ABSTRACT

Cybersecurity is a contested concept. While some definitions focus on technical aspects, other insist on the strategic and geopolitical dimensions. Recently, the definition has included development-related aspects in an increasingly digitalised economy. Instead of cybersecurity, international organisations such as the OECD and private companies now focus on the management of digital risk. While this shift represents an opportunity to include new actors and issues on the political agenda, it does not lead to the de-securitisation of cyberspace, nor to the promotion of cyber peace. This article explores the debates around the definition of cybersecurity with a particular focus on how Colombia became one of the first states to follow the 2015 OECD guidelines on the management of digital risk as part of an effort to join the organisation. It describes how the resulting perspective on cybersecurity evidences a market-centred approach focusing on the development of a digital economy. However, it also discusses why the evolution of cybersecurity policies in Colombia represents a missed opportunity to design a cyber peacebuilding policy in a post-conflict context.

摘要

网络安全是一个有争议的概念。一些定义集中在技术方面，而另一些则坚持战略和地缘政治方面。最近，该定义已包括了日益数字化的经济中与发展有关的方面。经合组织（OECD）等国际组织和私营公司已经开始关注数字风险管理，而不是网络安全。尽管这种转变代表了将新的参与者和问题纳入政治议程的机会，但这并不会导致网络空间的安全化，也不会促进网络和平。本文探讨了围绕网络安全定义的辩论，特别关注哥伦比亚如何成为最早遵循2015年经合组织关于数字风险管理的准则的州之一，以此作为加入该组织的努力的一部分。它描述了由此产生的对网络安全的观点如何证明了以市场为中心的方法，侧重于数字经济的发展。但是，它也讨论了为什么哥伦比亚网络安全政策的演变代表了在冲突后背景下设计网络建设和平政策的错失良机。