You are on page 1of 28

Cyber Security - International Relations - Oxford Bibliographies

Cyber Security
Hannes Ebert, Tim Maurer


DOI: 10.1093/OBO/9780199743292-0196


The Internet has expanded rapidly since its commercialization in the mid-1990s. In the early 21st century, a third of the worlds
population has access to the technology, with another 1.5 billion expected to gain access by 2020. Moreover, the Internet of
Things will lead to an exponential number of devices being connected to the network. As a result, the economic and political
incentives to exploit the network for malicious purposes have also increased, and cybersecurity has reached head-of-state-level
attention. In parallel, publications on the topic by academic, policy, industry, and military institutions have multiplied. Scholars within
the international relations (IR) discipline and its subfields of security studies and strategic studies increasingly focus on the
technologys implications on national and international security. This includes studying its effect on related concepts such as power,
sovereignty, global governance, and securitization. Meanwhile, the meaning of cybersecurity and information security has been
highly contested. Broad definitions of the concept incorporate a wide range of cyberthreats and cyberrisks, including cyberwarfare,
cyberconflict, cyberterrorism, cybercrime, and cyberespionage as well as cybercontent, while narrower conceptualizations focus on
the more technical aspects relating to network and computer security. This article focuses on cybersecurity in the IR context from
the perspective of political conflict, including the scholarship on cyberwarfare, cyberconflict, and cyberterrorism. The literature on
cybercrime deserves a stand-alone article, as does cyberespionage from the perspective of surveillance and intelligence activities.
This article references only a few publications from the latter two categories as they relate to cyberconflict. While scholars take the
technologys implications for international security increasingly seriously, they continue to disagree about the level and nature of
threat and the appropriate policy responses that governments and other stakeholders should adopt. States also have very different
perspectives on cyberspace and its appropriate use, with an increasing number developing offensive cybercapabilities.
Cybersecurity has become an integral part of governments national defense and foreign and security policies and doctrines,
contributing to the construction of cybersecurity as a new domain of warfare. Efforts to develop rules of the road for cyberspace
focus on the applicability of existing international law, potential gaps, the development of norms, confidence-building measures,
and postulating deterrence postures. As a consequence, a cybersecurity regime complex has evolved, encompassing multiple
regional and international institutions that play pivotal roles in shaping policy responses. This article offers a selective list of
relevant literature. The coauthors would like to thank the experts in China, India, Russia, Switzerland, and the United States who
responded to their request to share their top-ten most relevant cybersecurity publications. The coauthors incorporated this
feedback in their process for developing this article to reduce bias and to include international perspectives on the most-relevant
English-language literature.

General Overviews

Since 2007, a number of in-depth, book-length studies have been published that build on the largely conceptual and hypothetical
literature of the 1990s on information security and its evolution and focus on cybersecurity. There had been a noteworthy gap and
shift in the literature following the 9/11 terrorist attacks, until the high-profile cyberincidents toward the end of the first decade of the
21st century reignited interest and scholarship on cybersecurity. Singer and Friedman 2014 offers a highly accessible introduction
to definitions, relevance, and policies of cybersecurity. Segal 2016 describes how the expansion of the Internet reshapes traditional
forms and rules of international power struggles more broadly and ushers in a new era of geopolitics. The history of this
development is the focus of a strategic dossier compiled by the London-based International Institute for Strategic Studies (Tikk-
Ringas 2015), detailing the technologys evolution and political implications starting with the 1950s. Healey 2013, a historical
account of cyberconflict, argues that the first cyberincident occurred in 1986, and it deduces lessons from ten major incidents that
followed thereafter for early-21st-century cybersecurity debates. The limitations and benefits of various historical analogies to other
military domains for understanding and improving cybersecurity are discussed extensively in Goldman and Arquilla 2014. In-depth

1 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

discussions of the implications of cybersecurity include Libicki 2007, with Kramer, et al. 2009 providing a strategic framework for
US cybersecurity policymaking. Clark, et al. 2014 presents a comprehensive catalogue of relevant research and policy questions
informed by the authors technical expertise.

Clark, David, Thomas Berson, and Herbert Lin, eds. At the Nexus of Cybersecurity and Public Policy: Some Basic
Concepts and Issues. Washington, DC: National Academic Press, 2014.
Reviews key cybersecurity policy challenges from a technically informed perspective of three leading scholars at the nexus of
information technology and policy. Fully readable and highly accessible online.

Goldman, Emily O., and John Arquilla, eds. Cyber Analogies. Monterey, CA: Naval Postgraduate School, 2014.
Edited volume sponsored by the US Cyber Command assessing the value of historical and cross-domain analogies, ranging from
military surprise attacks and nuclear planning to economic warfare, air defense, and offense-defense balances. Fascinating
testimony of how analysts and practitioners seek to understand and solve problems in a nascent, understudied area perceived as
vitally important.

Healey, Jason, ed. A Fierce Domain: Conflict in Cyberspace, 1986 to 2012. Vienna: Cyber Conflict Studies Association,
One of the first comprehensive historical accounts of cyberconflict, written from the practitioners perspective of a former member
of the US Air Force. The edited volume includes systematic analyses of ten case studies of important cyberconflicts between 1986
and 2012.

Kramer, Franklin D., Stuart H. Starr, and Larry Wentz, eds. Cyberpower and National Security. Washington, DC: Potomac,
This comprehensive edited volume develops conceptual policy recommendations for how the US government should strategically
use cyberpower to enhance its national and security interests. Key compendium of US military, scholarly, and industry voices on a
broad range of policy issues.

Libicki, Martin C. Conquest in Cyberspace: National Security and Information Warfare. Cambridge, UK: Cambridge
University Press, 2007.
An early and important analysis of the prospects for information warfare. The author contends that threats to information systems,
including in the areas of defense and command and control, are exaggerated, since control over these is difficult to sustain.

Segal, Adam. The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age. New York:
PublicAffairs, 2016.
A nonalarmist account of how cyberconflict and competition evolve internationally, written by a China expert. Argues that
cyberattacks pose less of a threat of bodily harm but more to infrastructures such as financial institutions, power grids, and security
networks and that the post-pax digital Americana order will once again be dominated by geopolitical maneuvers.

Singer, Peter W., and Allan Friedman. Cybersecurity and Cyberwar: What Everyone Needs to Know. What Everyone Needs
to Know. Oxford: Oxford University Press, 2014.
Highly readable, informative, and accessible entry point, with its own website providing a detailed table of contents and discussion
questions. Explores How It All Works, Why It Matters, and What Can We Do? Contends that transnational cyberthreats
increasingly undermine the prospects for effective international cooperation, which requires building more-resilient systems.

2 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Tikk-Ringas, Eneken, ed. Evolution of the Cyber Domain: The Implications for National and Global Security. London:
Routledge, 2015.
This comprehensive historical analysis illustrates key developments and trends shaping cybersecurity since the inception of
computer networking in the 1950s. Dedicates separate chapters to each decade as well as to the themes of Internet governance,
normative approaches to cybersecurity, intelligence, and military affairs. Attaches appendixes on international instruments and


While the general overviews are exclusively book-length studies, a number of scholarly journals have published important
contributions and debates on issues related to cybersecurity. Because cybersecurity is inherently a multidisciplinary subject of
study, it has been covered by journals in multiple fields, ranging from computer science and information technology to economics,
law, social psychology, sociology, political science, and international relations. All these disciplines also address trans- or
international aspects of cybersecurity. The journals selected here explicitly focus on interdisciplinary perspectives and questions
related to international relations. Two peer-reviewed journals launched in 20152016, the Journal of Cybersecurity and the Journal
of Cyber Policy, seek to promote a high-level scholarly dialogue between the relevant disciplines. The Journal of Strategic Studies
and Survival: Global Politics and Strategy have provided venues for key debates in the broader social science camp of strategic
studies. Journals sponsored by the US military, such as the Cyber Defense Review, the Journal of Information Warfare, and
Strategic Studies Quarterly, also constitute crucial sources. Finally, the journals Security and Communication Networks, IEEE
Security & Privacy, and Information Security Journal: A Global Perspective focus on technical aspects but also engage with policy
and strategic debates.

Cyber Defense Review.

Inaugurated in spring 2016, the Cyber Defense Review (CDR) is a quarterly published journal by the US Army Cyber Institute and
US Marine Corps Forces Cyberspace Command (MARFORCYBER) that has set out to become a forum for military and civilian
experts on cyber strategy, operations, tactics, history, law, and policy. Also features a useful blog.

IEEE Security & Privacy.

Published by the Institute of Electrical and Electronic Engineers (IEEE), this journal provides technically informed perspectives on
broader issues related to cybersecurity.

Information Security Journal: A Global Perspective.

Official journal of the International Information System Security Certification Consortium. Formerly known as Information Systems
Security and tailored for cybersecurity practitioners, it focuses on cloud security and social engineering.

Journal of Cyber Policy.

Managed by the London-based think tank Chatham House, the first two issues are scheduled for 2016. Aims at bridging the gap
between policy and technology, with a focus on cybersecurity, safety, access, and privacy.

3 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Journal of Cybersecurity.
Launched in December 2015, this fully open-access journal focuses on publishing interdisciplinary work on computer, information,
and systems security. It seeks to create a hub for the various disciplines within the broader cybersecurity community, also offering
an online resource center that provides details on conferences and events, cybersecurity training and guidelines, and other
background material.

Journal of Information Warfare.

Launched in 2001, among the earliest journals explicitly focusing on information warfare and operations, published by the US

Journal of Strategic Studies.

Well-established journal on strategic studies that published several groundbreaking articles on the probability of cyberwar in 2012,
which triggered vital debates and led to a cyber roundtable and a concomitant special issue in 2013 that remained a key reference

Security and Communication Networks.

Forum for the academic and industry research-and-development community on cybersecurity, with an emphasis on cryptographic
mechanisms applied to information and communication networks, and with a distinctly international editorial board.

Strategic Studies Quarterly.

US Air Forcesponsored journal with a strong focus on cybersecurity. Published several cybersecurity special editions that brought
together military and civilian analysts.

Survival: Global Politics and Strategy.

The most relevant Europe-based journal for cybersecurity debates, published by the International Institute for Strategic Studies.

Online Resources and Blogs

Cybersecurity is a young field of study that is evolving and changing quickly, in which research has proliferated dramatically across
disciplines in the early 21st century. A set of academic, policy, and industry websites and blogs provide useful entry points to
access sources and keep track of current debates. NATOs public diplomacy division has established the most extensive
multimedia online library available. Think tanks Council on Foreign Relations (CFR), Center for Strategic and International Studies,
and New America offer a continually updated anthology of links to key sources (Research Links: Cybersecurity Policy, an
interactive Cyber Incident Timeline, and a Global Cyber Definitions Database, respectively. The magazine Foreign Policy maintains
a dynamic channel on technology and cyber (Tech & Cyber). Bruce Schneiers blog (Schneier on Security) offers a critical voice on
early-21st-century cybersecurity developments. The Congressional Research Service regularly publishes a compendium of
authoritative reports and governmental documents (Tehan 2015). The International Organization for Standardization publishes
standards on definitions and concepts (ISO/IEC 27000:2016).

