This book argues that cybersecurity's informational ontology offers empirical challenges, and introduces a new interdisciplinary theoretical and conceptual framework of 'entropic security'.
Cyber-attacks have been growing exponentially in number and sophistication; ranging from those conducted by non-state actors to state-backed cyber-attacks. Accordingly, cybersecurity now constitutes an integral part of public, private, and academic discourses on contemporary (in)security. Yet, because its emergence as a novel security field occurred after many long-established frameworks had already been developed, cybersecurity has been repeatedly scrutinised for its compatibility with conventional security theories, concepts, and understandings, particularly with that of military security. This book, however, argues that cybersecurity differs profoundly from many other security sectors because of the ontological nature of 'information' that sits at the heart of this field. Through this new framework, the book investigates three key empirical challenges in cybersecurity that are co-produced by its informational ontology: (1) the disordered nature of cybersecurity and its tendency towards increasing insecurity as a manifestation of the intrinsic uncertainties in information systems; (2) the unpredictable and unintended consequences resulting from autonomous cyber-attacks that challenge human control of cybersecurity environments; and (3) the persistent harms engendered by 'mundane' cyber threats that do not fit within conventional understandings of existentiality in security theories. Through a detailed analysis of cybersecurity discourses and practices in the USA (2003-present), the book goes on to show how these complex cybersecurity challenges are better analysed and theorised through the new information-theoretic notion of 'entropic security'.
This book will be of much interest to students of cyber-security, critical security studies, science and technology studies and International Relations in general.