Cyber security responsibilization: an evaluation of the intervention approaches adopted by the Five Eyes countries and China

Karen Renaud, Craig Orgeron, Merrill Warkentin, P. Edward French

Research output: Contribution to journalArticlepeer-review

3 Citations (Scopus)
1 Downloads (Pure)


Governments can intervene to a greater or lesser extent in managing the risks their citizens face. They can adopt a maximal intervention approach (e.g. COVID-19) or a handsoff approach, effectively “responsibilizing” their citizens (e.g. unemployment). To manage the cyber risk, governments publish cyber-related policies. The question that we wanted to answer was: “What intervention stances do governments adopt in supporting individual citizens managing their personal cyber risk?” We pinpointed the cyber-related responsibilities that several governments espoused, applying a “responsibilization” analysis. We identified those that applied to citizens, and thereby revealed their cyber-related intervention stances. Our analysis revealed that most governments adopt a minimal cyber-related intervention stance in supporting their individual citizens. Given the increasing number of successful cyber attacks on individuals, it seems time for the consequences of this stance to be acknowledged and reconsidered. We argue that governments should support individual citizens more effectively in dealing with cyber threats.
Original languageEnglish
Pages (from-to)577-589
Number of pages13
JournalPublic Administration Review
Issue number4
Early online date3 Jun 2020
Publication statusPublished - 31 Aug 2020


  • cyber security
  • government policies
  • responsibility
  • personal risk
  • cyber threats

Cite this