International Cyber Security Bibliography

"Let Them Roar: Small States as Cyber Norm Entrepreneurs", European Foreign Affairs Review, 24 (2): 217-234.

Bitskrieg: The New Challenge of Cyberwarfare, Wiley.

"Solving the International Internet Policy Coordination Problem", Global Commission on Internet Governance, Paper Series: No. 12 – May, Centre for International Governance Innovation (CIGI) and Chatham House.

"International Legal Norms in Cyberspace: Evolution of China’s National Security Motivations", in Osula, Anna-Maria & Henry Rõigas (eds.), International Cyber Norms: Legal, Policy & Industry Perspectives, Tallinn: NATO CCD COE Publications, 171-201.

Promoting International Cyber Norms: A New Advocacy Forum - A Report from the EastWest Institute Breakthrough Group on Promoting Measures of Restraint in Cyber Armaments, New York: The EastWest Institute.

"Conceptualizing cyber crises", Journal of Contingencies and Crisis Management.

"Risk vs. threat-based cybersecurity: the case of the EU", European Security 23 (1): 85-103.

“Understanding the European Union’s Perception of the Threat of Cyberterrorism: A Discursive Analysis", Journal of Common Market Studies.

"The Bumpy Road to a Meaningful International Law of Cyber Attribution", AJIL Unbound, 113: 191-196.

"Due Diligence: a Strategic Norm of Responsible Behaviour for the EU Cyber Diplomacy Toolbox?", Inaugural meeting of the European Cyber Diplomacy Dialogue, EU Cyber Direct, January 2019.

"Power and diplomacy in the post-liberal cyberspace", International Affairs, 96 (3): 749-766.

"Norm Origin and Development in Cyberspace: Models of Cybernorm Evolution", Washington University Law Quarterly, 78 (1): 59-111.

"Transparency and Confidence-Building Measures in Cyberspace: Towards Norms of Behaviour", in Vignard, Kerstin, Ross McCrae & Jason Powers (eds.), Disarmament Forum: Confronting Cyberconflict, Geneva: UNIDIR, 2011 (4): 31-40.

"Prepare and Prevent: Don’t Repair and Repent: The Role of Insurance in Offensive Cyber", The Cyber Defense Review 7 (3): 17-29.

"Limiting the undesired impact of cyber weapons: technical requirements and policy implications", Journal of Cybersecurity, 3 (1): 59-68.

"From Consumers to Users: Shifting the Deeper Structures of Regulation Toward Sustainable Commons and User Access", Federal Communications Law Journal, 52 (3): 561-579.

"The Spontaneous Evolution of Cyber Law: Norms, Property Rights, Contracting, Dispute Resolution and Enforcement without the State", Journal of Law, Economics & Policy, 1 (2): 269-348.

"Classification of Cyber Capabilities and Operations as Weapons, Means or Methods of Warfare", International Law Studies, 95: 179-225.

"The Demilitarisation of Cyber Conflict", Survival, 60 (6): 73-90.

International Law As We Know It: Cyberwar Discourse and the Construction of Knowledge in International Legal Scholarship, Cambridge University Press.

"Cyber Operations as Imperfect Tools of Escalation", Strategic Studies Quarterly, 13 (3): 122-145.

"UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security", International Affairs: A Russian Journal of World Politics, Diplomacy, and International Relations, 62 (5).

"What's in a Name? Metaphors and Cybersecurity", International Organization, 1-32.

"Entanglement in Cyberspace: Minding the Deterrence Gap", Democracy and Security, 16 (3): 210-233.

"Private active cyber defense and (international) cyber security - pushing the line?", Journal of Cybersecurity, 7 (1).

"The (im)possibilities of addressing election interference and the public core of the internet in the UN GGE and OEWG: a mid-process assessment", Journal of Cyber Policy.

The Public Core of the Internet, An International Agenda for Internet Governance, Amsterdam: Amsterdam University Press.

Three tales of attribution in cyberspace: Criminal law, international law and policy debates, The Hague Program for Cyber Norms Policy Brief, April 2020.

"Revisiting past cyber operations in light of new cyber norms and interpretations of international law: inching towards lines in the sand?", Journal of Cyber Policy.

A coalition of the unwilling? Chinese and Russian perspectives on cyberspace, The Hague Program for Cyber Norms Policy Brief, November 2019.

