'Cyber Gurus': A rhetorical analysis of the language of cybersecurity specialists and the implications for security policy and critical infrastructure protection

Government Information Quarterly

Volumn 32, Issue 2, 2015, Pages 108-117

  Quigley, Kevin ^a   Burns, Calvin ^b   Stallard, Kristen ^a  

^a DALHOUSIE UNIVERSITY   (Canada)

^b UNIVERSITY OF STRATHCLYDE   (United Kingdom)

Author keywords

Availability heuristic; Critical infrastructure; Cybersecurity; Management gurus; Rhetoric; Risk perception

Indexed keywords

EID: 84928771409     PISSN: 0740624X     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.giq.2015.02.001     Document Type: Article

References (100)

1. Agranoff R. Enhancing performance through public sector networks: Mobilizing human capital in communities of practice. Public Performance & Management Review 2008, March 01, 31(3):320-347.
2. Ahonen A., Kallio T. On the cultural locus of management theory industry: Perspectives from autocommunication. Management and Organizational History 2009, January 01, 4(4):427-443.
3. Alhakami A.S., Slovic P. A psychological study of the inverse relationship between perceived risk and perceived benefit. Risk Analysis 1994, January 01, 14(6):1085-1096.
4. Aristotle, Kennedy G.A. On rhetoric: A theory of civic discourse 1991, Oxford University Press, New York.
5. Arrow K.J. Essays in the theory of risk bearing 1971, Markham Publishing, Chicago.
6. Attorney-General's Department Trusted Information Sharing Network 2003, Government of Australia, (Retrieved from http://www.tisn.gov.au/Pages/default.aspx).
7. Baker S. Skating on stilts: Why we aren't stopping tomorrow's terrorism. Hoover Institution Press Publication no. 591 2010, Hoover Institution at Leland Stanford Junior University, Stanford, CA.
8. Barbalet J. A characterization of trust, and its consequences. Theory and Society 2009, January 01, 38(4):367-382.
9. Berglund J., Werr A. The invincible character of management consulting rhetoric: How one blends incommensurates while keeping them apart. Organization 2000, January 01, 7(4):633-655.
10. Bertot J.C., Jaeger P.T., Grimes J.M. Using ICTs to create a culture of transparency: E-government and social media as openness and anti-corruption tools for societies. Government Information Quarterly 2010, July 01, 27(3):264-271.
11. Betsch T., Pohl D. The availability heuristic: A critical examination. Etc.-Frequency processing and cognition 2002, 109-119. Oxford University Press, Oxford. P. Sedlmeier, T. Betsch (Eds.).
12. Burns C. Implicit and explicit risk perception. Paper presented at the European Academy of Occupational Health Psychology 2012, (Zurich).
13. Busseri T. It's time to take cybersecurity seriously. Wired Magazine 2012, March 12, (Retrieved from http://www.wired.com/2012/03/opinion-busseri-cybersecurity/).
14. Cathcart T., Klein D.M. Aristotle and an aardvark go to Washington: Understanding political doublespeak through philosophy and jokes 2007, Abrams Image, New York.
15. Cavelty M.D. Cyber-terror-Looming threat or phantom menace? The framing of the US cyber-threat debate. Journal of Information Technology & Politics 2007, March 01, 4:1.
16. Centre for the Protection of National Infrastructure. (2006). CPNI. Government of the United Kingdom. Retrieved. http://www.cpni.gov.uk/.
17. Clark T., Salaman G. The management guru as organizational witchdoctor. Organization 1996, January 01, 3(1):85-107.
18. Clarke R. Cyber attacks can spark real wars. The Wall Street Journal 2012, Retrieved from: http://www.wsj.com/articles/SB10001424052970204883304577219543897943980.
19. Clarke R.A., Knake R.K. Cyber war: The next threat to national security and what to do about it 2010, Harper Collins Canada, Toronto.
20. Colarik A., Janczewski L. Establishing cyber warfare doctrine. Journal of Strategic Security 2012, March 01, 5(1):31-48.
21. Comfort L. Designing resilience for communities at risk. The CIP Initiative - Disasters in the Infrastructure: Response and Assessment Workshop Proceedings 2010, October 28, (Retrieved from http://cip.management.dal.ca/wp-content/uploads/2013/02/cip_workshop_2010_proceedings.pdf).
