Title: The governance of cybersecurity: a framework for policy

Authors: Michel J.G. Van Eeten, Hans De Bruijn, Mirjam Kars, Haiko Van Der Voort, Jaap Van Till

Addresses: Faculty of Technology, Policy and Management, Delft University of Technology, Jaffalaan 5, 2628 BX, Delft, Netherlands. ' Faculty of Technology, Policy and Management, Delft University of Technology, Jaffalaan 5, 2628 BX, Delft, Netherlands. ' Faculty of Technology, Policy and Management, Delft University of Technology, Jaffalaan 5, 2628 BX, Delft, Netherlands. ' Faculty of Technology, Policy and Management, Delft University of Technology, Jaffalaan 5, 2628 BX, Delft, Netherlands. ' Stratix Consulting, Villa Hestia, Utrechtseweg 29, 1213 TK, Hilversum and Lector at the HAN University of Applied Science, Arnhem, Netherlands

Abstract: Problems with information and network security have quickly moved up the political agenda. The current discussion on the governance of cybersecurity primarily focuses on technological measures and awareness raising. Although these certainly are important issues, the debate is lacking a framework to identify what role is appropriate for government. This paper provides a framework to assess what role, if any, government has regarding threats to information and network security.

Keywords: risks; cybersecurity; governance; policy; critical information infrastructure protection; CIIP; critical infrastructures; information security; network security.

DOI: 10.1504/IJCIS.2006.011345

International Journal of Critical Infrastructures, 2006 Vol.2 No.4, pp.357 - 378

Published online: 21 Nov 2006 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article