Foreign intelligence in the digital age. Navigating a state of 'unpeace', The Hague Program for Cyber Norms Policy Brief, September 2019.

"The Customary International Law of Cyberspace", Strategic Studies Quarterly, 6 (3): 126-145.

"Taking Care of Business: Industrial Espionage and International Law", The Brown Journal of World Affairs, 26 (1): 143-160.

The New Fire: War, Peace, and Democracy in the Age of AI, The MIT Press.

"Preparing the Cyber Battlefield: Assessing a Novel Escalation Risk in a Sino-American Crisis", Texas National Security Review, 3 (4): 54-81.

"Cyber Security Norms in the Euro-Atlantic Region: NATO and the EU as Norm Entrepreneurs and Norm Diffusers", in Gruszczak, Artur & Pawel Frankowski (eds.), Technology, Ethics and the Protocols of Modern War, London: Routledge.

"The Future of Cyber Conflict Studies: Cyber Subcultures and the Road to Interdisciplinarity", The Cyber Defense Review 7 (3): 103-115.

“Bridging the gap between cyberwar and cyberpeace”, International Affairs, 97 (6): 1727-1747.

"Multilateral Approaches for Improving Global Security in Cyberspace", Georgetown Journal of International Affairs, 5-14.

"Trends in International Law for Cyberspace", NATO Cooperative Cyber Defense Centre of Excellence (CCDCOE), May 2019.

"Transnational governance of cybersecurity: policy challenges and global inequalities in cyber capacity building", Third World Quarterly.

A Universal Internet in a Bordered World: Research on Fragmentation, Openness and Interoperability (Research Volume One), Global Commission on Internet Governance, Centre for International Governance Innovation (CIGI) and Chatham House.

"Technological Integrity and the Role of Industry in Emerging Cyber Norms", in Osula, Anna-Maria & Henry Rõigas (eds.), International Cyber Norms: Legal, Policy & Industry Perspectives, Tallinn: NATO CCD COE Publications, 203-220.

From Articulation to Implementation: Enabling Progress on Cybersecurity Norms, Microsoft Corporation.

"Contesting Western and Non-Western Approaches to Global Cyber Governance beyond Westlessness." The International Spectator 57 (3): 1-14.

"The contested meanings of cybersecurity: evidence from post-conflict Colombia." Conflict, Security & Development 21 (1): 1-19.

"A Primer on Globally Harmonizing Internet Jurisdiction and Regulations", Global Commission on Internet Governance, Paper Series: No. 10 – March, Centre for International Governance Innovation (CIGI) and Chatham House.

"Co-Evolution of Cyberspace and International Relations: New Challenges for the Social Sciences", Prepared for World Social Science Forum (WSSF) 2013 Montreal, Canada, Cambridge, MA: MIT.

"International Law for Cyber Operations: Networks, Complexity, Transparency". (Available at SSRN: https://dx.doi.org/10.2139/ssrn.3331263).

Cybersecurity in the European Union: Resilience and Adaptability in Governance Policy, Palgrave Macmillan.

"The Collective Securitisation of Cyberspace in the European Union", West European Politics, 42 (2): 278-301.

"The Challenges of Cybercrime in the European Union", European Politics and Society, 19 (3): 355-375.

"Reshaping the internet - the impact of the securitisation of internet infrastructure on approaches to internet governance: the case of Russia and the EU", Journal of Cyber Policy.

Securing Cyberspace Through International Norms: Recommendations for Policymakers and the Private Sector, Washington D.C: Good Harbor Security Risk Management, LLC.

"Beyond Norms: Using International Economic Tools to Deter Malicious State-Sponsored Cyber Activities", Temple International & Comparative Law Journal, 32 (2): 113-125. (Available at SSRN: https://ssrn.com/abstract=3395176).

"Cyber Security Assemblages: A Framework for Understanding the Dynamic and Contested Nature of Security Provision", Politics and Governance, 6 (2): 13-21.

"The Use of Force and Cyber Countermeasures", Temple International & Comparative Law Journal, 32 (2): 127-133. (Available at SSRN: https://ssrn.com/abstract=3190253).

"Small States and Big Ideas: Estonia’s Battle for Cybersecurity Norms", Contemporary Security Policy, 36 (2): 346-368.

