A polycentric approach to Internet governance and cybersecurity
Program contacts
Professor Scott Shackelford
Director, Program on Cybersecurity and Internet Governance
Chair, IU Bloomington Cybersecurity Program
Senior Fellow, Center for Applied Cybersecurity Research
Research Fellow, Harvard Kennedy School Belfer Center for Science and International Affairs
812-856–6728
sjshacke@indiana.edu
Applications are closed until Spring 2026.
The Program on Cybersecurity and Internet Governance, created in January 2017, brings together scholars from across Indiana University and beyond to build scholarly networks, as well as seek out partnerships with managers and policymakers in the United States and abroad in order to translate research findings into effective policy.
A polycentric approach to both Internet governance and cybersecurity risk management will be encouraged in this program with scholars coming from diverse backgrounds including, but not limited to: Secure Computing, Law, Business, Criminology, Economics, Ethics, Public Policy, Media, Education, Psychological and Brain Sciences, Political Science, and International Relations.
Only through such a multi-disciplinary, multi-sector, multi-stakeholder partnership might meaningful progress be made toward engendering sustainable models of Internet governance and an equitable cyber peace. Towards that end, this program is a founding member of the Cyber Peace Alliance, in collaboration with the Cyber Peace Foundation.
More about the Program on Cybersecurity and Internet Governance
Even though Bitcoin gets most of the press, the underlying tech, blockchain, is the bigger story; simply put, according to Goldman Sachs, it could “change ‘everything.’”
Indeed, the tech is sometimes billed as a panacea—from making businesses more efficient to engendering the growth of “smart” contracts and even securing medical devices, blockchain is now being investigated by a huge range of organizations and is attracting billions in venture funding. Interest is widespread, with organizations ranging from DARPA to Disney investing in blockchain. Wal-Mart is similarly deploying it to help manage its massive supply chain.
Countries are even getting into the game, from launching their own cryptocurrencies like Venezuela’s Petro, to Honduras and Greece using blockchain to aid in land registries, to its use in secure voting. But, as with every new innovation, there are both opportunities and drawbacks to consider.
The Ostrom Workshop is taking on the challenge of blockchain governance with a new collaborative initiative—the Blockchain Governance Initiative (BGI)—that will be a partnership between our Cybersecurity and Data Governance Programs.
To join our working group, and learn more about blockchain research going on around IU, please sign up for our dedicated blockchain mailing list.
According to Forbes, more than 2.5 quintillion bytes of data is created every day. While it is almost incomprehensible to quantify the colossal amounts of data being used on a daily basis, how exactly that data is purposed and where it is being transferred to are questions that rise ethical concerns.
In addition to Big Data, the technological landscape is changing as the progression of the Internet of Things (IoT) extends far beyond personal devices of the average user. By the year 2020 alone, more than 20.4 billion Internet of Things (IoT) devices will be deployed, according to analyst firm Gartner. As these technologies advance, large portions of consumer data collection will increase and with the adoption of machine learning integrated with enterprise technology, the right of privacy also continues to diminish.
Transparency is critical to the ethical use of technology in a digital society. Influences on the security of emerging innovations, along with the unintended consequences that are brought along with the advancements of technology will need to be examined through a multidisciplinary lens if we hope to preserve transparency with the ethical uses of our day-to-day technologies.
The Cyber Ethics and Technology Society (CETS) is a new, collaborative initiative that bridges together academic disciplines to foster multidisciplinary dialogue on how the advancements of technology affect society and how we can establish ethical governance of technology as it rapidly progresses. We have established a partnership between our Cybersecurity and Data Governance programs.
We encourage student involvement and will be organizing career panels beneficial to the professional development of IU students. We envision future partnerships between the School of Informatics, Computing, and Engineering (SICE), Kelley School of Business, Maurer School of Law, and Center for Applied Cybersecurity Research (CACR).
To join our working group, and learn more about our ongoing research, please sign up for our dedicated CETS mailing list.
In many ways, cyber insecurity has never been more pronounced. Hackers have launched attacks on cities such as Atlanta, probed the U.S. power grid, and even tried to compromise our democratic system. Research firm Cybersecurity Ventures projects that global losses from cybercrimes could well hit $6 trillion a year by 2021, while Gartner Inc. forecasts that worldwide spending on cybersecurity will exceed $124 billion in 2019.
But instead of more handwringing or new software patches, what is needed is a new, more proactive approach to cybersecurity that addresses concrete vulnerabilities, helps us better understand how the cyber threat is developing, and strengthen global public- and private-sector defenses to more effectively manage cyber attacks and secure some measure of cyber peace. Yet, to date, there have been relatively few efforts aimed at defining and understanding the goal of "cyber peace."
The International Telecommunication Union (ITU), a UN agency specializing in information and communication technologies, pioneered some of the early work in the field, as did the World Federation of Scientists and the Vatican, but too often cyber peace is viewed as a negative, e.g., the end of cyberattacks. Although certainly desirable, such an outcome is politically and technically unlikely, at least in the near term. Instead, what might a positive cyber peace look like, and how might we get there? At the end of the day, what is the best we can hope for in terms of "peace" on the internet?
Building from the Cyber Peace Alliance that the Ostrom Workshop Cybersecurity and Internet Governance Program built with nonprofit foundations, including the Cyber Peace Foundation, we are formalizing a Cyber Peace Working Group to help advance the field.
If you have an interest in peacebuilding both online and offline and are interested in getting involved in this effort, please do so by signing up.
The Ostroms’ work has been adapted to a wide range of sectors and disciplines, from fisheries and forests to climate change and, more recently, the final frontier.
There’s a growing literature on applying polycentric principles to space governance, and more broadly addressing collective action problems including orbital debris and space weaponization.
Given recent developments including constellations of satellites going up on scarce orbits, and even asteroid mining, this group will explore current work in this field and seek out opportunities for collaboration including with Université Laval, in Québec, Canada.
To learn about future meetings, please join the mailing list.