Dialogue, partnership and empowerment for network and information security: the changing role of the private sector from objects of regulation to regulation shapers

Helena Carrapiço*, Benjamin Farrand

*Corresponding author for this work

Research output: Contribution to journalArticle

Abstract

The protection of cyberspace has become one of the highest security priorities of governments worldwide. The EU is not an exception in this context, given its
rapidly developing cyber security policy. Since the 1990s, we could observe the
creation of three broad areas of policy interest: cyber-crime, critical information
infrastructures and cyber-defence. One of the main trends transversal to these areas is
the importance that the private sector has come to assume within them. In particular in the area of critical information infrastructure protection, the private sector is seen as a key stakeholder, given that it currently operates most infrastructures in this area. As a result of this operative capacity, the private sector has come to be understood as the expert in network and information systems security, whose knowledge is crucial for the regulation of the field. Adopting a Regulatory Capitalism framework, complemented by insights from Network Governance, we can identify the shifting role of the private sector in this field from one of a victim in need of protection in the first phase, to a commercial actor bearing responsibility for ensuring network resilience in the second, to an active policy shaper in the third, participating in the regulation of NIS by providing technical expertise. By drawing insights from the above-mentioned frameworks, we can better understand how private actors are involved in shaping regulatory responses, as well as why they have been incorporated into these regulatory networks.
Original languageEnglish
Pages (from-to)245–263
Number of pages19
JournalCrime Law and Social Change
Volume67
Issue number3
Early online date11 Oct 2016
DOIs
Publication statusPublished - 1 Apr 2017

Fingerprint

Private Sector
Information Services
empowerment
private sector
dialogue
Computer Security
regulation
Capitalism
infrastructure
Professional Competence
security policy
Crime
virtual reality
Information Systems
resilience
capitalist society
information system
expertise
EU
stakeholder

Bibliographical note

© The Author(s) 2016. This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide alink to the Creative Commons license, and indicate if changes were made.

Keywords

  • regulatory capitalism
  • network governance
  • network information security
  • Internet
  • regulation

Cite this

Carrapiço, Helena ; Farrand, Benjamin. / Dialogue, partnership and empowerment for network and information security : the changing role of the private sector from objects of regulation to regulation shapers. In: Crime Law and Social Change. 2017 ; Vol. 67, No. 3. pp. 245–263.
@article{d4b4cfe0631c4b58a1f99af7b5844e32,
title = "Dialogue, partnership and empowerment for network and information security: the changing role of the private sector from objects of regulation to regulation shapers",
abstract = "The protection of cyberspace has become one of the highest security priorities of governments worldwide. The EU is not an exception in this context, given itsrapidly developing cyber security policy. Since the 1990s, we could observe thecreation of three broad areas of policy interest: cyber-crime, critical informationinfrastructures and cyber-defence. One of the main trends transversal to these areas isthe importance that the private sector has come to assume within them. In particular in the area of critical information infrastructure protection, the private sector is seen as a key stakeholder, given that it currently operates most infrastructures in this area. As a result of this operative capacity, the private sector has come to be understood as the expert in network and information systems security, whose knowledge is crucial for the regulation of the field. Adopting a Regulatory Capitalism framework, complemented by insights from Network Governance, we can identify the shifting role of the private sector in this field from one of a victim in need of protection in the first phase, to a commercial actor bearing responsibility for ensuring network resilience in the second, to an active policy shaper in the third, participating in the regulation of NIS by providing technical expertise. By drawing insights from the above-mentioned frameworks, we can better understand how private actors are involved in shaping regulatory responses, as well as why they have been incorporated into these regulatory networks.",
keywords = "regulatory capitalism, network governance, network information security, Internet , regulation",
author = "Helena Carrapi{\cc}o and Benjamin Farrand",
note = "{\circledC} The Author(s) 2016. This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide alink to the Creative Commons license, and indicate if changes were made.",
year = "2017",
month = "4",
day = "1",
doi = "10.1007/s10611-016-9652-4",
language = "English",
volume = "67",
pages = "245–263",
number = "3",

}

Dialogue, partnership and empowerment for network and information security : the changing role of the private sector from objects of regulation to regulation shapers. / Carrapiço, Helena; Farrand, Benjamin.

In: Crime Law and Social Change, Vol. 67, No. 3, 01.04.2017, p. 245–263.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Dialogue, partnership and empowerment for network and information security

T2 - the changing role of the private sector from objects of regulation to regulation shapers

AU - Carrapiço, Helena

AU - Farrand, Benjamin

N1 - © The Author(s) 2016. This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide alink to the Creative Commons license, and indicate if changes were made.

PY - 2017/4/1

Y1 - 2017/4/1

N2 - The protection of cyberspace has become one of the highest security priorities of governments worldwide. The EU is not an exception in this context, given itsrapidly developing cyber security policy. Since the 1990s, we could observe thecreation of three broad areas of policy interest: cyber-crime, critical informationinfrastructures and cyber-defence. One of the main trends transversal to these areas isthe importance that the private sector has come to assume within them. In particular in the area of critical information infrastructure protection, the private sector is seen as a key stakeholder, given that it currently operates most infrastructures in this area. As a result of this operative capacity, the private sector has come to be understood as the expert in network and information systems security, whose knowledge is crucial for the regulation of the field. Adopting a Regulatory Capitalism framework, complemented by insights from Network Governance, we can identify the shifting role of the private sector in this field from one of a victim in need of protection in the first phase, to a commercial actor bearing responsibility for ensuring network resilience in the second, to an active policy shaper in the third, participating in the regulation of NIS by providing technical expertise. By drawing insights from the above-mentioned frameworks, we can better understand how private actors are involved in shaping regulatory responses, as well as why they have been incorporated into these regulatory networks.

AB - The protection of cyberspace has become one of the highest security priorities of governments worldwide. The EU is not an exception in this context, given itsrapidly developing cyber security policy. Since the 1990s, we could observe thecreation of three broad areas of policy interest: cyber-crime, critical informationinfrastructures and cyber-defence. One of the main trends transversal to these areas isthe importance that the private sector has come to assume within them. In particular in the area of critical information infrastructure protection, the private sector is seen as a key stakeholder, given that it currently operates most infrastructures in this area. As a result of this operative capacity, the private sector has come to be understood as the expert in network and information systems security, whose knowledge is crucial for the regulation of the field. Adopting a Regulatory Capitalism framework, complemented by insights from Network Governance, we can identify the shifting role of the private sector in this field from one of a victim in need of protection in the first phase, to a commercial actor bearing responsibility for ensuring network resilience in the second, to an active policy shaper in the third, participating in the regulation of NIS by providing technical expertise. By drawing insights from the above-mentioned frameworks, we can better understand how private actors are involved in shaping regulatory responses, as well as why they have been incorporated into these regulatory networks.

KW - regulatory capitalism

KW - network governance

KW - network information security

KW - Internet

KW - regulation

UR - http://www.scopus.com/inward/record.url?scp=84991106706&partnerID=8YFLogxK

UR - https://link.springer.com/article/10.1007%2Fs10611-016-9652-4

U2 - 10.1007/s10611-016-9652-4

DO - 10.1007/s10611-016-9652-4

M3 - Article

AN - SCOPUS:84991106706

VL - 67

SP - 245

EP - 263

IS - 3

ER -