"Israel: Cyber Warfare and Security as National Trademarks of International Legitimacy", in Romaniuk, Scott N. & Mary Manjikian (eds.), The Routledge Companion to Global Cyber-Security Strategy, Basingstoke: Palgrave Macmillan. (Available at SSRN: https://ssrn.com/abstract=3698972).

"Deterritorializing Cyber Security and Warfare in Palestine: Hackers, Sovereignty, and the National Cyberspace as Normative", CyberOrient, 13 (1): 28-42.

"Palestine: Whose Cyber Security without Cyber Sovereignty?", in Romaniuk, Scott N. & Mary Manjikian (eds.), The Routledge Companion to Global Cyber-Security Strategy, Basingstoke: Palgrave Macmillan. (Available at SSRN: https://ssrn.com/abstract=3700850).

"From Simulations to Simulacra of War: Game Scenarios in Cyberwar Exercises", Journal of War & Culture Studies, 11 (1): 22-37.

"Strategic Substitution: China’s Search for Coercive Leverage in the Information Age", International Security 47 (1): 46-92.

Stateless Attribution: Toward International Accountability in Cyberspace. Research Reports. Santa Monica, CA: RAND Corporation.

"Beyond the United Nations Group of Governmental Experts", The Cyber Defense Review: 161-168.

Cyber Operations and International Law, Cambridge University Press, Vol. 146.

"Covid-19 and the Cyber Pandemic: A Plea for International Law and the Rule of Sovereignty in Cyberspace", in: Jančárková, T., Lindström, L., Visky, G. & Zotz, P. (eds.), 2021 13th International Conference on Cyber Conflict: Going Viral, Tallinn: NATO CCD COE Publications.

"Exploit Brokers and Offensive Cyber Operations", The Cyber Defense Review 7 (3): 31-47.

The Cyber Defense Review: Special Edition - Unlearned Lessons from the First Cybered Conflict Decade, 2010-2020, 7 (1).

"On the strategic consequences of digital espionage", Journal of Cyber Policy.

"The 2019 Venezuelan Blackout and the consequences of cyber uncertainty." Revista Brasileira De Estudos De Defesa 7 (2).

"Cyberspace is used, first and foremost, to wage wars: proliferation, security and stability in cyberspace", Journal of Cyber Policy, 6 (1).

"Mapping the spread of Russian and Chinese contents on the French-speaking African web", Journal of Cyber Policy, 6 (1).

"Cyber security meets security politics: Complex technology, fragmented politics, and networked science", Contemporary Security Policy, 41 (1): 5-32.

"Regulatory cybersecurity governance in the making: the formation of ENISA and its struggle for epistemic authority." Journal of European Public Policy.

Cyber Security Politics: Socio-Technical Transformations and Political Fragmentation, Routledge.

"Introduction: An Offensive Future?", The Cyber Defense Review 7 (3): 9-13.

"Dangerous Gaming: Cyber-Attacks, Air-Strikes and Twitter", E-International Relations, 23 September 2019.

"Cyberspace and the Law of the Horse", University of Chicago Legal Forum, Vol. 1996, Article 7.

"International Cybersecurity Norm Development: The Roles of States Post-2017", Research in Focus, EU Cyber Direct.

"Public attribution of cyber intrusions", Journal of Cybersecurity, 6 (1).

"Contested public attributions of cyber incidents and the role of academia", Contemporary Security Policy.

Semi-State Actors in Cybersecurity, Oxford University Press.

"Offensive Cyber Capabilities and State Violence: Three Logics of Integration", Journal of Global Security Studies, 7 (1).

"Publicly attributing cyber attacks: a framework", Journal of Strategic Studies.

"Attribution and Knowledge Creation Assemblages in Cybersecurity Politics", Journal of Cybersecurity, 7 (1).

"Not Illegal: The SolarWinds Incident and International Law", European Journal of International Law.

"The Law & Politics of Cyberattack Attribution", UCLA Law Review, 67.

"The Cyber-Law of Nations", The Georgetown Law Journal, 103 (2): 317-380.

"The Governance of Turkey’s Cyberspace: Between Cyber Security and Information Security", International Journal of Public Administration.

"Weighing the Case For a Convention to Limit Cyberwarfare", Arms Control Today, 39 (9): 21-27.