4 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Cyber Defence: Home. NATO Library Guides.

Most comprehensive multimedia online gateway to cybersecurity, presenting searchable links to official texts, articles, books,
reports, websites, videos, news, and blogs.

Cyber Incident Timeline. Center for Strategic and International Studies.

An interactive timeline that records significant cyber events since 2006 and is updated regularly, focusing on cyberattacks on
government agencies and defense and high-tech companies or on economic crimes with losses of more than a million dollars.

Cybersecurity Capacity Portal. Oxford Martin School.

Created by the University of Oxfords Global Cyber Security Capacity Center, the portal focuses on best practices and innovation in
building cybersecurity capacity across all world regions.

Global Cyber Definitions Database. New America Foundation.

Compilation of over nine hundred definitions of cybersecurity and related terms adopted by various institutions.

ISO/IEC 27000:2016: Information TechnologySecurity TechniquesInformation Security Management Systems

Overview and Vocabulary. International Organization for Standardization.
The first part of the ISO/IEC 27000 Information Security Management Systems standards by the International Organization for
Standardization and the International Electrotechnical Commission. Provides a technically informed and continually updated
introduction, including a glossary on information security. Indispensable supplement to social science and historical accounts.

Research Links: Cybersecurity Policy. Council on Foreign Relations.

Offers another useful gateway, listing links to news hubs; data, polls, and surveys; background and research guides; anthologies of
key publications; US government and congressional reports and legislation; public-private partnerships; and international
cooperation. Also links to CFRs Net Politics Blog and other useful blogs, and industry data on threat developments.

Schneier on Security.
Blog by cryptographer and computer security expert Bruce Schneier, fellow at Harvard Universitys Berkman Center for Internet
and Society, who offers a critical corrective voice on modern cybersecurity issues.

Tech & Cyber. Foreign Policy.

A cybersecurity-focused online channel by the leading online magazine on foreign policy.

Tehan, Rita. Cybersecurity: Authoritative Reports and Resources, by Topic. CRS Report for Congress. Washington, DC:
Congressional Research Service, 2015.
Latest edition of the regularly published, comprehensive, and accessible compendium of pivotal reports and resources by the US
Congressional Research Service. Highly useful overview of key US legislation, hearings, executive orders and presidential
directives, data and statistics, cybersecurity glossaries, reports, and websites.

5 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

International-Relations Perspectives on Cybersecurity

Despite a growing consensus that cyberspace has significant implications for international relations (IR) in general and security in
particular, existing scholarship has generated relatively few IR theory-oriented analyses on the topic so far, apart from early
pioneers such as Deibert 2003. Manjikian 2010 assesses the potential of realist and liberal approaches and illustrates how these
two approaches reveal the variation in Chinese, Russian, and US perceptions of the likelihood of conflict in cyberspace. In 2011,
the International Studies Associationthe disciplines most prominent institutional bodymade Power, Politics, Participation in the
Global Information Age the main theme of its annual convention, whose key publications appeared in a special issue of
International Studies Review (Singh and Simmons 2013). This publication illustrates the nascent scholarly debate on cybersecurity
within mainstream IR. The author of Choucri 2012 was among those encouraging the broader IR community to further explore
cybersecurity, which as she argued had become an integral part of national security. Both Junio 2013 and Kello 2013 contribute
approaches to IR theory building from the perspectives of principal agent and international security studies. Floridi and Taddeo
2014 links the IR debate on ethics with discussions on cybersecurity and assesses the utility of the Just War theory for tackling
ethical problems in cyberwarfare doctrines. Finally, Stevens 2016 adopts an eclectic IR approach of security studies, political
theory, and social theory to explore how cyberspace has changed the meaning of time and temporality in political processes related
to security.

Choucri, Nazli. Cyberpolitics in International Relations: Context, Connectivity, and Content. Cambridge, MA: MIT, 2012.
Among the early works on IR and cyberspace. Argues that cybersecurity has become the fourth dimension of state security next to
external, internal, and environmental security. Chapter 6 focuses on cyberconflicts and threats to security. For more details, see the
Harvard-MIT Explorations in Cyber International Relations project.

Deibert, Ronald J. Black Code: Censorship, Surveillance, and the Militarisation of Cyberspace. Millennium: Journal of
International Studies 32.3 (2003): 501530.
Deibert was one of the first political scientists examining how states begin to militarize cyberspace, what the consequences for
global communication environment are, and which forms of resistance occur.

Floridi, Luciano, and Mariarosaria Taddeo, eds. The Ethics of Information Warfare. Law, Governance and Technology 14.
Cham, Switzerland: Springer, 2014.
Discusses the ethical problems posed by waging war through the use of new information-and-communications technologies.
Includes stimulating contributions that reveal the benefits and limitations of the Just War theory and alternative approaches to solve
these problems.

Junio, Timothy J. How Probable Is Cyber War? Bringing IR Theory Back In to the Cyber Conflict Debate. Journal of
Strategic Studies 36.1 (2013): 125133.
As a part of a roundtable on whether cyberwarfare is a significant threat, this article calls for a research program for the study of
cyberwar and provides a theory-oriented approach from the principal-agent perspective.

Kello, Lucas. The Meaning of the Cyber Revolution: Perils to Theory and Statecraft. International Security 38.2 (2013):
Another contribution to building a framework for understanding cyberthreats and their consequences for security, taking the
perspective of international security studies. Argues that cyberweapons constitute a new threat marked by the use of nonmilitary
means of nontraditional actors to inflict economic and social harm that further expands the scholarly conceptualization of security.

Manjikian, Mary McEvoy. From Global Village to Virtual Battlespace: The Colonizing of the Internet and the Extension of
Realpolitik. International Studies Quarterly 54.2 (2010): 381401.

6 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Asks how realist and liberal IR theories can be applied to cyberspace, positing that these two schools arrive at strongly contrasting
predictions about the likelihood of cyberconflict and cooperation.

Singh, J. P., and Beth A. Simmons, eds. Special Issue: International Relationships in the Information Age. International
Studies Review 15.1 (2013).
Provides what is arguably the most comprehensive overview of IR scholarship on cyberspace, including key publications on

Stevens, Tim. Cyber Security and the Politics of Time. Cambridge, UK: Cambridge University Press, 2016.
Combines insights from IR, security studies, political theory, and social theory to study the politics of cybersecurity, illustrating how
cybersecurity communities understanding of time and temporality influences the political practice of cybersecurity and creates a
sense of urgency for pervasive and robust countermeasures against threats.

Cybersecurity and Cyberpower

Related to the scholarship on cybersecurity is the literature on how cyberspace shapes power in international politics, and the
impact these shifts have on the perception and meaning of national and international security. Defining cyberpower as an actors
ability to obtain preferred outcomes within and outside cyberspace by employing electronically interconnected information
resources, Nye 2011 highlights that the current information revolution changes the nature of power and increases its diffusion from
powerful states to smaller states and nonstate actors. The author cautions that this aspect of power diffusion might be more
threatening to international security than power shifts from established powers to states in the Global South. David Betz (Betz
2012) agrees but argues in contrast to Joseph Nye that greater connectivity has a perpetuating effect, if any, on the current global
distribution of military power capabilities. His argument is built on a conceptual work (Betz and Stevens 2011), which constructs a
multidimensional concept of cyberpower. Ebert and Maurer 2013 demonstrates that, in contrast to mainstream assumptions in IR
neorealist theories, rising powers have not pursued concerted power-balancing policies against the US cyber hegemony, and that
the outcome of cyber competitions among rising powers significantly shapes the conflict proneness of the future information-based
order. Klimburg 2011 provides an insightful conceptualization of cyberpower, the relationship between the state and
nongovernmental actors, and the use of proxy actors to project power.

Betz, David. Cyberpower in Strategic Affairs: Neither Unthinkable nor Blessed. Journal of Strategic Studies 35.5 (2012):
Argues, in contrast to Nye, that the information revolution has a limited effect on the distribution of power among states and that
greater connectivity, if anything, reinforces the existing distribution of military power, but agrees with him that nontraditional
strategic actors benefit disproportionately and that states should focus doctrinal adaptations on this aspect.

Betz, David J., and Tim Stevens. Cyberspace and the State: Toward a Strategy for Cyber-Power. Adelphi 424. New York:
Routledge, 2011.
Balanced study of the effects of cyberspace on the ways in which states project power. Develops a multidimensional concept of
cyber-power entailing compulsory, institutional, structural, and productive dimensions. Involves a discussion on sovereignty, war,
and dominion in cyberspace, concepts that are closely linked to cybersecurity, arguing that cyberwar is unlikely.

Ebert, Hannes, and Tim Maurer. Contested Cyberspace and Rising Powers. Third World Quarterly 34.6 (2013):
Examines the cybersecurity policies of the member states of the BRICS grouping (containing Brazil, Russia, India, China, and
South Africa), which seem to defy traditional assumptions by balance-of-power theories.

7 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Klimburg, Alexander. Mobilising Cyber Power. Survival 53.1 (2011): 4160.

Provides a conceptualization of cyberpower and the role of the state and nongovernmental actors and discusses how states such
as China and Russia project cyberpower by covertly or overtly using nonstate actors for deniable cyberattacks.

Nye, Joseph S., Jr. The Future of Power: Its Changing Nature and Use in the 21st Century. New York: PublicAffairs, 2011.
Building on his previous, seminal scholarship on power, Nye offers pioneering work on how, in the global information age, the
characteristics of cyberspace enhance the diffusion of power, which might well constitute a greater threat to international security
than power transition (in chapter 6 of this book on power generally, which is based on an earlier report).

