Analysis of Institutional Design of European Union Cyber Incident and Crisis Management as a Complex Public Good
成果类型:
Article
署名作者:
Kianpour, Mazaher; Frantz, Christopher
署名单位:
Norwegian University of Science & Technology (NTNU); Norwegian University of Science & Technology (NTNU)
刊物名称:
REGULATION & GOVERNANCE
ISSN/ISSBN:
1748-5983
DOI:
10.1111/rego.12640
发表日期:
2025
页码:
1037-1062
关键词:
private partnerships
policy networks
governance
Cybersecurity
polycentricity
security
capacity
EU
摘要:
Effective cyber incident response and crisis management increasingly relies on the coordination of relevant actors at supranational levels. A polycentric governance structure is one of the institutional arrangements that can promote active participation of involved actors, an aspect decisive for the rapid and effective response to cyber incidents and crises. This research aims to dissect whether, and to what extent, a polycentric structure is manifested within the cyber crisis management framework of the European Union (EU) and assesses the extent to which these policies signal a balance between centralization and decentralization. By employing Institutional Grammar 2.0, we examine the roles and interactions among actors delineated within four key policies to identify the structural characteristics, institutional essentials, and prerequisites indicative of a polycentric governance system. Additionally, we apply network analysis to evaluate dyadic relationships of actors, further assessing the balance between centralization and decentralization in the EU's cyber crisis management framework. Our analysis reveals that the EU has adopted a polycentric governance model for cyber crisis management, characterized by a nuanced distribution of responsibilities and authorities. The findings highlight a tendency toward centralization, especially in the roles of Member States and the European Union Agency for Cybersecurity (ENISA), while maintaining a polycentric structure that blends centralization and decentralization. This balance can ensure structural integrity and coherence of the system, while theoretically providing the flexibility and resilience needed to adapt to the dynamic cyber threat landscape. The study contributes methodologically, offering a framework that can be applied to other domains, and provides insights into the effective coordination of cyber incident response and crisis management at supranational levels.
来源URL: