Layered structures of robustness and resilience: Evidence from cybersecurity projects for critical infrastructures in Central Europe

Abstract

AbstractThe article studies cybersecurity projects from the perspective of social systems theory. Measures taken to increase cybersecurity are aimed at the robustness and resilience of specific systemic entities in society. We argue that this does not necessarily mean that systems in which these entities are embedded become more robust or resilient. The article investigates the objectives of 20 projects funded by different public organizations to increase cybersecurity of critical infrastructures. The findings show that robustness and resilience are addressed by these projects on different layers of systems in society, without a clear picture of how they are supposed to fit together in a wider effort to protect society against disruption. The detailed analysis of the different facets of robustness and resilience addressed in cybersecurity projects paves the way for a better understanding of this problem. The research shows how organizations may avoid the negative consequences of measures to secure specific systemic entities in society in the case of critical infrastructures, other application scenarios, and digital innovation in general.