"Beyond ‘Quasi-Norms’: The Challenges and Potential of Engaging with Norms in Cyberspace", in Osula, A.-M. & Rõigas, H. (eds.), International Cyber Norms: Legal, Policy & Industry Perspectives, Tallinn: NATO CCD COE Publications, 87-109.

"The state of Microsoft? The role of corporations in international norm creation", Journal of Cyber Policy, 4 (3): 380-403.

"Promoting Norms for Cyberspace", Cyber Brief, NY: Council on Foreign Relations.

"Cybersecurity and the Concept of Norms", Carnegie Endowment for International Peace, 30 November 2017.

"Cultivating International Cyber Norms", in Lord, K.M. & Sharp, T (eds.), America’s Cyber Future: Security and Prosperity in the Information Age, Washington D.C.: Center for a New American Security, 87-102.

"Beyond Naming and Shaming: Accusations and International Law in Cybersecurity". Temple University Legal Studies Research Paper No. 2019-14. (Available at SSRN: https://dx.doi.org/10.2139/ssrn.3347958).

"Constructing Norms for Global Cybersecurity", American Journal of International Law, 110 (3): 425-479.

“Emerging illiberal norms: Russia and China as promoters of internet content control”, International Affairs, 97 (6): 1925-1944.

"What Great Powers Make It. International Order and the Logic of Cooperation in Cyberspace", Strategic Studies Quarterly, 7 (1): 93-113.

"Structural Causes and Cyber Effects: Why International Order is Inevitable in Cyberspace", Strategic Studies Quarterly, 8 (4): 112-128.

“The non-anthropocentric informational agents: Codes, software, and the logic of emergence in cybersecurity”, Review of International Studies, 1-20.

"The strategic surprise of Russian information operations on social media in 2016 in the United States: mapping a blind spot", Journal of Cyber Policy, 6 (1).

"An Attractive Alternative? China’s Approach to Cyber Governance and Its Implications for the Western Model." The International Spectator 57 (3): 15-30.

"Appropriate Norms of State Behavior in Cyberspace: Governance in China and Opportunities for US Businesses", Hoover Working Group on National Security, Technology, and Law, Aegis Series Paper No. 1706, 28 July 2017.

"Norms, Confidence and Capacity Building: Putting the UN Recommendations on Information and Communication Technologies in the Context of International Security Into OSCE-Action", European Cybersecurity Journal, 2 (1).

"The unexpected norm-setters: Intelligence agencies in cyberspace", Contemporary Security Policy.

"We Need a Cyberspace Treaty: Regional and bilateral agreements are not enough", Intermedia, 38 (3): 4-5.

"Why China Has Not Caught Up Yet: Military-Technological Superiority and the Limits of Imitation, Reverse Engineering, and Cyber Espionage", International Security, 43 (3): 141-189.

"Intelligence in the Cyber Era: Evolution or Revolution?", Political Science Quarterly, 135 (2): 191-224.

"The Dark Future of International Cybersecurity Regulation", Journal of National Security Law & Policy, 6 (2): 563-570.

"Prediction and Judgment: Why Artificial Intelligence Increases the Importance of Humans in War", International Security, 46 (3): 7-50.

"From Reaction to Action: Adopting a Competitive Posture in Cyber Diplomacy", Texas National Security Review, special issue on Cyber Competition.

"Responsibility for the Harm and Risk of Software Security Flaws", in Dark, M.J. (ed.), Information Assurance and Security Ethics in Complex Systems: Interdisciplinary Perspectives, Hershey PA: IGI Global, 104-131.

"Cybersecurity Treaties: A Skeptical View", in Berkowitz, P. (ed.), Future Challenges in National Security and Law, Hoover Institution Press.

Cyber-Security: The Vexed Question of Global Rules, Security & Defence Agenda.

Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers. Doubleday.

"The End of Cyber Norms", Survival, 59 (6): 109-122.

"Deciphering Cyber Operations", The Cyber Defense Review, 5 (1): 135-152.

Getting beyond Norms: New Approaches to International Cyber Security Challenges, Centre for International Governance Innovation.

"Great power narratives on the challenges of cyber norm building." Policy Design and Practice.

"Cyber campaigns and strategic outcomes", Journal of Strategic Studies.

"Manipulating uncertainty: cybersecurity politics in Egypt", Journal of Cybersecurity, 7 (1).

