Information security governance has become an elusive goal and a murky concept. This paper problematizes both information security governance and the broader concept of governance. What does it mean to govern information security, or for that matter, anything? Why have information technologies proven difficult to govern? And what assurances can governance provide for the billions of people who rely on information technologies every day? Drawing together several distinct bodies of literature—including multiple strands of governance theory, actor–network theory, and scholarship on sociotechnical regimes—this paper conceptualizes networked action on a spectrum from uncertain governance to governing uncertainty. I advance a twofold argument. First, I argue that networks can better govern uncertainty as they become more able not only to enroll actors in a collective agenda, but also to cut ties with those who seek to undermine that agenda. And second, I argue that the dominant conception of information security governance, which emphasizes governing uncertainty through risk management, in practice devolves to uncertain governance. This is largely because information technologies have evolved toward greater connectedness—and with it, greater vulnerability—creating a regime of insecurity. This evolution is illustrated using the history of the US government’s efforts to govern information security.
Keywords No keywords specified (fix it)
Categories No categories specified
(categorize this paper)
DOI 10.1177/0162243919901159
Edit this record
Mark as duplicate
Export citation
Find it on Scholar
Request removal from index
Revision history

Download options

PhilArchive copy

Upload a copy of this paper     Check publisher's policy     Papers currently archived: 57,156
External links

Setup an account with your affiliations in order to access resources via your University's proxy server
Configure custom proxy (use this if your affiliation does not provide a proxy)
Through your library

References found in this work BETA

The Human Use of Human Beings.Norbert Wiener - 1954 - Boston: Houghton Mifflin.

View all 10 references / Add more references

Citations of this work BETA

No citations found.

Add more citations

Similar books and articles

De droom van Beccaria: Over het strafrecht en de nodale veiligheidszorg.Klaas Rozemond - 2010 - Netherlands Journal of Legal Philosophy 39 (2):158-175.
The Challenge of European Union Security Governance.Emil Kirchner - 2007 - Nankai University (Philosophy and Social Sciences) 1:3-12.
Global Health Justice and Governance.Jennifer Prah Ruger - 2012 - American Journal of Bioethics 12 (12):35-54.
Security Governance in European after the Post-cold War Era.Dong-Sheng Zhang & Le Gong - 2008 - Nankai University (Philosophy and Social Sciences) 3:2-9.
Governance and Social Information Disclosure Evidence From the UK.Sepideh Parsa, Reza Kouhy & Christos Tzovas - 2007 - International Journal of Business Governance and Ethics 3 (3):205-222.
Defining Information Security.Lundgren Björn & Möller Niklas - 2019 - Science and Engineering Ethics 25 (2):419-441.


Added to PP index

Total views
3 ( #1,287,163 of 2,411,756 )

Recent downloads (6 months)
3 ( #244,282 of 2,411,756 )

How can I increase my downloads?


My notes