Dealing with uncertainty in cyberspace

Abstract

While cyberspace as a globally interconnected network offers economic, social and informational potential, at the same time this space also produces a wide variety of risks, for which no easy solutions exist. For the international community, for nation states, for organizations and even for individuals, uncertainty is a common thread for interaction, communication and the general use of (systems connected to) cyberspace. This research shows that there are five different common reactions to dealing with this uncertainty in cyberspace: (1) using risk management to control uncertainty; (2) recovering from uncertainty through resilience; (3) influencing uncertainty with laws and regulation; (4) suspending uncertainty by engaging in trust; and (5) ignoring uncertainty through inaction. Some of these approaches are used more often than others. For instance, risk management is currently the dominant way of responding to uncertainty in cyberspace, with resilience gaining prominence. Other strategies, such as relying on trust or inaction, are less common. Oftentimes, using a mixture of strategies may be helpful, because some strategies may strengthen one another, for instance when a combination of risk management and resilience approaches is used. Each strategy has particular use for specific contexts, but since we lack an overview of which strategies are being used, we also cannot establish under which conditions which strategy is most beneficial. Solving this lack of knowledge can help us be more effective in dealing with uncertainties of a wide variety in cyberspace.