"The implications of persistent (and permanent) engagement in cyberspace", Journal of Cybersecurity, 5 (1).

"Applying International Environmental Legal Norms to Cyber Statecraft", I/S: A Journal of Law and Policy for the Information Society, 8 (2): 356- 387.

"International Law and International Information Security: A Response to Krutskikh and Streltsov", Tallinn Paper No. 9, Tallinn: NATO CCD COE Publications.

"Countering foreign interference: election integrity lessons for liberal democracies", Journal of Cyber Policy, 5 (2): 180-198.

"Standardising the splinternet: how China's technical standards could fragment the internet", Journal of Cyber Policy, 5(2): 1-26.

"The Failure of the Rule of Law in Cyberspace?: Reorienting the Normative Debate on Borders and Territorial Sovereignty", The John Marshall Journal of Information Technology & Privacy Law, 24 (1): 1-34.

"China and the US Strategic Construction of Cybernorms: The Process is the Product", Hoover Working Group on National Security, Technology, and Law, Aegis Paper Series No. 1704, 7 July 2017.

"Information Operations under International Law." Vanderbilt Journal of Transnational Law 55 / Temple University Legal Studies Research Paper No. 2022-16.

"The Necessity and Pitfall of Cybersecurity Capacity Building for Norm Development in Cyberspace", Global Society.

"Conceptual Ambiguity of International Norms on State Behaviour in Cyberspace", Research in Focus, EU Cyber Direct.

"Towards a Global Regime for Cyber Warfare", in Czosseck, C. & Geers, K. (eds.), The Virtual Battlefield: Perspectives on Cyber Warfare, Conference proceedings - Cooperative Cyber Defense Centre of Excellence (CCD CoE) Conference on Cyber Warfare (June 2009, Tallinn, Estonia).

"A Treaty for Cyberspace", International Affairs, 86 (2): 523-541.

"Interrogating the Cybersecurity Development Agenda: A Critical Reflection." The International Spectator 57 (3): 66-84.

"Beyond the Great Powers: Challenges for Understanding Cyber Operations in Latin America." Global Security Review 2: article 7.

"Unpacking Cyber Norms: Private Companies as Norm Entrepreneurs", Journal of Cyber Policy, 3 (1): 61-76.

A Call to Cyber Norms: Discussions at the Harvard-MIT-University of Toronto Cyber Norms Workshops, 2011 and 2012, Belfer Center for Science and International Affairs, Kennedy School of Government, Harvard University.

"A New Normal? The Cultivation of Global Norms as Part of a Cybersecurity Strategy", in Yannakogeorgos, P.A. & Lowther, A.B. (eds.), Conflict and Cooperation In Cyberspace, The Challenge to National Security, Taylor & Francis.

"The Play of States: Norms and Security in Cyberspace", American Foreign Policy Interests: The Journal of the National Committee on American Foreign Policy, 36 (5): 322-331.

"Depleted Trust in the Cyber Commons", Strategic Studies Quarterly, 6 (3): 20-45.

An Augmented Summary of The Harvard, MIT and University of Toronto Cyber Norms Workshop.

The IT Industry’s Cybersecurity Principles for Industry and Government.

"Shining a Light on Cyber: An Interview with John C. 'Chris' Inglis", Strategic Studies Quarterly, 14 (3): 3-11.

Report on A Framework for International Cyber Stability.

The Quest for Cyber Confidence.

"Responding to cyberattacks: Prospects for the EU Cyber Diplomacy Toolbox", Europe in the World Programme Discussion Paper, European Policy Centre.

"Law and Borders – the Rise of Law in Cyberspace", First Monday, 1 (1).

"United Nations Group of Governmental Experts: The Estonian Perspective", in Osula, A.-M. & Rõigas, H. (eds.), International Cyber Norms: Legal, Policy & Industry Perspectives, Tallinn: NATO CCD COE Publications, 111-127.

"Restraint under conditions of uncertainty: Why the United States tolerates cyberattacks", Journal of Cybersecurity, 7 (1).

“China’s quest for quantum advantage—Strategic and defense innovation at a new frontier”, Journal of Strategic Studies, 44 (3): 922-952.

"Sovereign Discourse on Cyber Conflict Under International Law", Texas Law Review, 88 (7): 1571-1598.

"Three Conditions for Cyber Countermeasures: Opportunities and Challenges of Active-Defense Operations", The Cyber Defense Review 7 (3): 79-89.

