Florian Egloff


Last Name

Egloff

First Name

Florian

ORCID

0000-0002-0290-667X

Organisational unit

01859 - Lehre Geistes-, Sozial- und Staatswiss.

Filters

2018 - 201952020 - 20239
Reset filters

Search Results

Publications 1 - 10 of 14
  • Public Attribution of Cyber Intrusions
    Item type: Journal Article
    Egloff, Florian (2020)
    Journal of Cybersecurity
    Attribution is central to the debate on how to respond to cyber intrusions. The policy challenge is increasingly moving from identifying who is behind a cyber intrusion to finding the adequate policy response, including whether to publicly attribute. The article examines the use of public attribution as a political strategy for attaining specific political effects beyond the dyadic attacker–victim relationship, including shaping the operational and normative environment of cyber operations, with the potential to exert an independent deterrent effect. My analysis unfolds in three parts. The first part introduces two core concepts—sense-making and meaning-making—to capture different parts of the attribution process. I then introduce a theoretical understanding of public attribution drawing on the literature on revealing covert activity and argue that public attribution can serve the function of defining a particular interaction order, i.e. shape the rules of the ‘game’. In part two and three I discuss two empirical examples of both concepts. I bring to the fore three observations: First, some states have shifted their policy responses from dealing with individual cyber intrusions to responding in a broader political framework of relations with a specific adversary leading to campaign-like responses. Second, the political decision whether to attribute publicly is not only a signal to the adversary, but also aims at shaping the future political and normative operational environment. Third, such norm shaping has the potential to exert an independent—though limited—deterrent effect, particularly on potential adversaries. The analysis demonstrates the importance of the meaning-making process to understanding the politics of attribution and the rewards of theoretically integrating it into the politics of secrecy and exposure of covert activities of states.
  • Shaping not Signaling: Understanding Cyber Operations as a Means of Espionage, Attack, and Destabilization
    Item type: Book Review
    Egloff, Florian; Maschmeyer, Lennart (2021)
    International Studies Review
  • Public Attribution of Cyber Incidents
    Item type: Other Publication
    Egloff, Florian; Wenger, Andreas (2019)
    CSS Analyses in Security Policy
    Cyber incidents are increasingly being publicly attributed to specific perpetrators. The public attributions issued by states and cybersecurity companies often lack both transparency and verifi¬ ability. Strengthening trust in public attributions requires institutional mechanisms at the international level as well as the engagement of the state, the corporate sector, and civil society.
  • Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers
    Item type: Book Review
    Egloff, Florian; Smeets, Max Willem Eline (2020)
    Journal of Cyber Policy
    In this article, CSS researchers Florian Egloff and Max Smeets review Andy Greenberg's book on a new era of cyber war and the hunt for the Kremlin's most dangerous hackers.
  • The Politics of Cybersecurity: Balancing Different Roles of the State
    Item type: Journal Article
    Dunn Cavelty, Myriam; Egloff, Florian (2019)
    St Antony’s International Review
    This article investigates the role of the state in cybersecurity along three dimensions: theoretical, empirical, and normative. Theoretically, we find that the literature is narrowly highlighting the role of the state as a security actor. Empirically, we analyze policy development, and show the diversity of the roles the state imagines for itself. We find six different roles of the state in cybersecurity: 1) security guarantor; 2) legislator and regulator; 3) supporter and representative of the whole of society; 4) security partner; 5) knowledge generator and distributor, and 6) threat actor. Normatively, we outline three main areas of tension between the state, the economy, and society in which cybersecurity policies are situated. This results in two types of questions occupying the center stage of cybersecurity policy: a question regarding the boundaries of responsibility and a question regarding the concrete assumption of responsibilities.
  • Offensive Cyber Capabilities and State Violence: Three Logics of Integration
    Item type: Journal Article
    Egloff, Florian; Shires, James (2022)
    Journal of Global Security Studies
    Offensive cyber capabilities (OCCs) are the combination of people, technologies, and organizational attributes that jointly enable offensive cyber operations: the adversarial manipulation of digital services or networks. Most works on OCCs focus on their (de-)escalatory potential in terms of diplomatic tension, instability, or power. This article argues for a re-orientation toward the normatively prior question of their relative violence. It asks: how are OCCs integrated into violent state capacities and what are the consequences? The article proposes three logics of integration by which OCCs are included in violent state actions, in both repressive and interstate situations. These logics-substitution, support, and complement-weigh the benefits of using OCCs against an adversary instead of, as part of, and in addition to other means of violence, respectively. The article argues that the violence of OCCs depends on two things: first, whether one adopts a narrowly physical or a more expansive definition of violence and, second, which logic of integration governs their use. On a narrow definition of violence, substitutive and supportive uses of OCCs are less likely to be violent than conventional alternatives, and complementary uses of OCCs are not violent at all. On a wider definition, both substitutive and supportive uses of OCCs can lead to more violence than conventional alternatives, while complementary uses of OCCs are highly likely to increase violence overall. Acknowledging the different logics of integration for OCCs, and understanding their violent effects, has important analytical and policy benefits for global security studies.
  • L’attribution publique d’incidents cybernétiques
    Item type: Other Publication
    Wenger, Andreas; Egloff, Florian (2019)
    Politique de sécurité: analyses du CSS
    De plus en plus de d’incidents cybernétiques sont publiquement attribués aux responsables. Mais souvent, les informations communiquées par les États et les entreprises de cybersécurité sont peu transparentes et difficiles à comprendre. Pour renforcer la confiance dans ces attributions publiques, il faut des mécanismes institutionnels au niveau international et l’engagement des États, des entreprises et de la société.
  • Contested public attributions of cyber incidents and the role of academia
    Item type: Journal Article
    Egloff, Florian (2020)
    Contemporary Security Policy
    Public attributions of cyber incidents by governments and private industry have become prevalent in recent years. This article argues that they display a skewed version of cyber conflict for several operational and structural reasons, including political, commercial, and legal constraints. In addition, public attribution of cyber incidents takes place in a heavily contested information environment, creating fractured narratives of a shared past. The article uses three cyber incidents (Sony Pictures, DNC, and NotPetya) to show how actors cope with this contested information environment and proposes a changed role of academia to address some of the problems that emerge. To become competent in contesting public attribution discourses, universities would have to work more across physical, disciplinary, and academic boundaries. The main implications for democracies are to be more transparent about how attribution is performed, enable other civilian actors to study cyber conflict, and thereby broaden the discourse on cybersecurity politics.
  • Cyber mercenaries: the state, hackers, and power
    Item type: Book Review
    Egloff, Florian (2018)
    Journal of Cyber Policy
  • Hyper‐securitization, Everyday Security Practice and Technification: Cyber‐security Logics in Switzerland
    Item type: Journal Article
    Dunn Cavelty, Myriam; Egloff, Florian (2021)
    Swiss Political Science Review
    This contribution to the SPSR debate about technology and security in Switzerland looks at how and by whom cyber‐security is constructed in Swiss security politics. Using three securitization logics as developed by reflexive Security Studies – hyper‐securitization, everyday security practices, and technification – it illustrates how Swiss actors have sorted out roles and responsibilities over the years. The article suggests that all three logics are present in the political process, but that ‘technification’ – a way to construct the issue as reliant upon technical knowledge and the supposition that this serves a political and normatively neutral agenda – is currently the dominant one. For democratic politics, technification is a big challenge. Assigning an issue to the technical realm has a depoliticizing influence and makes contestation from those with less technical expertise very hard. © 2021 Swiss Political Science Association
Publications 1 - 10 of 14