22. Conabree D. Intellectual capital and e-collaboration: The hidden cost of the status quo. FMI Journal 2011, 23(1):11-12.
23. Coughlin C. Cyber guards or soldiers: Which do we need most?. The Daily Telegraph 2010, October14, (Retrieved from: http://www.telegraph.co.uk/comment/columnists/concoughlin/8063120/Cyber-guards-or-soldiers-which-do-we-need-most.html).
24. Dearstyne B.W. Fighting terrorism, making war: Critical insights in the management of information and intelligence. Government Information Quarterly 2005, January 01, 22(2):170-186.
25. Douglas M., Wildavsky A.B. Risk and culture: An essay on the selection of technical and environmental dangers 1982, University of California Press, Berkeley.
26. Edelman Edelman trust barometer 2013: Annual global study: Canadian findings 2013, Edelman Insights, (Retrieved from: http://www.slideshare.net/EdelmanInsights/canada-results-2013-edelman-trust-barometer).
27. Faisal M.N., Banwet D.K., Shankar R. Supply chain risk mitigation: Modeling the enablers. Business Process Management Journal 2006, July 01, 12(4):535-552.
28. Finucane M., Slovic P., Mertz C.K., Flynn J., Satterfield T. Gender, race, and perceived risk: The 'white male' effect. Health, Risk & Society 2000, July 01, 2(2):159-172.
29. Folkes V.S. Recent attribution research in consumer behavior: A review and new directions. Journal of Consumer Research 1988, March 01, 14(4):548-565.
30. Fowler T., Quigley K. Contextual factors that influence the Canadian government's response to the cyber threat. International Journal of Public Administration in the Digital Age 2014, 97-115.
31. Fyfe T., Crookall P. Social Media and Public Sector Policy Dilemmas 2010, IPAC, Toronto.
32. Gierlach E., Belsher B.E., Beutler L.E. Cross-cultural differences in risk perceptions of disasters. Risk Analysis 2010, January 01, 30(10):1539-1549.
33. Glenny M. Hire the hackers!. TED Talks 2011, July, (Retrieved from http://www.ted.com/talks/misha_glenny_hire_the_hackers.html).
34. Glenny M. Canada's weakling Web defenses. The Globe and Mail 2011, May 18, (Retrieved from http://www.theglobeandmail.com/globe-debate/canadas-weakling-web-defences/article580145/).
35. Gordon V. National Security Directive declassification. Government Information Quarterly 2010, October 01, 27(4):322-328.
36. Hansen L., Nissenbaum H. Digital disaster, cyber security, and the Copenhagen school. International Studies Quarterly 2009, December 01, 53(4):1155-1175.
37. Hardin R. Trust 2006, Polity Press, Cambridge.
38. Harknett R.J., Stever J.A. The cybersecurity triad: Government, private sector partners, and the engaged cybersecurity citizen. Journal of Homeland Security and Emergency Management 2009, November 30, 6:1.
39. Hess C., Ostrom E. Understanding knowledge as a commons: From theory to practice 2007, MIT Press, Cambridge, MA.
40. Hood C. The art of the state: Culture, rhetoric and public management 1998, Oxford University Press, Oxford.
41. Hood C., Jackson M.W. Administrative argument 1991, Dartmouth Publishing, Aldershot, UK.
42. Hood C., Rothstein H., Baldwin R. The government of risk: Understanding risk regulation regimes 2001, Oxford University Press, Oxford.
43. Huczynski A. Management gurus 2006, Routledge, New York. Revised ed.
44. Jaeger C., Renn O., Rosa E.A., Webler T. Risk, uncertainty, and rational action 2001, Earthscan, London.
45. Keulen S., Kroeze R. Understanding management gurus and historical narratives: The benefits of a historic turn in management and organization studies. Management and Organizational History 2012, May 01, 7(2):171-189.
46. Kieser A. Rhetoric and myth in management fashion. Organization 1997, February 01, 4(1):49-74.
47. Koliba C.J., Mills R.M., Zia A. Accountability in governance networks: An assessment of public, private, and nonprofit emergency management practices following Hurricane Katrina. Public Administration Review 2011, March 01, 71(2):210-220.
48. Kolluru R., Meredith P.H. Security and trust management in supply chains. Information Management & Computer Security 2001, December 01, 9(5):233-236.
