Print Email Facebook Twitter Patching security governance Title Patching security governance: an empirical view of emergent governance mechanisms for cybersecurity Author van Eeten, M.J.G. (TU Delft Organisation & Governance) Date 2017 Abstract Purpose: The issue of cybersecurity has been cast as the focal point of a fight between two conflicting governance models: the nation-state model of national security and the global governance model of multi-stakeholder collaboration, as seen in forums like IGF, IETF, ICANN, etc. There is a strange disconnect, however, between this supposed fight and the actual control over cybersecurity “on the ground”. This paper aims to reconnect discourse and control via a property rights approach, where control is located first and foremost in ownership. Design/methodology/approach: This paper first conceptualizes current governance mechanisms through ownership and property rights. These concepts locate control over internet resources. They also help us understand ongoing shifts in control. Such shifts in governance are actually happening, security governance is being patched left and right, but these arrangements bear little resemblance to either the national security model of states or the global model of multi-stakeholder collaboration. With the conceptualization in hand, the paper then presents case studies of governance that have emerged around specific security externalities. Findings: While not all mechanisms are equally effective, in each of the studied areas, the author found evidence of private actors partially internalizing the externalities, mostly on a voluntary basis and through network governance mechanisms. No one thinks that this is enough, but it is a starting point. Future research is needed to identify how these mechanisms can be extended or supplemented to further improve the governance of cybersecurity. Originality/value: This paper bridges together the disconnected research communities on governance and (technical) cybersecurity. Subject Data securityGovernanceInternet To reference this document use: http://resolver.tudelft.nl/uuid:b78b2e49-a2f8-49be-a44e-62f2df840bab DOI https://doi.org/10.1108/DPRG-05-2017-0029 ISSN 2398-5038 Source Digital Policy, Regulation and Governance, 19 (6), 429-448 Part of collection Institutional Repository Document type journal article Rights © 2017 M.J.G. van Eeten Files PDF DPRG_05_2017_0029.pdf 306.1 KB Close viewer /islandora/object/uuid:b78b2e49-a2f8-49be-a44e-62f2df840bab/datastream/OBJ/view