant actors at supranational levels. A polycentric governance structure is one of the institutional arrangements that can promote active participation of involved actors, an aspect decisive for the rapid and effective response to cyber incidents and crises. This research aims to dissect whether, and to what extent, a polycentric structure is manifested within the cyber crisis management framework of the European Union (EU) and assesses the extent to which these policies signal a balance between centralization and decentralization. By employing Institutional Grammar 2.0, we examine the roles and interactions among actors delineated within four key policies to identify the structural characteristics, institutional essentials, and prerequisites indicative of a polycentric governance system. Additionally, we apply network analysis to evaluate dyadic relationships of actors, further assessing the balance between centralization and decentralization in the EU's cyber crisis management framework. Our analysis reveals that the EU has adopted a polycentric governance model for cyber crisis management, characterized by a nuanced distribution of responsibilities and authorities. The findings highlight a tendency toward centralization, especially in the roles of Member States and the European Union Agency for Cybersecurity (ENISA), while maintaining a polycentric structure that blends centralization and decentralization. This balance can ensure structural integrity and coherence of the system, while theoretically providing the flexibility and resilience needed to adapt to the dynamic cyber threat landscape. The study contributes methodologically, offering a framework that can be applied to other domains, and provides insights into the effective coordination of cyber incident response and crisis management at supranational levels.
期刊介绍:
Regulation & Governance serves as the leading platform for the study of regulation and governance by political scientists, lawyers, sociologists, historians, criminologists, psychologists, anthropologists, economists and others. Research on regulation and governance, once fragmented across various disciplines and subject areas, has emerged at the cutting edge of paradigmatic change in the social sciences. Through the peer-reviewed journal Regulation & Governance, we seek to advance discussions between various disciplines about regulation and governance, promote the development of new theoretical and empirical understanding, and serve the growing needs of practitioners for a useful academic reference.