thesis

Conclusion 287
by the Dutch government exemplify this; police forces would retain the right to
hack into any machine involved in DDoS attacks or a botnet. A similar approach
would be a mandate for OS and software providers to force-update or reconfigure
their installed base.
Conflicting norms structure the behaviour of members of the Internet security
community. Introducing the nation state and its national security interests as
points of reference in Internet security politics diverts the focus and loyalty of the
community away from the goal of global infrastructural Internet security towards
national interests and a parcelling of Internet security. As a consequence, Internet
security becomes a patchwork rug of at times conflicting, at times complementary
islands of national Internet securities. National Internet security requires a legally
backed technical centralisation of the locus of authority. The normative idea of
nationally responsible security hacking ensures the availability of required skills and
marginalises progressive hacking scenes and their libertarian ideas.
Among the drawbacks of the centralised, hierarchical approach is that the introduction
of hierarchical and monetary incentives might crowd out the intrinsic motivations
of contributors. If this happens before hierarchical and commercial
institutions are fully established, the overall security situation would worsen. As a
second draw-back, the set-up and maintenance costs of a centralised, hierarchical
governance system are likely to be substantially higher than those of the social/networked
approach. And last, but surely not least, the potential externalities
of hierarchical and central Internet security governance would be substantial. From
the perspective of democratic governance, the societal risks of letting traditional
security organisation manage the security of the Internet appear to be significant.
8.5.4 Strengthening its effectiveness
An important way to increase the relevance of the networked approach is to increase
its capabilities and effectiveness. This would remove political doubts regarding
its ability to handle the increasing variety and number of security incidents.
The technical integrity of the Internet resides in the hands of the Internet security
community and the organisations connected to it by default. The technical staff of
individual organisations and their ICT service suppliers ensure the functionality of
their networks and systems. One can conceive a number of ways in which security
provisioning in this networked approach could be improved (Rendon Group
2011).