Cybersecurity through the Lens of Securitization Theory

An increasing number of studies on cybersecurity have adopted the perspective of securitization theory, a diverse IR approach
associated with the Copenhagen school that draws on constructivist, realist, and post-structuralist assumptions and methods. In
general, the theory analyzes why, how, and with what consequences particular issues are constructed as distinct national or
international security concerns legitimizing extraordinary measures such as the use of force, large-scale intelligence gathering, and
invasion of privacy. Cyber issues have been framed as security concerns since the 1980s but became constructed as existential
threats to national security only in the postCold War era and in particular in the first decade of the 21st century, when uncertainty
related to technological innovation, rising powers in the Global South, and transnational terrorism increased. In this context, risks
became framed in terms such as weapons of mass disruption and electronic Pearl Harbors (compare Munro 1995, cited under
Cyberconflict). Eriksson and Giacomello 2006 builds on the senior authors earlier work on securitization of information technology
in Sweden to highlight the relative advantages of the securitization perspective compared to liberal and realist accounts. Hansen
and Nissenbaum 2009, the senior author among the leading scholars of securitization theory, argues that cyberspace has become
an additional sector next to the traditional military, political, economic, societal, and environmental sectors in which securitization
can take place. Cavelty 2013 broadens this perspective at the theoretical level by combining securitization theory with discourse
theory, as well as at the empirical level, by exploring how a selection of cybersecurity policies rely on competing threat
representations. Deibert and Rohozinski 2010 and Morozov 2011 identify a wave of securitization efforts in the first decade of the
21st century and discuss its implications for Internet freedom.

Cavelty, Myriam Dunn. From Cyber-bombs to Political Fallout: Threat Representations with an Impact in the Cyber-
security Discourse. In Special Issue: International Relationships in the Information Age. International Studies Review
15.1 (2013): 105122.
On the basis of the authors earlier work on cybersecurity and cyberthreat politics in the United States, the article combines
securitization theory with discourse theory to explore the language used to turn political issues related to cyberspace into security
matters. Cavelty identifies three main threat representations and links these to selected cybersecurity policies and practices.

Deibert, Ronald J., and Rafal Rohozinski. Risking Security: Policies and Paradoxes of Cyberspace Security.
International Political Sociology 4.1 (2010): 1532.
Detailed explanation of why governments shifted from a laissez-faire approach in the 1990s to a focus on managing risks, and what
implications this securitization process has on Internet freedom.

Eriksson, Johan, and Giampiero Giacomello. The Information Revolution, Security, and International Relations:
(IR)relevant Theory? International Political Science Review 27.3 (2006): 221244.
Early attempt to review IRs value to understand cybersecurity, contending that the constructivist focus on social images and
language emphasized in securitization theory and the liberal emphasis on interdependence promise a relatively greater potential
than do realist accounts to understand the impact of the information revolution on security.

8 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Hansen, Lene, and Helen Nissenbaum. Digital Disaster, Cyber Security, and the Copenhagen School. International
Studies Quarterly 53.4 (2009): 11551175.
Adopts securitization theory to analyze the securitization process in the case of cyberattacks against Estonian institutions in 2007,
which illustrates that the distinct constellation of threats and referent objects makes cybersecurity a distinct sector.

Morozov, Evgeny. The Net Delusion: The Dark Side of Internet Freedom. New York: PublicAffairs, 2011.
Highly readable and provocative account of the political ramifications of the spread of the Internet, highlighting how the latter
constricts and abolishes freedoms both in democratic and authoritarian states when security actors dominate the discourse.

Cyberthreats and Cyberrisks

The scholarship on cybersecurity threats to international security covers a range of different actors. It also includes foundational
debates about the nature of the threat and the technologys impact on conventional conflict and war. For example, the debate over
whether cyberwar will or will not take place consumed scholarly attention for several years. Similarly, cyberterrorism has been a
persistent theme in the literature, eventually shifting toward studies on how terrorists use the Internet. Both have been partly a
discussion about definitions, and the growing scholarship conceptualizing cyberweapons and cyberconflict has shed a more
nuanced light on the distinctions between various cybersecurity threats, ranging from espionage to sabotage, warfare, and
terrorism. The literature on cyberconflict has been expanding to include more-formal models on the timing of cyberconflict, to
discuss the relationship between cyberwarfare and conventional conflict, and to analyze the type of effects that are unique to
cyberoperations. With regard to actors, more state-centric perspectives have been complemented by a growing body of articles
examining proxy actors, independent hacktivist groups, and private-sector-active cyberdefense.

The Cyberwar Debate

Clarke and Knake 2010, titled Cyber War, sparked a revival of scholarly attention in cyberwar and an international debate about
whether cyberwar will or will not take place. Unlike previous scholarly discussions of this topic, this time it occurred against the
backdrop of the news coverage of the Stuxnet malware, the first cyberattack to have arguably crossed the use-of-force threshold,
causing physical damage to an Iranian nuclear facility. Zetter 2014 remains the most comprehensive account of Stuxnet to date.
While Clarke and Knake 2010 warns of the dangers of cyberwar, Rid and Arquilla 2012 and Rid 2013 constitute a rebuttal offering a
skeptical assessment of its occurrence. Thomas Rid applies classic political-science concepts such as number of deaths in a
conflict to discuss its qualification as war. His publication in turn prompted a series of responses, including by early cyberwar
theorist John Arquilla (Arquilla 2012) and by John Stone (Stone 2013), and increasingly nuanced discussions of the potential
effects of cyberoperations illustrated by Gartzke 2013 and Lindsay 2013, the latter a detailed discussion of Stuxnet and its
implications in 2013.

Arquilla, John. Rebuttal: Cyberwar Is Already upon Us. Foreign Policy 192 (MarchApril 2012): 8485.
In response to Rids article published in the same edition, Arquilla builds on his scholarship from the 1990s, arguing that cyberwar
is not a hypothetical scenario but is already occurring.

Clarke, Richard A., and Robert K. Knake. Cyber War: The Next Threat to National Security and What to Do about It. New
York: HarperCollins, 2010.
This book triggered a new debate in the United States and abroad over the possibility of cyberwar and threats to the United States.
It paints an alarmist picture of the increasing number of vulnerabilities and risks as the Internet has been expanding, with specific
proposals with recommendations for how to address it.

9 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Gartzke, Erik. The Myth of Cyberwar: Bringing War in Cyberspace Back Down to Earth. International Security 38.2
(2013): 4173.
A nuanced review of the debate about whether cyberwar will or will not take place, placing cyberoperations into the broader political
context and making the case for a logic of consequences to apply in evaluating the likelihood of cyberwarfare. Ultimately,
expresses a skeptical view about the notion of cyberwar per se.

Lindsay, Jon R. Stuxnet and the Limits of Cyber Warfare. Security Studies 22.3 (2013): 365404.
In-depth analysis of Stuxnet by a former US Navy officer, arguing that offense is not as easy as commonly assumed given the
complexity required to deploy a cyberweapon, thereby contradicting the dominant cyberrevolution thesis that cybercapabilities give
an advantage to stronger over weaker actors.

Rid, Thomas. Cyber War Will Not Take Place. London: Hurst, 2013.
This publication is Rids book-length expansion of the argument he advanced with Arquilla in their Foreign Policy article (Rid and
Arquilla 2012), embedding the assessment over whether cyberwar will or not take place in the broader political-science literature
and theory on war.

Rid, Thomas, and John Arquilla. Think Again: Cyberwar. Foreign Policy 192 (MarchApril 2012): 8084.
Offers a rebuttal to Clarke and Knakes alarmist account and those of other scholars, arguing that concerns over cyberwar are

Stone, John. Cyber War Will Take Place! Journal of Strategic Studies 36.1 (2013): 101108.
Stone joins the camp of those arguing that cyberwar will take place, relying on strategic theory to advance his argument in
response to Rid and Arquilla 2012.

Zetter, Kim. Countdown to Zero Day: Stuxnet and the Launch of the Worlds First Digital Weapon. New York: Crown, 2014.
Most comprehensive, investigative account of the Stuxnet malware at the time of its publication and to date.


The debate about whether cyberwar will or will not take place ultimately focused on questions of thresholdsnamely, the number
of fatalities and the scale of physical damage. While important, it also distracted scholarly attention from investigating the effect and
implications of the vast majority of cyberincidents occurring to date that remain below such thresholds and the legal threshold of
use of force and armed attack. The cyberwar debate informed the linguistic shift away from Neil Munros description of the fear of
an electronic Pearl Harbor (Munro 1995) toward notions of cyberconflict rather than war and toward the notion of cybered conflict
rather than cyberconflict. Rattray 2001, a discussion of strategic warfare in cyberspace, outlines many of the themes and
arguments still present in the cybersecurity literature today. After the hiatus and shift following the 9/11 terrorist attacks, scholarly
attention started to focus on cyberspace again several years later. For example, the publication of Cornish, et al. 2010 followed
cyberincidents making front-page news, such as the 2007 distributed-denial-of-service attack disrupting many online services in
Estonia. Lin 2012 discusses escalation dynamics and conflict termination, illustrating the growing depth of the scholarly
cybersecurity discussion and the combination of political with technical analysis. This includes Dombrowski and Demchak 2014,
which advances the notion of cybered conflict instead of cyberconflict to highlight that actions in cyberspace are usually coupled
with broader political tensions and conventional actions. And the authors of Axelrod and Iliev 2014 are among the first scholars to
apply formal, mathematical modeling to cyberconflict.

10 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Axelrod, Robert, and Rumen Iliev. Timing of Cyber Conflict. Proceedings of the National Academy of Sciences of the
United States of America 111.4 (2014): 12981303.
Analyzes and provides a mathematical model for the optimal timing for the use of cyber resources, applying it to the following case
studies: Stuxnet malware targeting an Iranian nuclear facility, cyberattack wiping hard drives of the Saudi company Saudi Aramco,
cyberespionage by the Chinese government, and China exercising economic coercion against Japan.

Cornish, Paul, David Livingstone, Dave Clemente, and Claire Yorke. On Cyber Warfare. London: Chatham House, 2010.
Argues for a review and adaptation of the UK national strategy to take into account cyberwarfare, viewing it as a new domain for
military engagement particularly benefiting smaller actors.

Dombrowski, Peter, and Chris C. Demchak. Cyber War, Cybered Conflict, and the Maritime Domain. Naval War College
Review 67.2 (2014): 7196.
Examines cyberoperations primarily from the perspective of its implications for US national security, particularly the US Navy and
maritime space, preferring to use the term cybered conflict instead of cyber war.

Lin, Herbert. Escalation Dynamics and Conflict Termination in Cyberspace. Strategic Studies Quarterly 6.3 (2012):
Systematically discusses key terminology and basic concepts relating to offensive cyberoperations before outlining escalation
dynamics in cyberspace, including a discussion of crisis stability, catalytic cyberconflict, signaling, impact assessment,
deescalation, and termination of conflict.

Munro, Neil. Fear of an Electronic Pearl Harbor. Washington Post, 16 July 1995.
Offers one of earliest quotes drawing analogy to Pearl Harbor, by citing Robert Ayers, head of the Defense Information Systems
Agencys information warfare unit, saying that We are not prepared for an electronic version of Pearl Harbor. . . . Our [electronic]
infrastructure is not safe and not secure.

Rattray, Gregory J. Strategic Warfare in Cyberspace. Cambridge, MA: MIT, 2001.

