Books by Tim Stevens
Cyberspace and Instability, 2023
Edward Elgar, 2024
This Research Handbook provides a rigorous analysis of cyberwarfare, a widely misunderstood field... more This Research Handbook provides a rigorous analysis of cyberwarfare, a widely misunderstood field of contemporary conflict and geopolitical competition. Gathering insights from leading scholars and practitioners, it examines the actors involved in cyberwarfare, their objectives and strategies, and scrutinises the impact of cyberwarfare in a world dependent on connectivity.
Bristol University Press, 2023
How will protecting our digital infrastructure shape our future?
Cybersecurity is one of the key... more How will protecting our digital infrastructure shape our future?
Cybersecurity is one of the key practical and political challenges of our time. It is at the heart of how modern societies survive and thrive, yet public understanding is still rudimentary: media portrayals of hoodie-wearing hackers accessing the Pentagon don’t convey its complexity or significance to contemporary life.
This book addresses this gap, showing that the political dimension is as important as the technological one. It accessibly explains the complexities of global information systems, the challenges of providing security to users, societies, states and the international system, and the multitude of competing players and ambitions in this arena.
Making the case for understanding it not only as a technical project, but as a crucial political one that links competing visions of what cybersecurity is for, it tackles the ultimate question: how can we do it better?
They do not necessarily reflect the policy or the opinion of NATO CCDCOE, NATO, or any agency or ... more They do not necessarily reflect the policy or the opinion of NATO CCDCOE, NATO, or any agency or any government. NATO CCDCOE may not be held responsible for any loss or harm arising from the use of information contained in this book and is not responsible for the content of the external sources, including external websites referenced in this publication.
Time, Temporality and Global Politics
This chapter draws attention to the nature of chronometric administration as a form of global gov... more This chapter draws attention to the nature of chronometric administration as a form of global governance. The chapter explores how global time is governed through an assemblage of institutions, norms, standards, multilateral agreements and technologies that produce the sociotechnical chronos, the dynamic and negotiated ‘time of the world’.
'Cyber security' is a recent addition to the global security agenda, concerned with protecting st... more 'Cyber security' is a recent addition to the global security agenda, concerned with protecting states and citizens from the misuse of computer networks for war, terrorism, economic espionage and criminal gain. Many argue that the ubiquity of computer networks calls for robust and pervasive countermeasures, not least governments concerned at their potential effects on national and economic security, Drawing on critical literature in International Relations, security studies, political theory and social theory, this is the first book that describes how these visions of future cyber security are sustained in the communities that articulate them. Specifically, it shows that conceptions of time and temporality are foundational to the politics of cyber security. It explores how cyber security communities understand the past, present and future, thereby shaping cyber security as a political practice. Integrating a wide range of conceptual and empirical resources, this innovative book provides insight for scholars, practitioners and policymakers.
"The so-called cyber-threat commands the attention of multinational corporations, governments and... more "The so-called cyber-threat commands the attention of multinational corporations, governments and the strategic community, keen as they are to harness the power of digital communications yet anxious to protect their interests. Attacks such as those which disrupted on-line banking in Estonia and defaced government websites in Georgia, as well as the infamous Stuxnet worm that temporarily shut down Iran’s nuclear programme, are vivid examples of what may be possible within this new strategic domain. But are our networked societies really vulnerable, as some have suggested, to a knock-out blow, perpetrated by state-sponsored hackers or terrorists? And what can be done to defend the state from this and from the encroachment of external networks that transcend its borders and breach its laws?
This Adelphi tackles the range of issues raised by our dependence on digital networks. It considers how instantaneous, global communications are challenging national and social orders and what shape those challenges may take as the net is cast ever wider. Comparing the transformations of the Information Age with those of previous generations, when new technologies and emerging transnational threats spread panic in political and strategic circles, the authors examine the real implications for states and statehood."