49. Koski C. Committed to protection? Partnerships in critical infrastructure protection. Journal of Homeland Security and Emergency Management 2011, January 01, 8:1.
50. Kramer R.M. Trust and distrust in organizations: emerging perspectives, enduring questions. Annual Review of Psychology 1999, January 01, 50:569-598.
51. Lachlan K., Spence P.R. Communicating risks: Examining hazard and outrage in multiple contexts. Risk Analysis 2010, January 01, 30(12):1872-1886.
52. Langer E.J. The illusion of control. Journal of Personality and Social Psychology 1975, January 01, 32(2):311-328.
53. Layne K., Lee J. Developing fully functional E-government: A four stage model. Government Information Quarterly 2001, April 01, 18(2):122-136.
54. Lewis J. Cyber terror: Missing in action. Knowledge, Technology, and, Policy 2003, June 01, 16(2):34-41.
55. Lieberman J. The threat is real and must be stopped. The New York Times 2012, October 17, (Retrieved from: http://www.nytimes.com/roomfordebate/2012/10/17/should-industry-face-more-cybersecurity-mandates/the-cyber-threat-is-real-and-must-be-stopped-by-business-and-government).
56. Maldonato M., Dell'Orco S. How to make decisions in an uncertain world: Heuristics, biases, and risk perception. World Futures 2011, November 01, 67(8):569-577.
57. Mather L. Cybersecurity requires a multi-layered approach. Info Security Magazine 2011, April 21., (Retrieved from: http://www.infosecurity-magazine.com/opinions/comment-cybersecurity-requires-a-multi-layered/).
58. Mittu R., Guleyupoglu S., Johnson A., Barlow W., Dowdy M., McCarthy S. Unclassified information sharing and coordination in security, stabilization, transition and reconstruction efforts. International Journal of Electronic Government Research 2008, January 01, 4(1):36-48.
59. Moore M. Creating public value 1995, Harvard University Press, Cambridge, MA.
60. Nicholson A., Webber S., Dyer S., Patel T., Janicke H. SCADA security in the light of cyber-warfare. Computers & Security 2012, June 01, 31(4):418-436.
61. Nørreklit H. The Balanced Scorecard: What is the score? A rhetorical analysis of the Balanced Scorecard. Accounting, Organizations and Society 2003, August 01, 28(6):591-619.
62. Osborne D., Gaebler T. Reinventing government: How the entrepreneurial spirit is transforming the public sector 1992, Addison-Wesley, Reading, MA.
63. Osborne D., Plastrik P. Banishing bureaucracy: The five strategies for reinventing government 1997, Addison-Wesley, Reading, MA.
64. Pachur T., Hertwig R., Steinmann F. How do people judge risks: Availability heuristic, affect heuristic, or both?. Journal of Experimental Psychology: Applied 2012, September 01, 18(3):314-330.
65. Paquette S., Jaeger P.T., Wilson S.C. Identifying the security risks associated with governmental use of cloud computing. Government Information Quarterly 2010, July 01, 27(3):245-253.
66. Pennings J.M.E., Grossman D.B. Responding to crises and disasters: The role of risk attitudes and risk perceptions. Disasters 2008, September 01, 32(3):434-448.
67. Pratt J.W. Risk aversion in the small and in the large. Econometrica 1964, January 01, 32:122-136.
68. Public Safety Canada National Strategy for Critical Infrastructure 2009, Her Majesty the Queen in Right of Canada, Ottawa, (Retrieved from http://www.publicsafety.gc.ca/prg/ns/ci/_fl/ntnl-eng.pdf).
69. Quigley K. Seven questions for Michael Chertoff. The CIP Exchange 2009, Spring, 2009:1-2.
70. Quigley K. 'Man plans, God laughs': Canada's national strategy for protecting critical infrastructure. Canadian Public Administration 2013, March 01, 56(1):142-164.
71. Quigley K., Burns C., Stallard K. Communicating effectively about cyber-security risks: Probabilities, peer networks and a longer term education program. Public Safety Canada Contract: No. 7181309 - Identifying and Effectively Communicating Cyber-security Risks 2013, (Retrieved from http://cip.management.dal.ca/wp-content/uploads/2013/04/Quigley-Burns-Stallard-Cyber-Security-Paper-Final-1.pdf).
