Keywords: risks, cybersecurity, governance, policy, critical information infrastructure protection, CIIP, critical infrastructures, information security, network security
The governance of cybersecurity: a framework for policy
Problems with information and network security have quickly moved up the political agenda. The current discussion on the governance of cybersecurity primarily focuses on technological measures and awareness raising. Although these certainly are important issues, the debate is lacking a framework to identify what role is appropriate for government. This paper provides a framework to assess what role, if any, government has regarding threats to information and network security.