Articles in English by Tim Stevens
International Affairs, 2024
Cybersecurity in national and international security is frequently discussed in an existential re... more Cybersecurity in national and international security is frequently discussed in an existential register. However, most cybersecurity activities are normal and routine, including diverse practices of cyber risk management. The intricacies of cyber risk and its connection to security and threat politics have received surprisingly little attention in the cyber politics literature. This article addresses this gap through a twofold theoretical proposition. The first argues that cyber risk in policy and practice inhabits a continuum between 'classical' risk and security postures. The second proposes the existence of multiple risk logics located in different positions on this continuum. To illustrate this, we outline two distinct cyber risk logics-'risk as potential threats' and 'risk as uncertainty'. Through an exploratory case study of UK risk policy and guidance, we find indications of the simultaneous existence of these risk logics, including in specific organisational contexts. We propose that 'risk as potential threats', in particular, acts as a 'bridge' between conventional risk and security. We conclude by discussing how differentiating cyber risk logics facilitates a finer-grained appreciation of cybersecurity policy and practice and provides opportunities for disciplinary engagement with the organisational and institutional politics of cybersecurity and 'the international'.
Journal of Cyber Policy, 2024
How does a reflexive scholarly practice matter for producing useful cybersecurity knowledge and p... more How does a reflexive scholarly practice matter for producing useful cybersecurity knowledge and policy? We argue that staking relevance without engaging in reflexivity diminishes the usefulness of knowledge produced both in academia and in policy. To advance a reflexive research agenda in cybersecurity, this forum offers a collective interrogation of the liminal positionality of the cybersecurity scholar. We examine the politics
of ‘the making of’ cybersecurity expertise as knowledge practitioners who are located across and in between the diverse and overlapping fields of academia, diplomacy and policy. Cybersecurity expertise, and the practices of the cybersecurity epistemic community more broadly, rely heavily on the perceived applicability and actionability of knowledge outputs, on the practical dependency on policy practitioners regarding access, and thus on the continuous negotiation of hierarchies of knowledge. Participants in this forum reflect on their research practice of negotiating such dilemmas. Collectively, we draw on these contributions to identify obstacles and opportunities towards realising a reflexive research practice in cybersecurity.
Journal of Cyber Policy, 2021
Digital espionage has ColdWar origins, but states are still determining
how to respond when they ... more Digital espionage has ColdWar origins, but states are still determining
how to respond when they are found to be its latest victims. In
multilateral discussions about norms of responsible state behaviour
in cyberspace, digital political espionage is the elephant in the
room. Like other aspects of inter-state intelligence competition,
digital espionage is ‘business as usual’ but can also lead to tensions,
particularly when operations become public. The strategic
consequences of digital espionage appear significant, as
asymmetries of state power and poor understanding of technical
aspects of cyber operations lead to uncertainty about appropriate
responses to ‘cyber victimhood’. We offer multiple propositions to
frame state responses to digital espionage, focusing on the
relational power of the victim and spying states and their bilateral
relationships. States will generally respond proportionately to stateon-
state digital espionage, whilst domestic-political factors pressure
them to adopt more robust, cost-imposing measures that may
exacerbate the strategic consequences of digital espionage. We
illustrate these propositions with three recent cases – the Snowden
revelations (2013); the Office of Personnel Management breach
(2014); and the SolarWinds breach (2020) – and explore the
importance of calibrated responses to digital political espionage for
strategic stability and state behavioural norms in cyberspace.
European Journal of International Security, 2020
As staples of science fiction, space technologies, much like outer space itself, have often been ... more As staples of science fiction, space technologies, much like outer space itself, have often been regarded as being ‘out there’ objects of international security analysis. However, as a growing subset of security scholarship indicates, terrestrial politics and practices are ever more dependent on space technologies and systems. Existing scholarship in ‘astropolitics’ and ‘critical astropolitics’ has tended to concentrate on how such technologies and systems underpin and impact the dynamics of military security, but this article makes the case for wider consideration of ‘orbital infrastructures’ as crucial to conceptions and governance of planetary security in the context of the ‘Anthropocene’. It does so by outlining and analysing in detail Earth Observation (EO) and Near-Earth Object (NEO) detection systems as exemplary cases of technological infrastructures for “looking in” on and “looking out” for forms of planetary insecurity. Drawing on and extending recent theorisations of technopolitics and of Large Technical Systems, we argue that EO and NEO technologies illustrate, in distinct ways, the extent to which orbital infrastructures should be considered not only part of the fabric of contemporary international security but as particularly significant within and even emblematic of the technopolitics of planetary (in)security.
