Cybersecurity has become a dominant theme in security agendas across the world, including in Europe. In the last few years the European Union has put forward a number of initiatives and policies to address the issue, such as the EU Cyber Security Strategy and the Network and Information Security Directive. Unlike other areas - terrorism, migration, organised crime - European cybersecurity has not, thus far, deserved much attention from the Security Studies literature, including the more critical (usually European) side of it. This paper aims to contribute to that literature by questioning the meaning(s) of security embedded in the EU's approach to cyberspace and the normative problems that therein arise. Using the famous quote from Robert Cox replicated in the title as a starting point, the paper identifies four main actors for whom these policies are (referent security objects) - the EU, member states, individuals, private sector - four main areas of activity - cyber-crime, Critical information infrastructure protection, cyberdefence and cyber-espionage - and questions the normative purposes that result from the interaction between these referent objects and areas of activity.
The abstracts and papers on this website reflect the views and opinions of the author(s). UACES cannot be held responsible for the opinions of others. Conference papers are works-in-progress - they should not be cited without the author's permission.