72. Quigley K., Mills B. Contextual issues that influence the risk regulation regime of the transportation sector. Kanishka Project Contribution Program - Understanding and Responding to Terrorist Threats to Critical Infrastructure 2014, February 1, School of Public Administration, Dalhousie University, Halifax, NS, (Retrieved from http://cip.management.dal.ca/?page_id=280).
73. Relyea H.C. Homeland security and information sharing: Federal policy considerations. Government Information Quarterly 2004, January 01, 21(4):420-438.
74. Renn O. White paper on risk governance: Toward an integrative framework. Global risk governance: Concept and practice using the IRGC framework 2008, Springer, Dordrecht. O. Renn, K. Walker (Eds.).
75. Rid T. Cyber war will not take place 2013, Oxford University Press, New York.
76. Rousseau D.M., Sitkin S.B., Burt R.S., Camerer C. Not so different after all: A cross-discipline view of trust. The Academy of Management Review 1998, July 01, 23(3):393-404.
77. Røvik K. From fashion to virus: An alternative theory of organizations' handling of management ideas. Organization Studies 2011, January 01, 32(5):631-653.
78. Roy J. Social Media's Democratic Paradox: Lessons from Canada. European Journal of ePractice 2012, 16:5-15.
79. Rubin A. All your devices can be hacked. TED Talks 2011, October, (Retrieved on-line from: http://www.ted.com/talks/avi_rubin_all_your_devices_can_be_hacked.html).
80. Senge P.M. The fifth discipline: The art and practice of the learning organization 1990, Doubleday/Currency, New York.
81. Sharif A.M. Transformational government: What is the shape of things to come?. Transforming Government: People, Process and Policy 2008, 2(1):71-75.
82. Shore J.J.M. The legal imperative to protect critical energy infrastructure 2008, March, Canadian Centre of Intelligence and Security Studies, Ottawa, ON.
83. Sjöberg L. Factors in risk perception. Risk Analysis 2000, January 01, 20(1):1-12.
84. Slovic P. Perception of risk. Science 1987, January 01, 236(4799):280-285.
85. Slovic P., Fischhoff B., Lichtenstein S. Rating the risks. Environment 1979, 21(3):14-20.
86. Slovic P., Fischhoff B., Lichtenstein S. Why study risk perception?. Risk Analysis 1982, June 01, 2(2):83-93.
87. Slovic P., Peters E., Finucane M.L., Macgregor D.G. Affect, risk, and decision making. Health Psychology 2005, January 01, 24(4):35-40.
88. Smith P.K., Steffgen G. Cyberbullying through the new media: Findings from an international network 2013, Psychology Press, London.
89. Starr C. Social benefit versus technological risk. Science 1969, January 01, 165(3899):1232-1238.
90. Stohl M. Cyber terrorism: A clear and present danger, the sum of all fears, breaking point or patriot games?. Crime, Law and Social Change 2007, April 10, 46:223-238.
91. Strickland L.S. The information gulag: Rethinking openness in times of national danger. Government Information Quarterly 2005, January 01, 22(4):546-572.
92. Sunstein C.R. Terrorism and probability neglect. Journal of Risk and Uncertainty 2003, January 01, 26(2-3):121-136.
93. Sunstein C. Laws of fear: Beyond the precautionary principle 2005, Cambridge University Press, New York.
94. Sunstein C. Worst case scenarios 2009, Harvard University Press, Cambridge, MA.
95. Tversky A., Kahneman D. Availability: A heuristic for judging frequency and probability. Cognitive Psychology 1973, 5(1):207-233.
96. United States Department of Homeland Security One Team, One Mission, Securing Our Homeland: U.S. Department of Homeland Security Strategic Plan, Fiscal Years 2009-2013 2008, GPO, Washington, DC.
97. Vogel D. National Styles of Regulation: Environmental Policy in Great Britain and the United States 1986, Vol. 242. Cornell University Press, Ithaca, NY.
98. Von Solms R., Van Niekerk J. From information security to cyber security. Computers and Security 2013, May 13, 38:97-102.
99. Walton D.N. Argumentation schemes for presumptive reasoning 1996, L. Erlbaum Associates, Mahwah, N.J.
100. Wason P.C. On the failure to eliminate hypotheses in a conceptual task. Quarterly Journal of Experimental Psychology 1960, July 01, 12(3):129-140.