The RUSI Journal, 2019
Brexit is likely to have an effect on UK–EU cyber security cooperation. While there are ongoing r... more Brexit is likely to have an effect on UK–EU cyber security cooperation. While there are ongoing reasons to be positive about the state of UK–EU cyber security, Tim Stevens and Kevin O’Brien show how Brexit will have negative impacts on cybercrime policing and cyber threat intelligence sharing, particularly in a ‘no-deal’ scenario, and argue that the absence of a negotiated settlement will damage the cyber security of the UK and the EU.
This thematic issue advocates a range of novel theoretical and methodological directions applicab... more This thematic issue advocates a range of novel theoretical and methodological directions applicable to cybersecurity studies. Drawing on critical International Relations theory, Science and Technology Studies, participant observation, quantitative political science, and other social science methods and theory, the contributors advance modes of invigorating the exploration of cybersecurity as an assemblage of sociotechnical practices. In so doing, this issue seeks to enhance understanding of the politics and strategies of cybersecurity, one of the most complex and diverse technical and political challenges of our contemporary world.
John H. Herz (1908-2005) is better known for his theorisation of the security dilemma than for hi... more John H. Herz (1908-2005) is better known for his theorisation of the security dilemma than for his conviction that human survival is threatened by the conditions of late modernity. This article explores extinction and survival in his work to interrogate his persistent characterisation as an incorrigible pessimist. In his preoccupation with extinction, Herz would seem a first-rank pessimist, but his intellectual commitments belie this easy categorisation. Specifically, his appeals to interdisciplinary 'survival research' suggest a qualified pessimism that does not foreclose on the potential of humankind to overcome structural, political and normative obstacles. This is consistent with current understandings of pessimism with the broader realist tradition. Herz expressed an 'open' and 'linear' temporality that challenges cyclical and linear-progressive temporalities inherent to realism and liberalism, respectively. Herz articulates, therefore, a 'productive pessimism' that charts a different path for pessimist thought beyond its pejorative connotations. This article contributes to the literature on classical realism, to a growing interest in Herz's intellectual legacy, and to the developing appreciation of time and temporality in International Relations theory and practice. It also provides a foundation for rethinking our assumptions about pessimism and international politics.
Lebbeus Woods convierte a la arquitectura en un sistema critico con el que interviene en los deba... more Lebbeus Woods convierte a la arquitectura en un sistema critico con el que interviene en los debates sobre la violencia urbana. Su aparente catastrofismo es una invitacion a transformar la realidad.
This chapter examines the potential for the use of new media technologies in countering violent e... more This chapter examines the potential for the use of new media technologies in countering violent extremist narratives. The debate over extremist narratives and counter-strategies is set against a complex background of information and communication technologies (ICT) that both help and hinder the ability of governments and agencies to combat the use of these same technologies by extremists for propaganda, radicalisation, recruitment, and operational purposes. Whilst states are undeniably lagging in their use of new media, they do possess the resources to engage in these dynamic spaces, if a few important considerations are taken into account. The following chapter discusses both the new media environment and how states might begin to engage more effectively with new media in order to counteract the propagation of extremist narratives.
Recent accusations by Google of cyberespionage by China are the latest in a string of similar all... more Recent accusations by Google of cyberespionage by China are the latest in a string of similar allegations.
