Assembling cybersecurity: The politics and materiality of technical malware reports and the case of Stuxnet

Clare L Stevens

doi:10.1080/13523260.2019.1675258

Assembling cybersecurity: The politics and materiality of technical malware reports and the case of Stuxnet

Clare L Stevens

Research output: Contribution to journal › Article (Academic Journal) › peer-review

36 Citations (Scopus)

413 Downloads (Pure)

Abstract

This is an article about how cybersecurity gets “made,” with a focus on the role of commercial computer security firms in generating knowledge in matters of international cybersecurity. The argument is two-fold. Firstly, malware may be an intangible artefact in some ways, but its success and its interpretation as malware is deeply interwoven in social, technical and material alliances. Secondly, a materialist-minded examination of Symantec’s Stuxnet reports will demonstrate the politically situated nature of how cybersecurity expertise emerges. The article finds that Symantec’s work was not a-political or neutrally-technical: Their experts made profoundly political choices in their analyses. By showing the processes that go into making cybersecurity, the article contributes to a widening and deepening of debates about what is at stake in cybersecurity knowledge and practices.

Original language	English
Number of pages	24
Journal	Contemporary Security Policy
DOIs	https://doi.org/10.1080/13523260.2019.1675258
Publication status	Published - 15 Oct 2019

Research Groups and Themes

SPAIS Global Insecurities Centre

Keywords

intangible artifacts
cybersecurity
security studies
materiality
Stuxnet

Access to Document

10.1080/13523260.2019.1675258

Full-text PDF (final published version)
This is the final published version of the article (version of record). It first appeared online via Taylor & Francis at https://www.tandfonline.com/doi/full/10.1080/13523260.2019.1675258 . Please refer to any applicable terms of use of the publisher.
Final published version, 1.94 MBLicence: CC BY

Handle.net

Persistent link

Cite this

@article{bab9439ec9c842bab9c9f30b43dfc8ae,

title = "Assembling cybersecurity: The politics and materiality of technical malware reports and the case of Stuxnet",

abstract = "This is an article about how cybersecurity gets “made,” with a focus on the role of commercial computer security firms in generating knowledge in matters of international cybersecurity. The argument is two-fold. Firstly, malware may be an intangible artefact in some ways, but its success and its interpretation as malware is deeply interwoven in social, technical and material alliances. Secondly, a materialist-minded examination of Symantec{\textquoteright}s Stuxnet reports will demonstrate the politically situated nature of how cybersecurity expertise emerges. The article finds that Symantec{\textquoteright}s work was not a-political or neutrally-technical: Their experts made profoundly political choices in their analyses. By showing the processes that go into making cybersecurity, the article contributes to a widening and deepening of debates about what is at stake in cybersecurity knowledge and practices.",

keywords = "intangible artifacts, cybersecurity, security studies, materiality, Stuxnet",

author = "Stevens, {Clare L}",

year = "2019",

month = oct,

day = "15",

doi = "10.1080/13523260.2019.1675258",

language = "English",

journal = "Contemporary Security Policy",

issn = "1352-3260",

publisher = "Taylor & Francis Group",

}

TY - JOUR

T1 - Assembling cybersecurity

T2 - The politics and materiality of technical malware reports and the case of Stuxnet

AU - Stevens, Clare L

PY - 2019/10/15

Y1 - 2019/10/15

N2 - This is an article about how cybersecurity gets “made,” with a focus on the role of commercial computer security firms in generating knowledge in matters of international cybersecurity. The argument is two-fold. Firstly, malware may be an intangible artefact in some ways, but its success and its interpretation as malware is deeply interwoven in social, technical and material alliances. Secondly, a materialist-minded examination of Symantec’s Stuxnet reports will demonstrate the politically situated nature of how cybersecurity expertise emerges. The article finds that Symantec’s work was not a-political or neutrally-technical: Their experts made profoundly political choices in their analyses. By showing the processes that go into making cybersecurity, the article contributes to a widening and deepening of debates about what is at stake in cybersecurity knowledge and practices.

AB - This is an article about how cybersecurity gets “made,” with a focus on the role of commercial computer security firms in generating knowledge in matters of international cybersecurity. The argument is two-fold. Firstly, malware may be an intangible artefact in some ways, but its success and its interpretation as malware is deeply interwoven in social, technical and material alliances. Secondly, a materialist-minded examination of Symantec’s Stuxnet reports will demonstrate the politically situated nature of how cybersecurity expertise emerges. The article finds that Symantec’s work was not a-political or neutrally-technical: Their experts made profoundly political choices in their analyses. By showing the processes that go into making cybersecurity, the article contributes to a widening and deepening of debates about what is at stake in cybersecurity knowledge and practices.

KW - intangible artifacts

KW - cybersecurity

KW - security studies

KW - materiality

KW - Stuxnet

UR - https://www.scopus.com/record/display.uri?eid=2-s2.0-85074346041&origin=inward&txGid=90ee440296bdc44645987e2ee4abc1a3

U2 - 10.1080/13523260.2019.1675258

DO - 10.1080/13523260.2019.1675258

M3 - Article (Academic Journal)

SN - 1352-3260

JO - Contemporary Security Policy

JF - Contemporary Security Policy

ER -

Assembling cybersecurity: The politics and materiality of technical malware reports and the case of Stuxnet

Abstract

Research Groups and Themes

Keywords

Access to Document

Handle.net

Other files and links

Embargoed Document

Fingerprint

Cite this