Almost everyone recognizes the emergence of threats to cybersecurity. Seldom does a day go by without dire reports and hair-raising narratives about unauthorized intrusions, access to content, or damage to systems, or operations. And, of course, a close correlate is the loss of value. An entire industry has grown around cyber threats cybersecurity, prompting technological innovations and operational strategies that promise to prevent damage and destruction.
Explanations as why cybersecurity has attained such a high salience are far greater than is our understanding of the basic parameters in any matter touching on security, at all levels of analysis, namely: who does what, when, why, how, and with what effect. Most of the time it is possible to reconstruct the damage-episode and develop some hypotheses about several of the basic factors. But seldom, if ever, do we obtain a full reconstruction of the episode in all of its manifestations.
Unexpected as it is, nonetheless, we recognize the limits of our knowledge, the absence of robust understanding of the dynamics at hand, the paucity of theoretical or policy, and the list goes on. Even more compelling is the absence of an agreed upon definition of cybersecurity that encompasses the domain at hand, the conditions that undermine our confidence in cyber systems, and views as to the post threat realities and responses. All of this is a tall order indeed. While information of damage-episodes is amply, the data are not available in ways that allow for cumulative assessments. We still at very early stages of systematic analysis.
It goes without saying that concerns for cybersecurity are driven by the need to protect our own security in the cyber domain. Thus, it may be important to distinguish between cybersecurity as the attribute of an actor versus an attribute of the global network as a whole. By definition, states, firms, and most other entities generally place their own self-interest first and foremost, and only if necessary do they find it relevant to adopt a broader perspective – event to consider the security of others..
Different actors are likely to view cybersecurity in different terms. The set of “ingredients” in the overall “mix” of concerns shaping individual conceptions of cybersecurity may have a common or shared core – at a minimum unauthorized access.
We turn to the issues covered in these essays. With few exception, if any, they all derive from, or are connected to the forging, directly or indirectly. In this limited sense, then, we are moving toward a sense of “boundary” for the issue of cybersecurity.