The Oxford Handbook of Cyber Security

Cyber security is concerned with the identification, avoidance, management and mitigation of risk in, or from, cyber space. The risk concerns harm and damage that might occur as the result of everything from individual carelessness, to organised criminality, to industrial and national security espionage and, at the extreme end of the scale, to disabling attacks against a country's critical national infrastructure. However, there is much more to cyber space than vulnerability, risk, and threat. Cyber space security is an issue of strategy, both commercial and technological, and whose breadth spans the international, regional, national, and personal. It is a matter of hazard and vulnerability, as much as an opportunity for social, economic and cultural growth. Consistent with this outlook, The Oxford Handbook of Cyber Security takes a comprehensive and rounded approach to the still evolving topic of cyber security. The structure of the Handbook is intended to demonstrate how the scope of cyber security is beyond threat, vulnerability, and conflict and how it manifests on many levels of human interaction. An understanding of cyber security requires us to think not just in terms of policy and strategy, but also in terms of technology, economy, sociology, criminology, trade, and morality. Accordingly, contributors to the Handbook include experts in cyber security from around the world, offering a wide range of perspectives: former government officials, private sector executives, technologists, political scientists, strategists, lawyers, criminologists, ethicists, security consultants, and policy analysts.

Paul Cornish was educated at St Andrews, LSE, and Cambridge Universities. He has served in the British Army and the Foreign and Commonwealth Office, and has worked at research institutes including Chatham House, the UK Defence Academy, the Centre for Defence Studies (King's College London), RAND Europe, and the Universities of Cambridge, Bath, and Exeter. His work covers international security, national strategy, arms control, the ethics of armed force, civil-military relations and cyber security. He was Co-Director of the Cyber Security Capacity Building Centre at Oxford University, 2013-18, and Professorial Fellow at the Australian National University, 2017. He is Visiting Professor at LSE IDEAS, London School of Economics.

- Foreword - Introduction - PART I. Cyber Space: What it is and Why it Matters - 1: David Pym: The Origins of Cyberspace - 2: Greg Austin: Opportunity, Threat and Dependency in the Social Infosphere - 3: Madeline Carr: A Political History of Cyberspace - 4: Camino Kavanagh and Tim Stevens: Cyber Power in International Relations - 5: Onora O Neill: Ethical Standards and 'Communication' Technologies - PART II. Security in Cyber Space: Cyber Crime - 6: Roderic Broadhurst: Cybercrime: Thieves, Swindlers, Bandits and Privateers in Cyberspace - 7: Claire Vishik, Marcello Balduccini, Michael Huth, and Lawrence John: Making Sense of Cybersecurity in Emerging Technology Areas - 8: Eva Ignatuschtschenko: Assessing Harm from Cyber Crime - 9: José Eduardo Malta de Sá Brandão: Toward a Vulnerability Mitigation Model. - PART III. Security in Cyber Space: Extremism and Terrorism - 10: Alexander Corbeil and Rafal Rohozinski: Managing Risk: Terrorism, Violent Extremism and Anti-Democratic Tendencies in the Digital Space - 11: Sandro Gaycken: Cyberweapons - 12: Florian Egloff: Intentions and Cyberterrorism - 13: Caitríona Heinl: Technology: Access and Denial - PART IV. Security in Cyber Space: State-Sponsored Cyber Attacks - 14: Jon Lindsay: Cyber Espionage - 15: Ben Buchanan: Cyberwar Redux - 16: Herbert Lin and Jaclyn Kerr: On Cyber-Enabled Information Warfare and Information Operations - 17: Paul Cornish: The Deterrence and Prevention of Cyber Conflict - PART V. Technical and Corporate Cyber Security - 18: Nicole van der Meulen: Stepping out of the Shadow: Computer Security Incident Response Teams in the Cybersecurity Ecosystem - 19: Stuart Murdoch: Cybersecurity Information Sharing: Voluntary Beginnings and a Mandatory Future - 20: Fred Cate and Rachel Dockery: Data Privacy and Security Law - 21: Mike Steinmetz: The Insider Threat and the Insider Advocate - PART VI. Personal Cyber Security - 22: Dave Clemente: Personal Protection: Cyber Hygiene - 23: John Carr: Online Child Safety - 24: Roger Bradbury: Educating for Cyber Security - 25: Jonathon Penney: Cyber Security, Human Rights and Empiricism: The Case of Digital Surveillance - PART VII. National Cyber Security - 26: David Mussington: Securing the Critical National Infrastructure - 27: Mika Kerttunen: The Role of Defence in National Cyber Security - 28: Lara Pace and Paul Cornish: Cyber Security Capacity Building - PART VIII. Global Trade and Cyber Security - 29: Elaine Korzak: Cyber Security, Multilateral Export Control, and Standard Setting Arrangements - 30: David Fidler: Cyber Security, Global Commerce, and International Organisations - 31: Franz-Stefan Gady and Greg Austin: Global Trade and Cyber Security: Monitoring, Enforcement, and Sanctions - PART IX. International Cyber Security - 32: Nigel Inkster: Semi-Formal Diplomacy: Track 1.5 and Track 2 - 33: Tim Maurer: States, Proxies, and (Remote) Offensive Cyber Operations - 34: Melissa Hathaway: Getting Beyond Norms: When Violating the Agreement Becomes Customary Practice - 35: Thomas Wingfield and Harry Wingo: International Law for Cyber Space: Competition and Conflict - PART X. Perspectives on Cyber Security - 36: Tang Lan: Community of Common Future in Cyberspace: The Proposal and Practice of China - 37: Arun Mohan Sukumar: Look West or Look Easta India at the Crossroads of Cyberspace - 38: Lior Tabansky: Cybersecurity in Israel: Organisation and Future Challenges - 39: Yoko Nitta: The Evolving Concept of the Japanese Security Strategy - 40: Elina Noor: Contextualizing Malaysia's Cybersecurity Agenda - 41: Anton Shingarev and Anastasya Kazakova: The Russian Federation s Approach to Cyber Security - PART XI. Future Challenges - 42: Joëlle Webb: Rethinking the Governance of Technology in the Digital Age - 43: Caitríona Heinl: Maturing Autonomous Cyber Weapons Systems: Implications for International Cyber Security and Autonomous Weapons Systems Regimes - 44: Debi Ashenden: The Future Human and Behavioural Challenges of Cyber Security - 45: Chris Demchak: The Future of Democratic Civil Societies in a Post-Western Cybered Era - 46: Eneken Tikk: Future Normative Challenges - 47: Tim Unwin: Cybersecurity' and 'Development': Contested Futures - 48: Mike Steinmetz: Project Solarium 1953 and the Cyberspace Solarium Commission 2019 - Conclusion