Get access

Risking Security: Policies and Paradoxes of Cyberspace Security


  • 1

    There are perennial debates about how to define cyberspace and distinguish it from related concepts, like the Internet. The latter is typically defined as “a worldwide network of computer networks that use the TCP/IP network protocols to facilitate data transmission and exchange.” Although this definition is important and at the core of the subject matter under investigation in this paper, it is primarily focused on the material infrastructure of networked devices while excluding from consideration other important non-physical elements and characteristics. In this paper, we adopt the definition of cyberspace recently put forward by the US Department of Defense. According to the US Department of Defense’s National Strategy for Military Operations in Cyberspace (2006:3), cyberspace is as “a domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures.” There are several benefits of this broader definition: First, it covers more than just networked computers, and includes cellular technologies, space-based systems, and other technologies that are not at first blush usually associated with the Internet. Second, the reference to cyberspace as a “domain” allows for inclusion of non-physical elements, such as ideas and virtual realities, which are increasingly the subject of securitization today.


Conceptualizations of cyberspace security can be divided into two related dimensions, articulated as “risks”: risks to the physical realm of computer and communication technologies (risks to cyberspace); and risks that arise from cyberspace and are facilitated or generated by its technologies, but do not directly target the infrastructures per se (risks through cyberspace). There is robust international consensus, growing communities of practice, and an emerging normative regime around risks to cyberspace. This is less the case when it comes to risks through cyberspace. While states do collaborate around some policy areas, cooperation declines as the object of risk becomes politically contestable and where national interests vary widely. These include the nature of political opposition and the right to dissent or protest, minority rights and independence movements, religious belief, cultural values, or historical claims. The contrast between the domains has led to contradictory tendencies and paradoxical outcomes.