"Cyber Dialogue 2012 Briefs: Whither “Rules of the Road” for Cyberspace?", CyberDialogue 2012: What is Stewardship in Cyberspace.

"In Defense of Pure Sovereignty in Cyberspace", International Law Studies, 97 (1): 1432-1499.

"Cyber legalism: why it fails and what to do about it", Journal of Cybersecurity, 7 (1).

Striking Back: The End of Peace in Cyberspace – And How to Restore It, Yale University Press.

"Patterns of Behavior: States In, Through, and About Cyberspace", Cyber Policy Institute.

"Privatized Cybersecurity Law", UC Irvine Law Review, 10 (4).

"Roles and Limitations of Middle Powers in Shaping Global Cyber Governance." The International Spectator 57 (3): 31-47.

"Mixed Signals: A Flawed Approach to Cyber Deterrence", Survival, 62 (1): 107-130.

"Cybersecurity and Cyberpower: Concepts, Conditions and Capabilities for Cooperation for Action Within the EU", Directorate-General for External Policies of the Union, Directorate B, Policy Department, European Parliament.

"Cyber Peace and Cyber Stability: Taking the Norm Road to Stability", IEEE Internet Computing, 23 (4): 61-66.

"Military Aspects of Ensuring International Information Security in the Context of Elaborating Universally Acknowledged Principles of International Law", in Vignard, K. (ed.), Disarmament Forum: ICTs and International Security, Geneva: UNIDIR, 2007 (3): 35-44.

"The Quest for Cyber Norms", Bulletin of the Atomic Scientists, 72 (5): 348-350.

"The Microfoundations of State Cybersecurity: Cyber Risk Perceptions and the Mass Public", Journal of Global Security Studies, 6 (2).

Achieving International Cyber Stability, Washington D.C.: The Atlantic Council.

"International Law and the Problem of International Information Security", International Affairs: A Russian Journal of World Politics, Diplomacy, and International Relations, 60 (6), 64-76.

"[On Legal and Political Foundations of Global Information Security]" (in Russian), Mezhdunarodniye Protsessy, 1 (5), 28–37.

“Cyber norms: technical extensions and technological challenges”, Journal of Cyber Policy, 6 (3).

"The politics of cyber norms: Beyond norm construction towards strategic narrative contestation", Research in Focus, EU Cyber Direct.‍

Unilateral Remedies to Cyber Operations: Self-Defence, Countermeasures, Necessity, and the Question of Attribution, Cambridge University Press.

"State Behaviour in Cyberspace: Normative Development and Points of Contention." Zeitschrift für Außen- und Sicherheitspolitik.

"Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic", Computers & Security, 105 (June).

"The Territorialization of Cyberspace", International Studies Review, 22 (3): 482-506.

"Changing the code? Norm contestation and US antipreneurism in cyberspace", International Relations, 32 (2): 149-172.

"Between Two Stools: Military and Intelligence Organizations in the Conduct of Offensive Cyber Operations", The Cyber Defense Review 7 (3): 67-77.

"Cheerleading in Cyberspace: How the American Public Judges Attribution Claims for Cyberattacks", Foreign Policy Analysis, 18 (2).

"Cracking Attribution: Moving International Norms Forward". (Available at SSRN: https://dx.doi.org/10.2139/ssrn.3300202).

New War Technologies and International Law: The Legal Limits to Weaponising Nanomaterials, Cambridge University Press.

"Why cybersecurity insurance should be regulated and compulsory", Journal of Cyber Policy.

"Back to the Roots: The Laws of Neutrality and the Future of Due Diligence in Cyberspace." European Journal of International Law 33 (3): 789-819.

"The Law of the Horse: What Cyberlaw Might Teach", Harvard Law Review, 113 (501).

Code, Version 2.0, Cambridge, MA: Basic Books.

"Multilateral Agreements to Constrain Cyberconflict", Arms Control Today, 40 (5): 14-19.

"Confidence-Building and International Agreement in Cybersecurity", in Vignard, K., McCrae, R. & Powers, J. (eds.), Disarmament Forum: Confronting Cyberconflict, Geneva: UNIDIR, 2011 (4): 51-60.

"Liberty, Equality, Connectivity: Transatlantic Cybersecurity Norms", Washington D.C: Center for Strategic & International Studies.