Written at the turn of the 21st century, this systematic analysis discusses strategic information warfare, delineating it from economic
competition. It focuses on the strategic effects that political actors might achieve, comparing it to the concept of strategic air power
developed after World War I and strategic information warfare developed in the 1990s.

Cyberoperations and Cyberweapons

The functioning and potential effects of cyberoperations and cyberweapons closely relate to the debate over whether cyberwar will
or will not take place and are integral parts of the scholarship on cyberconflict. These are also at the center of what differentiates
information operations from cyberoperations. Libicki 1995, a discussion and conceptualization of information warfare, is an early
attempt to distinguish among information warfare, electronic warfare, and cyberwarfare. Belk and Noyes 2012, on the use of the
offensive cybercapabilities, reflects the evolution in conceptual thinking in the interim years, with Liff 2012, Peterson 2013, and Herr
2014 offering increasingly detailed analysis of the composition and functioning of cyberweapons. Brown and Metcalf 2014, in turn,
provides a legal perspective on the concept of cyberweapons and related challenges.

Belk, Robert, and Matthew Noyes. On the Use of Offensive Cyber Capabilities: A Policy Analysis for the Department of
Defense Office of Cyber Policy. Policy Analysis Exercise. Cambridge, MA: John F. Kennedy School of Government, 2012.

11 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

A detailed ontology of cyberoperations and the development of a framework to assess implications of various cyberoperations in
the context of the US Department of Defenses cyber policy.

Brown, Gary D., and Andrew O. Metcalf. Easier Said Than Done: Legal Reviews of Cyber Weapons. Journal of National
Security Law & Policy 7.1 (2014): 115138.
Argues that academic approaches to cyberweapons are difficult to translate into practical legal concepts for military advisers.
Instead proposes to focus on the context of how a capability will be used, describing different techniques before discussing
application of existing law to cyberweapons and subsequently proposing a definition of cyber weapon.

Herr, Trey. PrEP: A Framework for Malware & Cyber Weapons. Journal of Information Warfare 13.1 (2014): 87106.
Offers a framework for conceptualizing malware and cyberweapons, arguing that all malware consists of three components:
propagation method, exploits, and payload.

Libicki, Martin C. What Is Information Warfare? Washington, DC: National Defense University Press, 1995.
A comprehensive analysis of the increasingly popular concept of information warfare at the time, arguing that information warfare
does not exist as a distinct warfare technique and distinguishing among seven different forms of information warfare.

Liff, Adam P. Cyberwar: A New Absolute Weapon? The Proliferation of Cyberwarfare Capabilities and Interstate War.
Journal of Strategic Studies 35.3 (2012): 401428.
Related to the cyberwar debate, this article discusses cyberweapons and the paucity of publications relying on classic international
relations (IR) theories to analyze cybersecurity.

Peterson, Dale. Offensive Cyber Weapons: Construction, Development, and Employment. Journal of Strategic Studies
36.1 (2013): 120124.
Excellent primer into the concept of a cyberweapon, specifically focusing on industrial control systems and highlighting that they
are relatively cheap to develop but difficult yet possible to deploy, and that maintaining a link to and persistent access to the
deployed weapon is the most challenging aspect.

Nongovernmental Actors and Cybersecurity

In addition to the scholarship on interstate warfare in and through cyberspace, there has been a growing number of publications
analyzing the role of nongovernmental actors in the context of cyberconflict. Applegate 2011, a discussion of cybermilitias and
political hackers, represents a growing interest in the role of nongovernmental actors. Schmitt and Vihul 2014, for example,
provides an in-depth examination, from an international-law perspective, of proxy actors and how they are used by states, whereas
Coleman 2014 offers a detailed anthropological account of the Anonymous hacktivist group. Meanwhile, Lachow 2013 and
Brangetto, et al. 2014 (the latter published following the sixth international CyCon conference, in Tallinn, Estonia) focus on active
cyberdefense by private companies.

Applegate, Scott D. Cybermilitias and Political HackersUse of Irregular Forces in Cyberwarfare. IEEE Security &
Privacy 9.5 (2011): 1622.
Following the cyberincidents in Estonia and Georgia, this article examines the role and status of nongovernmental actors carrying
out malicious cyberactivity, discussing if they should be treated as combatants or criminals.

12 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Brangetto, Pascal, Markus Maybaum, and Jan Stinissen, eds. 6th International Conference on Cyber Conflict:
Proceedings; 36 June 2014, Tallinn, Estonia. Tallinn, Estonia: NATO Cooperative Cyber Defence Centre of Excellence,
Collection of articles focusing on active cyberdefense, on the basis of presentations at the 2014 CyCon, an annual cybersecurity
conference hosted in Tallinn, Estonia.

Coleman, Gabriella. Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous. New York: Verso, 2014.
This book provides an anthropological study of the hacktivist network Anonymous from its evolution to the date of the books
publication. It is one of the most comprehensive analyses of Anonymous, tracing its evolution and interactions with governments
and other actors and providing a unique insight based on the authors access.

Lachow, Irving. Active Cyber Defense: A Framework for Policymakers. Washington, DC: Center for a New American
Security, 2013.
Provides a nuanced, technically informed overview of active cyberdefense and argues for its broader adoption by the private sector
to counter increasingly sophisticated threats.

Schmitt, Michael N., and Liis Vihul. Proxy Wars in Cyberspace: The Evolving International Law of Attribution. Fletcher
Security Review 1.2 (2014): 5473.
Provides in-depth analysis of existing thresholds in international law applying to proxy actors, arguing that these thresholds are
very high, predict states continuous use of nonstate actors, and observe little appetite of the international community to establish a
treaty regime.


Cyberterrorism is a special category relating to nongovernmental actors and is worthy of a stand-alone section. To date, there has
been no terrorist attack resulting from hacking. The cyberterrorism literature can be divided into publications studying the terrorist
use of the Internet, such as the use of social media for recruitment and communications purposes, and publications discussing
terrorists launching an actual cyberattack, which remains a hypothetical to date. Conway 2002 sheds light on the sometimes
confusing and sometimes sensationalist cyberterrorism terminology and how its been used in the literature; the authors insights
are valid to this day. Weimann 2004 assesses the cyberterrorism threat three years after 9/11, and Chen, et al. 2014 presents an
updated assessment ten years later. The International Law Association created a study group on cybersecurity, terrorism, and
international law in late 2013, which provided an overview of relevant international legal issues relating to cyberterrorism (Fidler
2015). In a latest development, a drone strike killed a hacker affiliated with a terrorist group for the first time in 2015, as described
in a Wall Street Journal article (Coker, et al. 2015).

Chen, Thomas M., Lee Jarvis, and Stuart Macdonald, eds. Cyberterrorism: Understanding, Assessment, and Response.
Berlin: Springer, 2014.
Book consisting of ten chapters written by contributors from multiple disciplines, examining legal definitions of cyberterrorism and
discussing cyberterrorism in the broader context of terrorism, and cyberthreats more generally.

Coker, Margaret, Danny Yadron, and Damian Paletta. Hacker Killed by Drone Was Islamic States Secret Weapon. Wall
Street Journal, 27 August 2015.
News article about the first drone strike used against a hacker affiliated with the terrorist group Islamic State.

13 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Conway, Maura. What Is Cyberterrorism? Current History 101.659 (2002): 436442.

Discusses what constitutes cyberterrorism, reviewing existing literature on the issue and arguing that terrorist use of the Internet
has often been confused with the more sensationalist cyberterrorism terminology.

Fidler, David P. Overview of International Legal Issues and Cyber Terrorism. London: International Law Association,
Provides a comprehensive analysis of international law relating to cyberterrorism, acknowledging that there is no known case of
terrorists having successfully launched a destructive cyberattack but that it has been identified as a potential threat repeatedly in
cybersecurity-related publications.

Weimann, Gabriel. Cyberterrorism: How Real Is the Threat? Special Report 119. Washington, DC: US Institute for Peace,
December 2004.
Argues that the cyberterrorism threat has been exaggerated but that cyberterrorism is a potential threat and that fears of its
occurrence have been driven by psychological, political, and economic factors.

Geopolitics of Cybersecurity

The theoretical scholarship on cyberwar and cyberconflict and the type of actors involved has been complemented by a growing
body of literature on the geopolitics of cybersecurity as well as government strategies and policies relating to cyberspace. The
United States, China, and Russia are among the most sophisticated state actors in cyberspace and are heavily involved in
international discussions about cyberconflict, and therefore they merit stand-alone sections. In addition, North Korea deserves
special attention in light of its use of offensive cyberoperations, as do countries in the Middle East (namely, Israel and Iran). The
cyberattack against Saudi Aramco is included to shed light on the developing threat landscape and escalatory development in the
early 21st century. Meanwhile, a New York Times article about hackers in Argentina and a BBC article about the arrest of Chinese
hackers in Kenya illustrate the global dimension of the cybersecurity ecosystem.

The United States and Cybersecurity

The United States remains the only superpower in the world, often setting precedents and standards emulated by other countries,
including regarding cyberspace and cyberconflict. In 2010, William Lynn, US deputy secretary of defense at the time, declares
cyberspace to be a new operational domain for the US military (Lynn 2010). Meanwhile, the Obama administration expressed a
specific desire for rules of the road for cyberspace in its 2011 international strategy for cyberspace (Obama 2011), influenced by a
growing sense of vulnerability and an increasing number of states developing military doctrines for cyberspace. A unique insight
into some of these vulnerabilities is provided by former senior counsel at the US National Security Agency, Joel Brenner (Brenner
2011). The complexity of cybersecurity is detailed in the Presidents Review Group on Intelligence and Communications
Technologies (US Government, the White House 2013), established in response to the disclosures by Edward Snowden in 2013,
which produced one of the most detailed discussions of cybersecurity, including the implications for security and liberty. One
particularly crucial aspect was further discussed in an unprecedented White House blog post describing the US governments
process for deciding when to disclose a vulnerability (Daniel 2014). The US governments international vision gained further
contour with the 2014 report of the US Department of States International Security Advisory Board, outlining the vision for
international cyberstability (US Department of State, International Security Advisory Board 2014). Five years after Lynn 2010, the
Pentagon released its new cyberstrategy, acknowledging offensive capabilities (US Department of Defense 2015), and Secretary of
State John Kerry outlined five specific norms to govern behavior in cyberspace in his 2015 speech in South Korea in furtherance of
the goal of international cyberstability (Kerry 2015).

Brenner, Joel. America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare. New York:
Penguin, 2011.

14 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Written by former senior counsel at the US National Security Agency, this book, written for a popular audience, offers an insightful
outline of various cybersecurity threats and the new challenges and questions they present.

