Abstract
The cyber realm is increasingly vital to national security, but much of cybersecurity is provided privately. Private firms provide a range of roles, from purely defensive operations to more controversial ones, such as active-cyber defense (ACD) and ‘hacking back’. As with the outsourcing of traditional military and security services to private military and security companies (PMSCs), the reliance on private firms raises the ethical question of to what extent the private sector should be involved in providing security services. In this article, I consider this question. I argue that a moderately restrictive approach should be adopted, which holds that private firms can justifiably launch some cybersecurity services – defensive measures – but are not permitted to perform others – offensive measures.
| Original language | English |
|---|---|
| Pages (from-to) | 233-54 |
| Number of pages | 22 |
| Journal | European Journal of International Security |
| Volume | 5 |
| Issue number | 2 |
| Early online date | 19 May 2020 |
| DOIs | |
| Publication status | Published - Jun 2020 |
Keywords
- cybersecurity
- just war theory
- private cyber firms
- private security and military companies
- the ethic of cybersecurity