Cyber security, knowledge and practices (CYKNOW)

Over the past decades it has become evident that the rapidly increasing digitalization of modern society goes hand in hand with a number of societal and political challenges and implications. The data infrastructures that serve as a connective tissue for our daily life has in many ways changed how politics works, populations are governed, war is conducted, and commercial activity is functioning. At the center of this contemporary debate is so-called artificial intelligence (AI) which not only poses itself as the future solution to the many problematic issues of contemporary politics, but which is increasingly seen as a problem in and of itself. One core issue is the safety and security of the many data systems and infrastructures that AI and our societies rely on, often grouped under the umbrella of cybersecurity. Through ongoing research CYKNOW has shown that there is little agreement on what cyber security is, how it is understood and practiced. While the cybersecurity industry frames the problem from a technical understanding that requires a technical solution, politicians and strategists see this as a great power game where attack is often the best defense. Civil society on the other hand is concerned about data privacy and surveillance. The project started off from the premise that what cybersecurity is, is not a given, but is rather an effect of various processes that configure different actors, practices, technologies and discourses. Seeing cybersecurity through these lenses, the different members of the CYKNOW team, have in various ways shown how these processes produce different ways of understanding, experiencing and practicing what we generally refer to as cybersecurity. This we argue also have important implications for how we consider the safety and security of our mutual digital and data infrastructures and its implications for society. In addition to shifting the academic research agenda around cybersecurity and international politics, the member of CYKNOW have in different ways facilitated increased dialogue and understanding between the technical and political environments, as well as to inform and expand political debates around cybersecurity and its implications.

With the rapid digitalization of modern societies, exploitation and attacks on digital networks is also surging. As a result, the security of digital systems, or cybersecurity, has become a priority for states and globally. Governments have recognized that protection of digital critical infrastructure and functions is a key national security task, as states increasingly weaponize digital code to intrude into one another’s networks. Still, decision-makers struggle to fully understand and comprehend the threat, and similarly face challenges when designing strategies and means to prevent, mitigate and respond to attacks. Familiar security frameworks and measures, such as defense and deterrence, appear outmoded in the rapidly evolving digital world. This knowledge gap is mirrored in the social science, where dominant theories and models treat cybersecurity as something objectively given, rather than the result of a sociotechnical process. As a consequence, cybersecurity remains academically elusive. This project will help fill this gap through a novel analytical framework that combines social science and technology studies. The aim is to explore how the digital threat landscape is understood among policy makers and engineers alike, how this knowledge is conveyed between them, and how particular cybersecurity policies and practices emerge as a result.