Abstract

Cybersecurity now sits at the core of national security, and most studies explain what a national cybersecurity strategy should contain rather than how such strategic policy is actually produced across government organizations. This research in progress therefore asks: How do nation-states develop national strategic-level cybersecurity policy? We propose a process model that uses the Public Policy Cycle (PPC) and complementary theoretical lenses. The model introduces a proposed inter-organizational government coalition to enable observation of their activities across the PPC stages of strategic-level cybersecurity policymaking. We follow established qualitative methods, with initial literature-assisted conceptualization of the model followed by a revelatory case-study and focus group for refinement purposes. The intended contribution is twofold: for policymakers, we propose a reflective process model consolidating tacit know-how on stages, roles, activities, coordination/sequencing, bottlenecks, and decision points; for researchers, we propose an analytic frame and shared vocabulary that expand and generalize theoretical lenses to lived practice in national cybersecurity policymaking.

Download

Share

COinS