Daniel, Michael. Heartbleed: Understanding When We Disclose Cyber Vulnerabilities. US Government, the White House,
28 April 2014.
This blog post published by the White House on its website provides a rare outline and some details about the governments
vulnerability equities process and decision making for when to withhold or disclose knowledge of computer vulnerabilities.

Kerry, John. An Open and Secure Internet: We Must Have Both. Seoul, South Korea, 18 May 2015.
Outlines the US governments international priorities for cyberspace, including outlining five international cybersecurity norms
proposed by the United States as rules of the road for cyberspace.

Lynn, William J., III. Defending a New Domain: The Pentagons Cyberstrategy. Foreign Affairs 89.5 (2010): 97108.
Official declaration by the US deputy secretary of defense that cyberspace is now considered to be an operational domain for the
military in addition to land, sea, air, and space.

Obama, Barack. International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World. White
House, May 2011.
Outlines the Obama administrations international strategy for cyberspace, including stating in the section on deterrence that the
United States will respond to hostile acts in cyberspace as we would to any other threat to our country.

US Department of Defense. The Department of Defense Cyber Strategy. April 2015.

This cyberstrategy released by the Pentagon reflects a shift in policy, with the Department of Defense no longer narrowly focused
on its own networks but defending US interests from cyberincidents, with significant consequences, as well as acknowledging
offensive capabilities.

US Department of State, International Security Advisory Board. Report on a Framework for International Cyber Stability. 2
July 2014.
Discusses potential avenues for international cooperation specifically through the lens of international cyberstability; noteworthy for
framing the ultimate political objective as such.

US Government, the White House. Liberty and Security in a Changing World: Report and Recommendations of the
Presidents Review Group on Intelligence and Communications Technologies. White House, 12 December 2013.
Established in the wake of the disclosures by Edward Snowden, this high-level expert group established by the US president
reviewed the US governments intelligence and cybersecurity policies and practices, issuing recommendations on a broad set of
issues beyond the immediate question of surveillance.

China and Cybersecurity

Mirroring US military discussions about cyberwarfare, Qiao Liang and Chiangsui Wang, two PLA officers, argue in Liang and Wang
1999 that China should use such means to exploit its asymmetric advantages. Zhang 2012 offers more insight into the Chinese
perspective on cybersecurity, demonstrating that beyond the military use of the Internet, Chinas view on cybersecurity is broader
than that of the US government and many others to also include content under the broader concept of information security.

15 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Meanwhile, the threat perception of Chinese espionage increased significantly over the years, leading to in-depth studies of
Chinese intelligence activities such as Inkster 2013 as well as Krekel, et al. 2012. Lindsay 20142015 offers an additional analysis
of Chinas cybersecurity strategy and is particularly noteworthy for trying to view the issue from Chinas perspective. Lieberthal and
Singer 2012 in turn explores the increasing tensions around cybersecurity in the broader context of US-China relations. Against the
backdrop of increasingly alarmist media coverage, Lindsay, et al. 2015 provides a detailed analysis of the issues, tensions, and
complexity involved. Meanwhile, Marczak, et al. 2015 documents the early-21st-century escalatory development related to Chinas
broader conception of cybersecurity tied to its domestic concerns.

Inkster, Nigel. Chinese Intelligence in the Cyber Age. Survival: Global Politics and Strategy 55.1 (2013): 4566.
Provides a historical analysis of intelligence in China and the evolution of Chinese foreign intelligence agencies after World War II,
as well as an outline of current intelligence organizational structures and Chinese use of cybercapabilities.

Krekel, Bryan, Patton Adams, and George Bakos. Occupying the Information High Ground: Chinese Capabilities for
Computer Network Operations and Cyber Espionage. McLean, VA: Northrup Grumman, 7 March 2012.
Written for the U.S.-China Economic and Security Review Commission, this more than 100-page report by Northrop Grumman
provides a detailed description of Chinas cybercapabilities, doctrine, and organizational structures.

Liang, Qiao, and Xiangsui Wang. Unrestricted Warfare. Beijing: PLA Literature and Arts Publishing House, 1999.
Outlines the thinking of two members of Chinas Peoples Liberation Army (PLA) on the military use of cyberspace and its
asymmetric advantages, specifically with regard to the United States.

Lieberthal, Kenneth, and Peter W. Singer. Cybersecurity and U.S.-China Relations. Washington, DC: Brookings Institution,
Report based on the discussions of a yearlong working group studying US-Chinese relations in the context of cybersecurity,
identifying it as an issue of growing concern and outlining an agenda for bilateral engagement on the topic.

Lindsay, Jon R. The Impact of China on Cybersecurity: Fiction and Friction. International Security 39.3 (20142015):
Provides a nuanced analysis of Chinas approach and policies regarding cyberspace, arguing that the perceived threat from China
is exaggerated and does not take into account Chinas own vulnerabilities.

Lindsay, Jon R., Tai Ming Cheung, and Derek S. Reveron, eds. China and Cybersecurity: Espionage, Strategy, and Politics
in the Digital Domain. New York: Oxford University Press, 2015.
The thirteen chapters of this book provide a unique, comprehensive analysis of Chinas cybersecurity policies, institutions, and
challenges, including contributions from Chinese experts (one of whom is a member of the PLA), presenting an insight into Chinese
perspectives on cybersecurity.

Marczak, Bill, Nicholas Weaver, Jakub Dalek, et al. Chinas Great Cannon. Toronto: University of Toronto, April 2015.
In-depth, comprehensive (including technical) analysis of the large-scale distributed-denial-of-service attack against GitHub and servers carried out by a Chinese offensive system dubbed Great Cannon.

Zhang, Li. A Chinese Perspective on Cyber War. In Special Issue: New Technologies and Warfare. International Review
of the Red Cross 94.886 (2012): 801807.

16 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

An article by a director of the China Institutes of Contemporary International Relations, the think tank of Chinas Ministry of State
Security and cosponsor of the Sino-U.S. Cybersecurity Dialogue, outlining a Chinese perspective on cyberwar and suggesting four
basic principles for the international community to adopt.

Russia and Cybersecurity

Russia is one of the most advanced cyberpowers. A detailed and historical overview of the governments approach to cyberspace
is provided in Soldatov and Borogan 2015. In 1998, Russia proposed an international cybersecurity treaty and initiated the process
at the UN, focusing on the use of information-and-communications technologies in the context of international security, which has
become the center of the international communitys discussion about cybersecurity norms today. Meanwhile, Russias perspective
and approach to cybersecurity differ significantly from that of the United States, which is the focus of three articles written by
Russian experts, focusing on the military use of the Internet (Bazylev, et al. 2012), international law and norms (Streltsov 2007),
and the application of arms control (Dylevsky, et al. 2014). Russia attracted particular scholarly attention following the
cyberincidents in Estonia in 2007 and in Georgia in 2008 and the conflict in Ukraine, which Geers 2015 and Tikk, et al. 2010
investigate in detail.

Bazylev, S. I., Igor N. Dylevsky, Sergei A. Komov, and Aleksandr N. Petrunin. The Russian Armed Forces in the
Information Environment: Principles, Rules, and Confidence-Building Measures. Military Thought 21.2 (2012): 1015.
Offers a Russian perspective on information security and the military use of cyberspace. Also summarizes the Russian militarys
conceptual views on activities in the information environment.

Dylevsky, Igor, Sergei Komov, Sergei Korotkov, Aleksandr N. Petrunin, and V. O. Zapivakhin. An International
Nonproliferation Regime for Information Weapons: Utopia or Reality? Military Thought 23.4 (2014): 111.
Discusses the concept of information weapons from a Russian perspective and explores and argues in favor of applying arms
control to cybersecurity, using the nuclear nonproliferation regime as a case study.

Geers, Kenneth, ed. Cyber War in Perspective: Russian Aggression against Ukraine. Tallinn, Estonia: NATO Cooperative
Cyber Defence Centre of Excellence, 2015.
An edited volume of eighteen chapters written by experts in Ukraine and abroad, assessing the role of cyberoperations during the
conflict in Ukraine (covering the period until fall 2015).

Soldatov, Andrei, and Irina Borogan. The Red Web: The Struggle between Russias Digital Dictators and the New Online
Revolutionaries. New York: PublicAffairs, 2015.
A unique piece of investigative journalism tracing the history of Russias surveillance system and intelligence agencies, providing
insight into the Russian governments perspective on information security.

Streltsov, A. A. International Information Security: Description and Legal Aspects. Disarmament Forum 3 (2007): 513.
Provides a historical review of the international communitys efforts to develop norms as well as insight into the Russian
perspective on the application of international law, including discussing the issue of territory, attribution problem, and critical

Tikk, Eneken, Kadri Kaska, and Liis Vihul. International Cyber Incidents: Legal Considerations. Vol. 112. Tallinn, Estonia:
NATO Cooperative Cyber Defence Centre of Excellence, 2010.
Comprehensive review and legal analysis of the cyberincidents occurring in Estonia, Belarus, Lithuania, and Georgia between

17 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

2007 and 2010.

Other Selected Countries and Regions Noteworthy in Cybersecurity Geopolitics

Several other countries must be highlighted in the context of geopolitical trends relating to cybersecurity, given their sophisticated
and increasingly sophisticated capabilities such as Israel, North Korea, and Iran, in addition to the worlds great powers. Jun, et al.
2015 focuses on North Korea, which deserves special attention in light of its use of offensive cyberoperations. Feakin, et al. 2015
provides an overview of cybersecurity developments in twenty countries in the Asia-Pacific region. Lewis 2014 discusses
cybersecurity from the perspective of the Gulf region, while Bronk and Tikk-Ringas 2013, an analysis of the cyberattack against the
oil company Saudi Aramco, is included to shed light on the developing threat landscape and escalatory development in the early
21st century. Tabansky and Ben Israel 2015 offers a comprehensive analysis of cybersecurity in Israel. Meanwhile, a New York
Times article about hackers in Argentina (Perlroth 2015) and a BBC article about the arrest of Chinese hackers in Kenya (BBC
2014) illustrate the global dimension of the cybersecurity ecosystem. Abdenur and Pereira da Silva Gama 2015 is included to
provide a reference and analysis of Brazils diplomatic efforts to curb cyberespionage following the Snowden disclosures.

Abdenur, Adriana Erthal, and Carlos Frederico Pereira da Silva Gama. Triggering the Norms Cascade: Brazils Initiatives
for Curbing Electronic Espionage. Global Governance: A Review of Multilateralism and International Organizations 21.3
(2015): 455474.
Analyzes Brazils diplomatic initiative for international regulation of cyberespionage in response to the Snowden disclosures, using
the literature from international relations (IR) norms and discussing the reframing of espionage through a human rights rather than
a security lens.