"The Coming of Cyber Espionage Norms", in: Rõigas, H., Jakschis, R., Lindström, L. & Minárik, T. (eds.), 2017 9th International Conference on Cyber Conflict: Defending the Core, Tallinn: NATO CCD COE Publications.

"Norms and Normalization", The Cyber Defense Review, 5 (1): 41-54.

"Expectations of Cyber Deterrence", Strategic Studies Quarterly, 12 (4): 44-57.

"Cyber conflict short of war: a European strategic vacuum", European Security.

Russian Information Warfare: Assault on Democracies in the Cyber Wild West, Naval Institute Press.

"Attribution of malicious cyber incidents: From soup to nuts", Journal of International Affairs, 70 (1): 75-137.

"The existential threat from cyber-enabled information warfare", Bulletin of the Atomic Scientists, 75 (4): 187-196.

"Cyber conflict vs. Cyber Command: hidden dangers in the American military solution to a large-scale intelligence problem", Intelligence and National Security: 1-19.

Information Technology and Military Power, Cornell University Press.

"A Better Defense: Examining the United States' New Norms-Based Approach to Cyber Deterrence", Georgetown Journal of International Affairs, 75-88.

"Forging Stability in Cyberspace", Survival, 62 (2): 125-136.

"The Liberty to Spy", Harvard International Law Journal, 61 (1): 185.

"Cybersecurity and Cyber Warfare: The Ethical Paradox of 'Universal Diffidence'", in Christen, M., Gordijn, B. & Loi, M. (eds.). The Ethics of Cybersecurity, The International Library of Ethics, Law and Technology, 21, Springer: 245-258.

"Russian Approaches to Regulating Use of Force in Cyberspace." Baltic Yearbook of International Law Online 20 (1): 109-132.

"The Subversive Trilemma: Why Cyber Operations Fall Short of Expectations", International Security, 46 (2).

"Subversion, Cyber Operations, and Reverse Structural Power in World Politics", European Journal of International Relations.

"Subversion, cyber operations, and reverse structural power in world politics." European Journal of International Relations 29 (1): 79-103.

"A tale of two cybers-how threat reporting by cybersecurity firms systematically underrepresents threats to civil society", Journal of Information Technology & Politics: 1-20.

"A Dose of Realism: The Contestation and Politics of Cyber Norms", Hague Journal on the Rule of Law, 1-23.

"Cyber Norm Emergence at the United Nations, An Analysis of the UN‘s Activities Regarding Cyber-security", Discussion Paper 2011-11, Cambridge, Mass.: Belfer Center for Science and International Affairs, Harvard Kennedy School.

"The New Norms: Global Cyber-Security Protocols Face Challenges", IHS Jane’s Intelligence Review, March: 52-53.

"Toward a Global Norm Against Manipulating the Integrity of Financial Data", Carnegie Endowment for International Peace, 27 March 2017.

"Why International Order in Cyberspace is Not Inevitable", Strategic Studies Quarterly, 9 (2): 78-98.

The Evolution of Cyber War: International Norms for Emerging-Technology Weapons. Lincoln, NE: University of Nebraska Press.

"From Cyber Norms to Cyber Rules: Re-engaging States as Law-makers", Leiden Journal of International Law, 30 (4): 877-899.

"Is the International Law of Cyber Security in Crisis?", in Pissanidis, N., Rõigas, H. & Veenendaal, M. (eds.), 2016 8th International Conference on Cyber Conflict: Cyber Power, Tallinn: NATO CCD COE Publications, 127-139.

"Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law", Israel Law Review, 48 (1): 55-80.

“Unblurring the lines: military cyber operations and international law”, Journal of Cyber Policy, 6 (3).

International Cybersecurity Norms: Reducing conflict in an Internet-dependent world, Microsoft Corporation.

"Cyberwarfare and International Law", UNIDIR Resources, Ideas for Peace and Security.

"Norms of Responsible State Behaviour in Cyberspace", in Christen, M., Gordijn, B. & Loi, M., The Ethics of Cybersecurity, Springer.

"Between Israel and Iran: Middle-East Attitudes to the Role of International Law in the Cyber-Sphere." Baltic Yearbook of International Law Online 20 (1): 209-235.

Offensive Cyber Operations: Understanding Intangible Warfare. London: Hurst & Company.

