Cybersecurity & Sustainability

In the most general sense, sustainability is defined as:

  1. … the process of meeting the needs of present and future generations without undermining the resilience of the life supporting properties of nature and the integrity and security of social systems” (see Mapping Sustainability: Knowledge Networking and the Value Chain , Choucri et. al, eds. 2007:12).

This means that we must consider sustainability in terms of the ecosystems of human interactions – the social system, the natural environment, and the cyber domain. In those terms, cybersecurity is a fundamental feature of sustainability. Here we draw attention to notable features of these interconnections, with cybersecurity as the “entry point:” (a) ecosystems, actors, and activities, (b) threats and vulnerabilities, and (c) risk management and support systems.

        Ecosystems, Actors & Activities

Consistent with the Cyber-IR logic, actors and activities are situated in different ecosystems, but their interactions result in the shaping of an overlapping and shared arena. Among the key actors are those at different layers of the internet and levels of analysis in international relations. Clearly, the range of activities – in layers and in levels – increases in diversity and complexity with the growth and expansion of both the cyber and the social domains.

        Threats & Vulnerabilities

There is a catalog of threats and vulnerabilities that undermine cybersecurity and sustainability. Any listing would be outdated soonest it is completed. Some of the recurrent themes include forms of cyber attacks and damages, threat tools and strategies, known and unknown forms of exploitations and damages, impacts on social systems, damages to life supporting properties – to note the obvious. The critical threshold is the point at which the loads on the system are greater than the capacity of the system to manage loads – including threats and vulnerabilities.

        Risk Management and System Supports

A whole range of actions are not recognized to be essential for the management of risks – social, political, technological, legal, and other(s). Risk assessments, privacy protection, system safety architecture, information security, computer network defense and so forth are among the most salient. Human sensitivity to threat potentials, situational awareness, and social responses, the development of national sustainability measures, and assessment of responses all follow accordingly.

Fundamental to the above is sustained capacity building, multi-stakeholder collaboration, institutional resilience and adaptation, insurance and assessment measures & legal and regulatory supports are all part of an overall risk management strategy. Also important are various cooperative measures at all levels of analysis, from the individual to the global.