BBC. Kenya Breaks Chinese-Run Cyber Crime Network. BBC News, 4 December 2014.
News article about Chinese hackers arrested in Kenya, illustrating that hackers can potentially operate from third-party territories.

Bronk, Christopher, and Eneken Tikk-Ringas. The Cyber Attack on Saudi Aramco. Survival: Global Politics and Strategy
55.2 (2013): 8196.
Comprehensive analysis of the cyberattack against the Saudi Arabiabased oil company Saudi Aramco, the most damaging
cyberattack against a private company at the time and interpreted as a new escalatory development.

Feakin, Tobias, Jessica Woodall, and Liam Nevill. Cyber Maturity in the Asia-Pacific 2015. Canberra, Australia: Australian
Strategic Policy Institute, 2015.
This second annual assessment provides a ranking of twenty countries in the Asia-Pacific, scored on a series of indicators ranging
from governance to cybercrime, military, business, and social, including data on new developments and key trends in the region.

Jun, Jenny, Scott LaFoy, and Ethan Sohn. North Koreas Cyber Operations: Strategy and Responses. Washington, DC:
Center for Strategic and International Studies, 30 December 2015.
A comprehensive and in-depth analysis of North Koreas cyberoperations, containing an outline of North Koreas broader strategy,
including its cyber component as well as its organizational structures. The project directors were Victor D. Cha and James Andrew

Lewis, James Andrew. Cybersecurity and Stability in the Gulf. Washington, DC: Center for Strategic & International
Studies, 6 January 2014.
One of the first, lengthier reports analyzing cybersecurity in the Middle East from the perspective of the Gulf, highlighting that

18 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

stand-alone cyberincidents are part of a broader political pattern and conflict including the United States.

Perlroth, Nicole. In a Global Market for Hacking Talent, Argentines Stand Out. New York Times, 30 November 2015.
Article highlighting the global nature of the private market of cybercapabilities, providing details about the ecosystem in Argentina.

Tabansky, Lior, and Isaac Ben Israel. Cybersecurity in Israel. Springer Briefs in Cybersecurity. Cham, Switzerland:
Springer, 2015.
Provides a comprehensive and in-depth analysis of cybersecurity in Israel, including a discussion of the Israeli governments cyber
strategy, history, and future vision to further its cyberpower.

Laws, Norms, and Response Mechanisms in Cybersecurity

Whereas the debate around 2010 still focused on assessing whether cyberthreats are real or not, the growing number of
cyberincidents from Stuxnet to the Great Cannon and the Bangladeshi Central Bank cyberheist has since given way to a more
nuanced and detailed discussion of how to address the threats and how they relate to existing concepts and frameworks. Kanuck
2010 discusses how sovereignty and public international law apply to cyberspace, a topic that is also the focus of Demchak and
Dombrowski 2011, which argues that states are increasingly imposing Westphalian notions of sovereignty to the Internet. Healey
2011 offers a spectrum for assessing state responsibility for cyberattacks, while Clemente 2013 evaluates what infrastructure
should be considered critical. Skierka, et al. 2015 provides a general overview of response teams to computer security incidents,
and the nascent global-assistance regime. Barrett 2013 illustrates the growing number of publications assessing the use of
cyberoperations from an ethical perspective, with Arquilla and Ronfeldt 1993 being among the first studies advancing the argument
that cyberwarfare could potentially lead to a less violent form of warfare. Hughes 2010 explores the feasibility of a new
cybersecurity treaty, whereas Lin 2012 highlights the challenges of applying traditional arms controls to cyberspace.

Arquilla, John, and David Ronfeldt. Cyberwar Is Coming! Comparative Strategy 12.2 (1993): 141165.
One of the earliest if not the earliest publication arguing that cyberwarfare could potentially be a less cruel and bodily harmful way
of warfare.

Barrett, Edward T. Warfare in a New Domain: The Ethics of Military Cyber-operations. Journal of Military Ethics 12.1
(2013): 417.
One of a growing number of contributions by scholars of philosophy and ethics to the discussion about rules of the road for
cyberspace and potential restraints for the offensive use of the Internet for military purposes. The author discusses the ethical
implications of offensive cyberoperations from a perspective of jus ad bellum and jus in bello.

Clemente, Dave. Cyber Security and Global Interdependence: What Is Critical? London: Chatham House, 2013.
Evaluates critical infrastructures from the perspective of global interdependence. This report includes a set of recommendations
based on the assessment that significant global interdependence exists among critical infrastructures with growing challenges.

Demchak, Chris C., and Peter Dombrowski. Rise of a Cybered Westphalian Age. Strategic Studies Quarterly 5.1 (2011):
Argue that states are taking steps to replicate borders and to impose Westphalian sovereignty onto cyberspace, viewing Stuxnet as
a turning point. The authors encourage this process partly for practical reasons, to make harm through offensive cyberoperations
more difficult.

19 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Healey, Jason. The Spectrum of National Responsibility for Cyberattacks. Brown Journal of World Affairs 18.1 (2011):
This article discusses states use of nongovernmental actors as proxies and how they can be held responsible. It provides an
outline of the various relationships, mapping it onto a spectrum of state responsibility.

Hughes, Rex. A Treaty for Cyberspace. International Affairs 86.2 (2010): 523541.
Traces the evolution from geekspace to battlespace and discusses the feasibility and principles for a cybersecurity treaty.

Kanuck, Sean. Sovereign Discourse on Cyber Conflict under International Law. Texas Law Review 88.7 (2010):
This article, written by the US national intelligence officer for cyber issues, discusses sovereignty in the context of cyberspace, the
application of public international law, and norms and strategic considerations.

Lin, Herbert S. Arms Control in Cyberspace: Challenges and Opportunities. World Politics Review (6 March 2012):
Highlights the challenges for an international cybersecurity agreement and the differences to traditional arms control. Discusses
challenges around verification and enforcement as well as the role of transparency and confidence-building measures.

Skierka, Isabel, Robert Morgus, Mirko Hohmann, and Tim Maurer. CSIRT Basics for Policy-Makers: The History, Types &
Culture of Computer Security Incident Response Teams. Berlin: Global Public Policy Institute, 2015.
Provides a general overview into the history, evolution, roles, and functions of response teams to computer security incidents, as
well as the global governance structure of these teams.

International Law and Cyberspace

The international community has been actively discussing the role and application of international law to cyberspace. Until 2013,
there was active contestation by some states such as China of applying existing law, proposing to develop new law instead.
Meanwhile, international lawyers have been studying how to interpret specific international-law provisions in their application to
cyberspace, primarily focusing on jus ad bellum and jus in bello. Sharp 1999 provides an early analysis of how the law governing
the use of force applies to cyberspace, as does Drmann 2004, a discussion focusing on the Additional Protocols five years later.
Hathaway, et al. 2012 provides an in-depth analysis of the law applying to cyberattacks. Similarly, Roscini 2014 focuses on how
international humanitarian law can be applied to cyberoperations. The Tallinn Manual on the International Law Applicable to Cyber
Warfare (Schmitt 2013), developed by Michael Schmitt and a group of international lawyers, is the most comprehensive analysis of
how international humanitarian law applies to cyberspace. Harold Hongju Koh (Koh 2012), in his role as the legal adviser of the US
Department of State, outlines the US governments perspective on the application of international law. Lin 2011 pushes the
envelope of how international law applies, by focusing on cyberincidents whose effects remain below the threshold of use of force
and armed attack, which includes the vast majority of incidents to date. Similarly, Schmitt 2015 offers an in-depth assessment and
argument in favor of applying the legal concept of due diligence to cyberspace.

Drmann, Knut. Applicability of the Additional Protocols to Computer Network Attacks. International Committee of the
Red Cross, 19 November 2004.
Deputy head of the International Committee of the Red Crosss legal division analyzes the application of international humanitarian
law to computer network attacks, arguing that given Article 36, the Additional Protocols were likely intended to cover such new
means of warfare, largely sharing Schmitts views outlined in the latters article in the same volume.

20 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Hathaway, Oona A., Rebecca Crootof, Philip Levitz, et al. The Law of Cyber-attack. California Law Review 100.4 (2012):
Published a year prior to the release of the Tallinn Manual (Schmitt 2013), this article coauthored by Yale Law School professor
Hathaway analyzes the application of international law to cyberattacks.

Koh, Harold Hongju. International Law in Cyberspace. Harvard International Law Journal Online 54 (2012): 112.
Outlining his views in his role as legal adviser of the US Department of State while on leave from Yale Law School, Koh wrote this
article as the footnoted version of a speech he gave at the US Cyber Command in September 2012.

Lin, Herbert. Responding to Sub-threshold Cyber Intrusions: A Fertile Topic for Research and Discussion. In Special
Issue: International Engagement on Cyber: Establishing International Norms and Improved Cybersecurity. Georgetown
Journal of International Affairs 11 (2011): 127135.
Focuses specifically on cyberintrusions below the threshold of use of force and armed attack, highlighting that while nearly all
incidents to date fall into this category, scholars have spent significantly more attention discussing potential incidents above the

Roscini, Marco. Cyber Operations and the Use of Force in International Law. New York: Oxford University Press, 2014.
Consisting of five chapters, this book analyzes the application of international humanitarian law to cyberspace, with a chapter each
on cyber operations in the context of jus ad bellum and jus in bello followed by chapters focusing on the conduct of hostilities and
on the law of neutrality specifically.

Schmitt, Michael N., ed. Tallinn Manual on the International Law Applicable to Cyber Warfare. New York: Cambridge
University Press, 2013.
Detailing the consensus view of an independent group of twenty international-law experts and written under the auspices of
NATOs Cooperative Cyber Defence Centre of Excellence, the Tallinn Manual represents the most comprehensive analysis at the
time of its publication of the application of international law relating to cyberwarfare and has since become an important reference
document for this legal discussion.

Schmitt, Michael N. In Defense of Due Diligence in Cyberspace. Yale Law Journal Forum 125 (22 June 2015): 6881.
In-depth discussion of how the principle of due diligence in international law could apply to cyberspace, including its preventive
dimension, exploring pros and cons of its application and ultimately arguing in favor of its application.

