'Cyber gurus': a rhetorical analysis of the language of cybersecurity specialists and the implications for security policy and critical infrastructure protection

Kevin Quigley, Calvin Burns, Kristen Stallard

Research output: Contribution to journalArticle

11 Citations (Scopus)

Abstract

This paper draws on the psychology of risk and "management guru" literature (Huczynski, 2006) to examine how cybersecurity risks are constructed and communicated by cybersecurity specialists. We conduct a rhetorical analysis of ten recent cybersecurity publications ranging from popular media to academic and technical articles. We find most cybersecurity specialists in the popular domain use management guru techniques and manipulate common cognitive limitations in order to over-dramatize and over-simplify cybersecurity risks to critical infrastructure (CI). We argue there is a role for government: to collect, validate and disseminate more data among owners and operators of CI; to adopt institutional arrangements with an eye to moderating exaggerated claims; to reframe the debate as one of trade-offs between threats and opportunities as opposed to one of survival; and, finally, to encourage education programs in order to stimulate a more informed debate over the longer term.
LanguageEnglish
Pages108-117
Number of pages10
JournalGovernment Information Quarterly
Volume32
Issue number2
Early online date26 Mar 2015
DOIs
Publication statusPublished - 1 Apr 2015

Fingerprint

security policy
infrastructure
language
management
psychology
threat
education

Keywords

  • cybersecurity
  • risk perception
  • availability heuristic
  • management gurus
  • rhetoric
  • critical infrastructure

Cite this

@article{8811984dc80d458c90c0886ca1a35003,
title = "'Cyber gurus': a rhetorical analysis of the language of cybersecurity specialists and the implications for security policy and critical infrastructure protection",
abstract = "This paper draws on the psychology of risk and {"}management guru{"} literature (Huczynski, 2006) to examine how cybersecurity risks are constructed and communicated by cybersecurity specialists. We conduct a rhetorical analysis of ten recent cybersecurity publications ranging from popular media to academic and technical articles. We find most cybersecurity specialists in the popular domain use management guru techniques and manipulate common cognitive limitations in order to over-dramatize and over-simplify cybersecurity risks to critical infrastructure (CI). We argue there is a role for government: to collect, validate and disseminate more data among owners and operators of CI; to adopt institutional arrangements with an eye to moderating exaggerated claims; to reframe the debate as one of trade-offs between threats and opportunities as opposed to one of survival; and, finally, to encourage education programs in order to stimulate a more informed debate over the longer term.",
keywords = "cybersecurity, risk perception, availability heuristic, management gurus, rhetoric, critical infrastructure",
author = "Kevin Quigley and Calvin Burns and Kristen Stallard",
year = "2015",
month = "4",
day = "1",
doi = "10.1016/j.giq.2015.02.001",
language = "English",
volume = "32",
pages = "108--117",
journal = "Government Information Quarterly",
issn = "0740-624X",
number = "2",

}

'Cyber gurus' : a rhetorical analysis of the language of cybersecurity specialists and the implications for security policy and critical infrastructure protection. / Quigley, Kevin; Burns, Calvin; Stallard, Kristen.

In: Government Information Quarterly, Vol. 32, No. 2, 01.04.2015, p. 108-117.

Research output: Contribution to journalArticle

TY - JOUR

T1 - 'Cyber gurus'

T2 - Government Information Quarterly

AU - Quigley, Kevin

AU - Burns, Calvin

AU - Stallard, Kristen

PY - 2015/4/1

Y1 - 2015/4/1

N2 - This paper draws on the psychology of risk and "management guru" literature (Huczynski, 2006) to examine how cybersecurity risks are constructed and communicated by cybersecurity specialists. We conduct a rhetorical analysis of ten recent cybersecurity publications ranging from popular media to academic and technical articles. We find most cybersecurity specialists in the popular domain use management guru techniques and manipulate common cognitive limitations in order to over-dramatize and over-simplify cybersecurity risks to critical infrastructure (CI). We argue there is a role for government: to collect, validate and disseminate more data among owners and operators of CI; to adopt institutional arrangements with an eye to moderating exaggerated claims; to reframe the debate as one of trade-offs between threats and opportunities as opposed to one of survival; and, finally, to encourage education programs in order to stimulate a more informed debate over the longer term.

AB - This paper draws on the psychology of risk and "management guru" literature (Huczynski, 2006) to examine how cybersecurity risks are constructed and communicated by cybersecurity specialists. We conduct a rhetorical analysis of ten recent cybersecurity publications ranging from popular media to academic and technical articles. We find most cybersecurity specialists in the popular domain use management guru techniques and manipulate common cognitive limitations in order to over-dramatize and over-simplify cybersecurity risks to critical infrastructure (CI). We argue there is a role for government: to collect, validate and disseminate more data among owners and operators of CI; to adopt institutional arrangements with an eye to moderating exaggerated claims; to reframe the debate as one of trade-offs between threats and opportunities as opposed to one of survival; and, finally, to encourage education programs in order to stimulate a more informed debate over the longer term.

KW - cybersecurity

KW - risk perception

KW - availability heuristic

KW - management gurus

KW - rhetoric

KW - critical infrastructure

UR - http://www.sciencedirect.com/science/journal/0740624X

U2 - 10.1016/j.giq.2015.02.001

DO - 10.1016/j.giq.2015.02.001

M3 - Article

VL - 32

SP - 108

EP - 117

JO - Government Information Quarterly

JF - Government Information Quarterly

SN - 0740-624X

IS - 2

ER -