The Minnesota Journal of Law, Science & Technology recently published my latest article: Cyberthreats and the Limits of Bureaucratic Control, 14 Minn. J. L. Sci. & Tec. 137 (2013).
You can find the printed version of the article at this link. (If you have any difficulty accessing it, please let me know.)
Here is a brief -- very brief -- abstract of what this rather lengthy article addresses:
This article argues that the approach the United States, like other countries, uses to control threats in real-space is ill-suited for controlling cyberthreats, i.e., cybercrime, cyberterrorism and cyberwar. The article explains that because this approach evolved to deal with threat activity in a physical environment, it is predicated on a bureaucratically organized response structure. It also explains why this approach is not an effective way to approach cyber-threat control and examines recent federal initiatives that have been proposed to improve U.S. cybersecurity, such as the U.S. military’s Cyber Commands.
The article explains why each of these efforts is flawed and why U.S. authorities persist in pursuing antiquated strategies that cannot provide an effective cyberthreats defense system. It argues that the continuing reliance bureaucratically structured response systems is the product of the fallacy of inevitability, i.e., the recursive reliance on established institutional models. It also outlines an alternative approach to the task of protecting the country from cyberthreats, and approach that is predicated on older, more fluid threat control strategies.