Fortsatt ansvarsprinsipp eller helhetlig tilnærming til cybersecurity i Norge?
Abstract
The government’s cyber defense effort is a growing concern in the Norwegian security landscape. The intelligence threat remains high, and the vulnerabilities of the digital infrastructure have become more apparent. The research question for this thesis is: Can the Government of Norway have a comprehensive approach when the principle of responsibility still is the fundamental idea behind the Norwegian crisis management model? First, this paper will shortly address the broader societal interests and values which should be considered when Cyberdefence is used as a term. Secondly, the trends of globalization and the technology dependency will briefly be reviewed. Thirdly, the paper explores how the state has organized itself to handle Cyberthreats to the nation state and their national security interests. This is done by first addressing the Government approach to the new understanding of threats and vulnerabilities, then by addressing the principle of responsibility to the delegation of authority and resources, and lastly by exploring how a comprehensive approach to Cybersecurity, from the Government’s point of view, can function alongside the crisis response principle of responsibility. In conclusion, the paper argues that the Norwegian approach to handling threats that come through cyberspace is largely based on the crisis response principle of responsibility and not so much on a comprehensive approach as the Government would like to think. A comprehensive approach must also to a higher degree take into consideration the need for legitimacy both in planning and execution of their efforts.