Interest in cybersecurity in the context of international relations has never been greater. To provide a resource for interested decision- and policy-makers, academics, as well as the general public, Carnegie’s Tim Maurer, who co-directs Carnegie’s Cyber Policy Initiative, and Hannes Ebert, a research fellow at the German Institute of Global and Area Studies, developed a curated list of some of the most relevant literature published on this issue in the past years. This list is complemented by short descriptive commentary for each publication and was published by Oxford Bibliographies in January 2017. This resource includes selected works published by summer 2016 divided into the following categories:
- General Overviews
- Online Resources and Blogs
- International-Relations Perspectives on Cybersecurity
- Cyberthreats and Cyberrisks
- Geopolitics of Cybersecurity
- Laws, Norms, and Response Mechanisms in Cybersecurity
- International Institutions
The introductory text of the article is available below and the full resource at: http://oxfordbibliographiesonline.com/view/document/obo-9780199743292/obo-9780199743292-0196.xml?
The Internet has expanded rapidly since its commercialization in the mid-1990s. In the early 21st century, a third of the world’s population has access to the technology, with another 1.5 billion expected to gain access by 2020. Moreover, the “Internet of Things” will lead to an exponential number of devices being connected to the network. As a result, the economic and political incentives to exploit the network for malicious purposes have also increased, and cybersecurity has reached head-of-state-level attention. In parallel, publications on the topic by academic, policy, industry, and military institutions have multiplied. Scholars within the international relations (IR) discipline and its subfields of security studies and strategic studies increasingly focus on the technology’s implications on national and international security. This includes studying its effect on related concepts such as power, sovereignty, global governance, and securitization. Meanwhile, the meaning of cybersecurity and information security has been highly contested. Broad definitions of the concept incorporate a wide range of cyberthreats and cyberrisks, including cyberwarfare, cyberconflict, cyberterrorism, cybercrime, and cyberespionage as well as cybercontent, while narrower conceptualizations focus on the more technical aspects relating to network and computer security. This article focuses on cybersecurity in the IR context from the perspective of political conflict, including the scholarship on cyberwarfare, cyberconflict, and cyberterrorism. The literature on cybercrime deserves a stand-alone article, as does cyberespionage from the perspective of surveillance and intelligence activities. This article references only a few publications from the latter two categories as they relate to cyberconflict. While scholars take the technology’s implications for international security increasingly seriously, they continue to disagree about the level and nature of threat and the appropriate policy responses that governments and other stakeholders should adopt. States also have very different perspectives on cyberspace and its appropriate use, with an increasing number developing offensive cybercapabilities. Cybersecurity has become an integral part of governments’ national defense and foreign and security policies and doctrines, contributing to the construction of cybersecurity as a new domain of warfare. Efforts to develop rules of the road for cyberspace focus on the applicability of existing international law, potential gaps, the development of norms, confidence-building measures, and postulating deterrence postures. As a consequence, a cybersecurity regime complex has evolved, encompassing multiple regional and international institutions that play pivotal roles in shaping policy responses. This article offers a selective list of relevant literature. The coauthors would like to thank the experts in China, India, Russia, Switzerland, and the United States who responded to their request to share their top-ten most relevant cybersecurity publications. The coauthors incorporated this feedback in their process for developing this article to reduce bias and to include international perspectives on the most-relevant English-language literature.