Sharp, Walter G., Sr. Cyberspace and the Use of Force. Falls Church, VA: Aegis Research, 1999.
Comprehensive analysis by former deputy legal counsel to the chairman of the US Joint Chiefs of Staff on how existing
international law applies to the use of force in cyberspace, arguing that existing international law applies and that potential further
attempts to regulate such activities first require an understanding of the application of existing law and identification of potential

Norms and Cybersecurity

Complementing the consultations over the applicability of existing international law to cyberspace, much of the international
communitys discussion for rules of the road for cyberspace has centered on the concept of norms. Finnemore 2011 discusses
norms for cyberspace in the context of the broader related international relations (IR) literature, while Hollis 2011 is an example of a

21 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

specific norm proposed for cyberspace, using an analogy to existing norms. Kavanagh, et al. 2014 describes the various
international fora where the norms discussion is taking place, and Hurwitz 2015 and Farrell 2015 offer substantive input for which
norms to apply and develop for cyberspace. The reports by the groups of governmental experts developed under the auspices of
the UN (UN General Assembly 2013, UN General Assembly 2015) and the 2015 G20 communiqu (G20 Leaders Communiqu)
outline the international communitys views, to date, on how international law and norms apply to cyberspace. Osula and Rigas
2016 provides current expert perspectives on international cybersecurity norms.

Farrell, Henry. Promoting Norms for Cyberspace. New York: Council on Foreign Relations, 2015.
Argues that the US governments efforts to promote norms for cyberspace suffered a setback following the Edward Snowden
disclosures in 2013, and therefore recommends reforming US intelligence activities, providing more evidence when shaming
actors, and assigning a leadership role for other states and private actors in promoting such norms.

Finnemore, Martha. Cultivating International Cyber Norms. In Americas Cyber Future: Security and Prosperity in the
Information Age. Edited by Kristin M. Lord and Travis Sharp, 89101. Washington, DC: Center for a New American
Security, 2011.
Applies IR theory on norms to the political effort of developing international norms for cyberspace.

Group of 20. G20 Leaders Communiqu: Antalya Summit, 1516 November 2015.
First multilateral, head-of-state-level agreement that no country should conduct or support ICT-enabled theft of intellectual
property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to
companies or commercial sectors.

Hollis, Duncan B. An e-SOS for Cyberspace. Harvard International Law Journal 52.2 (2011): 374432.
Analyzes the applicability of international law to cyberspace and proposes to develop a norm similar to the SOS in the maritime
domain for cyberspace.

Hurwitz, Roger, ed. A Call to Cyber Norms: Discussions at the HarvardMITUniversity of Toronto Cyber Norms
Workshops, 2011 and 2012. Cambridge, MA: Belfer Center for Science and International Affairs, April 2015.
On the basis of discussions at the MIT / Harvard University / University of Toronto cyber norms workshops in 2011 and 2012, this
report discusses in eight chapters the evolution of the Wests cyber norms and alternative models, the applicability of international
law, norms, technological foundations, and roles of various actors.

Kavanagh, Camino, Tim Maurer, and Eneken Tikk-Ringas. Baseline Review of ICT-Related Processes and Events:
Implications for International and Regional Security (20112013). Cyber Policy Process Brief. Geneva, Switzerland:
ICT4Peace Foundation, 2014.
Provides comprehensive overview of international processes at regional and global levels from 2011 to 2013, focusing not just on
cybersecurity but on other related information and communications technology (ICT) issues from a broader diplomatic lens.

Osula, Anna-Maria, and Henry Rigas, eds. International Cyber Norms: Legal, Policy & Industry Perspectives. Tallinn,
Estonia: NATO Cooperative Cyber Defence Centre of Excellence, 2016.
This publication consists of eleven chapters discussing cyber norms from the perspectives of international law the and US
Department of Defense Law of War Manual; the process at the UN; and confidence-building measures, in comparison to space,
with regard to China; as well as from the perspective of the private sector.

22 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

UN General Assembly. UN Group of Governmental Experts on Developments in the Field of Information and
Telecommunications in the Context of International Security. A/68/98 (24 June 2013).
Following the first consensus report adopted by the preceding group of governmental experts under the auspices of the UN in
2010, this report is particularly noteworthy for its affirmation that existing international law and the UN Charter apply online as well
as offline, after years of resistance by some states.

UN General Assembly. Group of Governmental Experts on Developments in the Field of Information and
Telecommunications in the Context of International Security. A/70/174 (22 July 2015).
Building on UN General Assembly 2013, this document is the first detailed report adopted by the group of governmental experts
under the auspices of the UN, with specific details regarding the application of international law and outlining specific norms for

Confidence-Building Measures and Cybersecurity

Emulating the concept of confidence-building measures (CBMs) developed during the Cold War, states in the early 21st century
have started to focus on enhancing transparency and cooperation in the context of cybersecurity to reduce misperceptions and
mistrust. Lewis 2011 argues for this approach, and the UN Institute for Disarmament Research Cyber Index (UN Institute for
Disarmament Research 2013) discusses CBMs in depth, including their history and application to cyberspace. Healey, et al. 2014
proposes to advance CBMs for collaboration, crisis management, restraint, and engagement by not only relying on states but
including nongovernmental actors, too. The 2016 agreement of the Organization for Security and Co-operation in Europe (OSCE)
member states provides the most comprehensive list of CBMs for cyberspace to date, building on the initial agreement in 2013
(Organization for Security and Co-operation in Europe 2016).

Healey, Jason, John C. Mallery, Klara Tothova Jordan, and Nathaniel V. Youd. Confidence-Building Measures in
Cyberspace: A Multistakeholder Approach for Stability and Security. Washington, DC: Atlantic Council, 2014.
Proposes a multistakeholder-centric approach including nongovernmental actors to developing CBMs for cybersecurity, outlining
four types of CBMs ranging from collaboration to crisis management, restraint, and engagement.

Lewis, James Andrew. Confidence-Building and International Agreement in Cybersecurity. Disarmament Forum 4
(2011): 5160.
Written two years prior to the adoption of a first set of cybersecurity CBMs by the OSCE member states, this article analyzes and
argues in favor of CBMs to enhance international cooperation.

Organization for Security and Co-operation in Europe. Decision No. 1202: OSCE Confidence-Building Measures to
Reduce the Risks of Conflict Stemming from the Use of Information and Communication Technologies. PC.DEC/1202 (10
March 2016).
Outlines the most comprehensive set of CBMs agreed to by states multilaterally, building on an initial set adopted by the OSCE in

UN Institute for Disarmament Research. The Cyber Index: International Security Trends and Realities. Geneva,
Switzerland: UN, 2013.
In addition to providing an update to the 2011 cyber index of countries cybersecurity postures, this publication includes an
extended discussion of CBMs generally and their history and evolution, as well as their early-21st-century application to space and

23 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Deterrence and Cyberspace

Much of the strategic literature developed after World War II focused on the concept of deterrence. Comprehensive frameworks of
deterrence were soon adapted specifically for the context of the Cold War and nuclear deterrence. Nye 2011 compares nuclear
deterrence to deterrence in cyberspace, providing a nuanced assessment of its limitations and insights. Libicki 2009 offers an
in-depth analysis of how to apply deterrence for cyberspace, while Goodman 2010 discusses a series of cyberincidents from the
perspective of deterrence failures. Denning 2015 argues that cyberspace is not that different from other domains and that
deterrence ought to be discussed not in the context of cyberspace writ large but with respect to specific cyberweapons. A central
theme of the scholarship on deterrence and cyberspace focuses on attribution, with Lupovici 2016 applying constructivist theory to
the attribution problem and Rid and Buchanan 2015 providing a comprehensive review of the literature and synthesizing it in a new
model. Stevens 2012 explores deterrence in relationship to norms, and Tang, et al. 2010 provides perspectives on deterrence from
China, Russia, India, Norway, and the United States.

Denning, Dorothy E. Rethinking the Cyber Domain and Deterrence. Joint Forces Quarterly 77.2 (2015): 815.
Argues that other domains of warfare except land are as much man-made as cyberspace and that cyberspace has many
similarities to other domains, including significant constraints vis--vis its malleability. Moreover, the author suggests discussing
deterrence in the context of specific cyberweapons rather than the domain as a whole.

Goodman, Will. Cyber Deterrence: Tougher in Theory Than in Practice? Strategic Studies Quarterly 4.3 (2010): 102135.
Uses the distributed-denial-of-service attack against Estonia in 2007 and the conflict in Georgia in 2008 in addition to three
espionage incidents as case studies for deterrence failures and discussing the implications for broader deterrence theory.

Libicki, Martin C. Cyberdeterrence and Cyberwar. Santa Monica, CA: RAND, 2009.
In-depth analysis of deterrence in the context of cyberspace, discussing asymmetric advantages and incentives for states to use
offensive cyberoperations. Includes sections on strategic cyberwar and operational cyberwar, and a discussion of why intent of the
attacker matters.

Lupovici, Amir. The Attribution Problem and the Social Construction of Violence: Taking Cyber Deterrence Literature a
Step Forward. International Studies Perspectives (2 February 2016).
Applies constructivist theory to discuss the attribution problem and deterrence in the context of cybersecurity. The author uses
Stuxnet as a case study to examine social factors and the social construction of violence influencing actors behavior.

Nye, Joseph S., Jr. Nuclear Lessons for Cyber Security? Strategic Studies Quarterly 5.4 (2011): 1838.
Key article on the evolving debate about analogies between nuclear threats and cyberthreats and concomitant deterrence and
strategies. Argues that despite numerous differences, comparing the initial uncertainty about nuclear threats, strategies, and
cooperation in the Cold War helps put into perspective current challenges in designing cybersecurity policies.

Rid, Thomas, and Ben Buchanan. Attributing Cyber Attacks. Journal of Strategic Studies 38.12 (2015): 437.
Reviews state of the art of the literature on the attribution problem in cyberspace, concluding that attribution is not as difficult as it
was perceived to be and offering a model to guide the process to determine attribution.

Stevens, Tim. A Cyberwar of Ideas? Deterrence and Norms in Cyberspace. Contemporary Security Policy 33.1 (2012):
Analyzes deterrence in cyberspace by reviewing the evolution of US cyberdeterrence theory, discussing the relationship between

24 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

deterrence and norms, and studying the US approach and the role of deterrence and norms, as well as other norm entrepreneurs
(namely, Russia).

Tang, Lan, Xin Zhang, Harry D. Raduege Jr., Dmitry I. Grigoriev, Pavan Duggal, and Stein Schjlberg. Global Cyber
Deterrence: Views from China, the U.S., Russia, India, and Norway. Edited by Andrew Nagorski. New York: EastWest
Institute, April 2010.
A collection of five articles whose authors offer perspectives on cyberdeterrence from their respective countries.

International Institutions

Governments have engaged in regional and global institutions to enhance cooperation on reducing cybersecurity threats. Nye 2014
analyzes the evolution of a cybergovernance regime complex through the lens of regime theory. Choucri, et al. 2014 adopts
institutional theory to depict the institutional landscape of national and international responses to cybersecurity threats more
specifically. The authors find that the level and scope of organization and cooperation is steadily increasing, but they argue that the
cybersecurity institutional ecosystem as a whole is still under construction and that its multiple components are often
disconnected. An early and comprehensive analysis of international institutional responses to cyberthreats is provided in Portnoy
and Goodman 2009. These overviews reveal that the evolving cybersecurity regime complex consists not only of regional and
international governmental organizations and groupings, but also of nonprofit and for-profit international nongovernmental
organizations. In addition to these analyses, the NATO Cooperative Cyber Defence Centre of Excellence maintains an interactive
database (INCYDER) that provides a periodically updated overview of the multiple multilateral organizations active in cybersecurity,
as well as access to the relevant legal and policy documents these organizations adopted.

