Cybersecurity Rewired
: Threats, unknowns and sociotechnical security practices

Student thesis: Doctoral ThesisDoctor of Philosophy


Cybersecurity is a multifaceted and contested phenomenon in international politics with numerous fundamentally different conceptions. Drawing on a range of practice-relational theories at the intersection of Critical Security Studies and Science and Technology Studies (CSS-STS) this thesis contributes to the understanding of cybersecurity with an investigation into how cybersecurity organisations (re)construct cybersecurity. Questioning how cybersecurity is made I explore how cybersecurity organisations make Advanced Persistent Threats (APT) in a relational manner between discourse, practice, and technology. This is important because how threats are produced has fundamental implications for the way cybersecurity is conceptualised and practiced.

In order to trace how APTs are made this thesis approaches cybersecurity as a cognitive assemblage and follows the production of cyberthreats through the heuristics of Input, Throughout and Output. Utilizing ethnographical and qualitative approaches I explore how sociotechnical practices produce input data, analyse data and how these processes produce the output ‘threat’. By introducing the concept of configurations how these different heuristics are configured and their impact on how threats become understood is opened up. By way of four empirical chapters – how the Cyber Kill Chain works as a methodology for how cybersecurity is conceptualised, how sensors make data, how machine learning algorithmic models analyse data and how this data is added together through set methodologies – I trace the making of APTs and its effects on how cybersecurity is understood and practiced. This empirical investigation shows that knowledge of threats is more than simply describing external threat agents. Instead, APTs emerge as a relational effect of human-machine configurations and are constitutive of the knowledge and security practices that are made through these processes within the assemblage.

Examining how APTs are made within the cybersecurity assemblage it is found that agency resides neither in humans nor machines, but rather comes about relationally. Agency manifests itself in everyday choices that hold political consequences for how cybersecurity is understood. Providing a way to research the sociotechnical relational everyday making of cybersecurity knowledge this thesis contributes to the STS-CSS project by offering a way to approach sociotechnical systems and the role of machine learning algorithms in knowledge production. In addition, it paves way for novel understanding of cybersecurity and its many challenges for modern society.
Date of Award1 Oct 2022
Original languageEnglish
Awarding Institution
  • King's College London
SupervisorTim Stevens (Supervisor), Ashwin Mathew (Supervisor) & Peter McBurney (Supervisor)

Cite this