The internet plays a contributory role in radicalisation, but is only one of a number of mechanis... more The internet plays a contributory role in radicalisation, but is only one of a number of mechanisms currently deployed to win recruits to global jihad. Technical regulation of online content is difficult and may be counter-productive, driving forums deeper underground or alienating users. Tim Stevens argues that adopting a social approach that educates and empowers online communities could have more success.
This article relates US efforts to develop strategic ‘cyber deterrence’ as a means to deter adver... more This article relates US efforts to develop strategic ‘cyber deterrence’ as a means to deter adversarial actions in and through global cyberspace. Thus far, interests-based cyber deterrence theory has failed to translate into effective US policy and strategy, due to a divergence between the operational idiosyncrasies of cyberspace and an over-reliance on Cold War models of deterrence. Even whilst explicit cyber deterrence strategy falters, the US is pursuing a norms-based approach to cyber strategy generally, and hopes to derive deterrent effects from its attempts to broker international agreements pertaining to the ‘rules of the road’ for the proper and productive use of cyberspace. The US is not the only norm entrepreneur in this policy space, however, and this article examines how a range of other state and non-state actors are complicating efforts to develop normative regimes that might reduce risks to and from cyberspace. The article concludes that a norms-based approach to cyber deterrence might engender deterrent effects at the state level but is unlikely to do so in the case of ‘rogue’ states and many non-state actors. States will continue, therefore, to develop punitive deterrence capabilities to respond to these actors.
Uploads
Books by Tim Stevens
Cybersecurity is one of the key practical and political challenges of our time. It is at the heart of how modern societies survive and thrive, yet public understanding is still rudimentary: media portrayals of hoodie-wearing hackers accessing the Pentagon don’t convey its complexity or significance to contemporary life.
This book addresses this gap, showing that the political dimension is as important as the technological one. It accessibly explains the complexities of global information systems, the challenges of providing security to users, societies, states and the international system, and the multitude of competing players and ambitions in this arena.
Making the case for understanding it not only as a technical project, but as a crucial political one that links competing visions of what cybersecurity is for, it tackles the ultimate question: how can we do it better?
This Adelphi tackles the range of issues raised by our dependence on digital networks. It considers how instantaneous, global communications are challenging national and social orders and what shape those challenges may take as the net is cast ever wider. Comparing the transformations of the Information Age with those of previous generations, when new technologies and emerging transnational threats spread panic in political and strategic circles, the authors examine the real implications for states and statehood."
Articles in English by Tim Stevens
of ‘the making of’ cybersecurity expertise as knowledge practitioners who are located across and in between the diverse and overlapping fields of academia, diplomacy and policy. Cybersecurity expertise, and the practices of the cybersecurity epistemic community more broadly, rely heavily on the perceived applicability and actionability of knowledge outputs, on the practical dependency on policy practitioners regarding access, and thus on the continuous negotiation of hierarchies of knowledge. Participants in this forum reflect on their research practice of negotiating such dilemmas. Collectively, we draw on these contributions to identify obstacles and opportunities towards realising a reflexive research practice in cybersecurity.
how to respond when they are found to be its latest victims. In
multilateral discussions about norms of responsible state behaviour
in cyberspace, digital political espionage is the elephant in the
room. Like other aspects of inter-state intelligence competition,
digital espionage is ‘business as usual’ but can also lead to tensions,
particularly when operations become public. The strategic
consequences of digital espionage appear significant, as
asymmetries of state power and poor understanding of technical
aspects of cyber operations lead to uncertainty about appropriate
responses to ‘cyber victimhood’. We offer multiple propositions to
frame state responses to digital espionage, focusing on the
relational power of the victim and spying states and their bilateral
relationships. States will generally respond proportionately to stateon-
state digital espionage, whilst domestic-political factors pressure
them to adopt more robust, cost-imposing measures that may
exacerbate the strategic consequences of digital espionage. We
illustrate these propositions with three recent cases – the Snowden
revelations (2013); the Office of Personnel Management breach
(2014); and the SolarWinds breach (2020) – and explore the
importance of calibrated responses to digital political espionage for
strategic stability and state behavioural norms in cyberspace.