Choucri, Nazli, Stuart Madnick, and Jeremy Ferwerda. Institutions for Cyber Security: International Responses and
Global Imperatives. Information Technology for Development 20.2 (2014): 96121.
Provides an empirical catalogue of national and international institutions responding to cyberthreats and cybercrime, selected via
criteria defined by institutional theory, arguing that the institutional architecture has significantly developed but is still evolving as it
needs to design new pertinent mechanisms.

INCYDER. NATO Cooperative Cyber Defence Centre of Excellence.

INCYDER is the acronym for International Cyber Development Review. Catalogues the major regional and international
organizations, outlines the evolution of their activities and the main bodies in the cybersecurity area, and provides regularly
updated access to the key documents.

Nye, Joseph S., Jr. The Regime Complex for Managing Global Cyber Activities. Global Commission on Internet
Governance 1. Waterloo, ON: CIGI, 2014.
Takes the perspective of regime theory to map cybergovernance activities more broadly and finds that while there is no single
regime for the governance of cyberspace, a regime complexa loosely coupled set of institutions and normshas emerged. It
finds the issue of cyberwar to be highly state controlled and to involve many actors that contest the existing norms.

Portnoy, Michael, and Seymour Goodman, eds. Global Initiatives to Secure Cyberspace: An Emerging Landscape.
Advances in Information Security 42. New York: Springer, 2009.
Early and comprehensive mapping of evolving cybersecurity institutions across regions worldwide, also including a brief and
concise history of international responses to cyberthreats.

25 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

Global Institutions and Cybersecurity

International institutions operating at the global level have been focusing on cybersecurity particularly since the late 1990s. The
Group of Eight (G8), an intergovernmental grouping of eight nations representing the majority of the worlds economy at the time,
established the G8 24/7 High Tech Contact Points network in 1997 to facilitate communication between governments and help
them share information on evolving threats. Almost two decades later, the heads of member states of an enlarged grouping
representing the worlds leading economies, the G20, issued a statement outlining a norm against theft by states that is information
and communications technology (ICT) enabled (G20 Leaders Communiqu, cited under Norms and Cybersecurity). Among the
treaty-based, decision-making global international organizations, the UN has been the most active in discussing cybersecurity.
Maurer 2011 traces the complex involvement of multiple UN bodies in cybersecurity, including the First Committee of the UN
General Assembly to the International Telecommunications Union (ITU) as a specialized agency and their roles in the discussion
on international norms. Importantly, the UN established the group of governmental experts (GGE), which first convened in 2004
and since then has produced influential reports detailing states perspectives on international norms for cybersecurity. UN General
Assembly 2013 (cited under Norms and Cybersecurity) contains the groups second consensus report, including the agreement
that existing international law applies online as well as offline. The provisions in UN General Assembly 2013 are further
consolidated and specified by a successor report (UN General Assembly 2015, cited under Norms and Cybersecurity), which also
details a list of voluntary norms. Meanwhile, the Organisation for Economic Co-operation and Development (OECD) issued a new
set of guidelines in 2015, replacing those of 2002 and highlighting the importance of digital security for economic stability
(Organisation for Economic Co-operation and Development 2015).

G8 24/7 High Tech Contact Points. Cyber Security Cooperation.

A governmental informal network created by the G8 in cooperation with the International Criminal Police Organization (INTERPOL)
in 1997 to facilitate around-the-clock communication between the attending governments law enforcement agencies.

Maurer, Tim. Cyber Norm Emergence at the United Nations: An Analysis of the Activities at the UN Regarding Cyber-
security. Discussion Paper 2011-11. Cambridge, MA: Harvard Kennedy School, 2011.
Among the first comprehensive studies of the UNs activities relating to cybersecurity, conceptualizing two strands of discussion
politico-military and economicand applying the international relations (IR) literature on norms in the analysis of the activities
across UN bodies.

Organisation for Economic Co-operation and Development. Digital Security Risk Management for Economic and Social
Prosperity. OECD Recommendation and Companion Document. Paris: Organisation for Economic Co-operation and
Development, 2015.
The latest of a number of influential guidelines by the OECD Working Party for Security and Privacy in the Digital Economy, which
also maintains a useful archive on the institutions instruments, reports, and events.

UN Institute for Disarmament Research. Preliminary Assessment of National Doctrine and Organization. Geneva,
Switzerland: UN, 2011.
Provides a comprehensive overview of the UN member states cybersecurity doctrines and policies, including highlighting states
efforts to develop military and offensive cybercapabilities.

Regional Institutions and Cybersecurity

Regional institutions have become increasingly active in discussing the security of increasingly connected regional information
infrastructures, combating cybercrime, and projecting regional positions globally. The North Atlantic Treaty Organization (NATO), in
response to the distributed-denial-of-service attack against its member state Estonia in 2007, established the Cooperative Cyber
Defence Centre of Excellence and subsequently declared that cyberattacks might lead to the activation of collective defense
(NATO 2014). Fidler, et al. 2013 elaborates on this development. In the Asia-Pacific, the Association of Southeast Asian Nations

26 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

(ASEAN) and the ASEAN Regional Forum, the Asia-Pacific Economic Cooperation forum, and the Shanghai Cooperation
Organization (SCO) all have started cybersecurity initiatives to enhance intra- and cross-regional cooperation. Among these, the
latter has been among the most prominent in the global debate on cybersecurity norms. Following an agreement to enhance
cooperation on cybersecurity regionally (Shanghai Cooperation Organization 2009), SCO members subsequently submitted drafts
for an international code of conduct for information security to the UN General Assembly in 2011 and 2015, reviewed in detail in
McKune 2015. The Organization of American States (OAS) adopted an integral strategy to improve its member states
cybersecurity policies and enhance regional cooperation already in 2004 (Organization of American States 2004), whose
effectiveness is evaluated in a collaborative report with the Inter-American Development Bank (Organization of American States
and Inter-American Development Bank 2016). The African Union (AU) also acknowledged the increasing cybersecurity risks in its
member states and adopted a convention on cybersecurity in 2014 (African Union 2014). The European Union (EU) published a
cyber security strategy (European Union 2013), the first comprehensive document outlining the institutions vision and
responsibilities of national and EU-level entities across the three pillars of information-and-network security, law enforcement, and
defense. Importantly, it underlines that the member states remain primarily responsible for security cyberspace, and declares that
member states could invoke the EU Solidarity Clause in case of a particularly severe cyberattack. Christou 2016 describes the
negotiations that led to the strategy and explores future prospects. The Council of Europe has adopted the first international treaty
on cybercrime (Council of Europe 2001).

African Union. African Union Convention on Cyber Security and Personal Data Protection. Addis Ababa, Ethiopia: African
Union, 2014.
Adopted in June 2014, the convention establishes a standard legal framework to reduce risks in electronic transactions, protect
personal data, and address cyber insecurity and cybercrime at the national and AU levels. For a critical appraisal, including
concerns about the conventions human rights implications, see online.

Christou, George. Cybersecurity in the European Union: Resilience and Adaptability in Governance Policy. New Security
Challenges. Basingstoke, UK: Palgrave, 2016.
On the basis of a conceptual framework of cybersecurity as resilience in cyberspace, Christou reviews in seven chapters the
evolution of EU cybersecurity policymaking since 2005 or so and concludes that its structure is fragmented and the scope of
responses to cyberthreats is limited when compared to leading actors such as the United States.

Council of Europe. Convention on Cybercrime. CETS 185. Strasbourg, France: Council of Europe, 2001.
The Convention on Cybercrime, also known as the Budapest Convention, is the most comprehensive international treaty on
cybercrime, with fifty-five states having acceded to the treaty to date.

European Union. Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace. Brussels:
European Union, 2013.
Strategy document outlining the context of cyberthreats, strategic priorities and actions, and the roles and responsibilities.

Fidler, David P., Richard Pregent, and Alex Vandurme. NATO, Cyber Defense, and International Law. St. Johns Journal
of International & Comparative Law 4.1 (2013): 125.
The authors (the former, an expert on international law in cyberspace; the latter two, NATO officials) highlight the challenges facing
NATO member states with regard to principles, practices, and politics, and call upon the organization to adapt more rapidly before
a major cybercrisis recurs.

McKune, Sarah. Will the SCO States Efforts to Address Territorial Disputes in Cyberspace Determine the Future of
International Human Rights Law? Toronto: University of Toronto, 28 September 2015.
In-depth analysis of the latest draft of the International Code of Conduct for Information Security submitted by SCO members,

27 von 28 23.06.17, 11:38

Cyber Security - International Relations - Oxford Bibliographies

accompanied by an interactive, line-by-line, annotated comparison of the 2011 and 2015 versions.

NATO. Wales Summit Declaration. NATO, 2014.

After several years of internal discussions, NATO member states include a declaratory statement in the 2014 summit declaration
that NATOs Article 5 also covers cyberattacks and that its application will be decided on a case-by-case basis. Also states that
NATO recognizes that international law applies to cyberspace.

Organization of American States. The Inter-American Integral Strategy to Combat Threats to Cyber Security. Resolution
AG/RES. 2004 XXXXVI-O/04. Organization of American States, 2004.
Tasked the Secretariat of the OAS Inter-American Committee against Terrorism to support member states developing national
cybersecurity strategies, establishing national computer security incident response teams (CSIRTs) and maintaining a network
among these.

Organization of American States and Inter-American Development Bank, eds. Cybersecurity: Are We Ready in Latin
America and the Caribbean? 2016 Cybersecurity Report. Organization of American States, 2016.
A detailed description of early-21st-century cybersecurity challenges and trends in Latin America and the Caribbean, containing
both expert analyses and country reports based on quantitative data.

Shanghai Cooperation Organization. Agreement between the Governments of the Member States of the Shanghai
Cooperation Organization on Cooperation in the Field of International Information Security (unofficial translation).
Yekaterinburg, Russia, 16 June 2009.
Agreement charting future cooperation on cybersecurity among all SCO member states and constituting the basis for the
controversial International Code of Conduct for Information Security (available online), proposed by four SCO members in 2011
and submitted to the UN General Assembly as a revised version by six members in 2015 (available online).

back to top

Copyright 2017. All rights reserved.

28 von 28 23.06.17, 11:38