"The EU Cyber Diplomacy Toolbox: towards a cyber sanctions regime?", European Union Institute for Security Studies (EUISS) Brief, July 2017.

"The vital role of international law in the framework for responsible state behaviour in cyberspace", Journal of Cyber Policy.

The Application of International Law to State Cyberattacks: Sovereignty and Non-Intervention. Chatham House.

"The Laws of War and Cyberspace: On the Need for a Treaty Concerning Cyber Conflict", Strategic Update 14.2, London: London School of Economics and Political Science.

"Cyber Attribution: Can a New Institution Achieve Transnational Credibility?", The Cyber Defense Review, 4 (1): 107-122.

"The Need for an International Convention on Cyberspace", Horizons: Journal of International Relations and Sustainable Development, 16: 198-209.

The Regulation of Cyberspace: Control in the Online Environment, New York: Routledge.

"Making Digital Territory: Cybersecurity, Techno-nationalism, and the Moral Boundaries of the State", Science, Technology, & Human Values, 46 (1): 112-138.

"Democracies and the Future of Offensive (Cyber-Enabled) Information Operations", The Cyber Defense Review 7 (3): 49-65.

"Coding protection: 'cyber humanitarian interventions' for preventing mass atrocities." International Affairs 99 (1): 299-319.

"From Bombs to Bytes: Can Our Nuclear History Inform Our Cyber Future?", Bulletin of the Atomic Scientists, 69 (5): 8-14.

Normative Restraints on Cyber Conflict, Cambridge, Mass.: Belfer Center for Science and International Affairs, Harvard Kennedy School.

"The Regime Complex for Managing Global Cyber Activities. The Centre for International Governance", Global Commission on Internet Governance, Paper Series: No. 1 – May, Centre for International Governance Innovation (CIGI) and Chatham House.

"Sending a message: the primacy of action as communication in cyber-security", in Dutton, W.H. (ed.), A Research Agenda for Digital Politics, Elgar Research Agendas: 146-158.

Election Interference: International Law and the Future of Democracy. Cambridge University Press.

Cybersecurity: Law and Regulation, Wolf Legal Publishers.

"Conflict in Cyberspace: How International Legal Norms Can Reduce Military Escalation in Cyberspace", Fletcher Security Review, 3 (1): 67-76.

"Confidence-Building Measures in Cyberspace: Current Debates and Trends", in Osula, A.-M. & Rõigas, H. (eds.), International Cyber Norms: Legal, Policy & Industry Perspectives, Tallinn: NATO CCD COE Publications, 129-153.

"The EU’s Role in Shaping the Cyber Regime Complex", European Foreign Affairs Review, 24 (2): 167–186.

"Erice Declaration on Principles for Cyber Stability and Cyber Peace", International Seminar on Nuclear War and Planetary Emergencies: 42nd Session, Erice, Italy, 19-24 August, 110-111.

Customary Law of the Internet. In the Search for a Supranational Cyberspace Law, The Hague: TMC Asser Press.

"Towards a Supranational Internet Law", Journal of International Commercial Law and Technology, 1 (1): 1-9.

"Of Black Holes and Decentralized Law-Making in Cyberspace", Vanderbilt Journal of Entertainment Law & Practice, 2 (1): 70-79.

"The governance of 5G infrastructure: between path dependency and risk-based approaches", Journal of Cybersecurity, 7 (1).

"Working Towards Rules for Governing Cyber Conflict. Rendering the Geneva and Hague Conventions in Cyberspace", EastWest Institute.

"Applying Old Rules to New Cases: International Law in the Cyber Domain", Paper presented to the International Studies Association, Atlanta GA, 16-19 March 2016.

"Here We Go Again: A Comparative Approach to Developing an International Cyberspace Governance Framework".

Application of International Law to Cyber Operations: A Comparative Analysis of States' Views, The Hague Program for Cyber Norms Policy Brief, March 2020.

"Private-Sector Attribution of Cyber Incidents: Benefits and Risks to the U.S. Government", International Journal of Intelligence and CounterIntelligence: 1-31.

"A Taxonomy of Norms in Cyberconflict for Government Policymakers", Journal of Information Warfare, 17 (1): 31-48.

"Cyberspace and the “Devil’s Hatband”", Seattle University Law Review, 24 (2): 577-598.

"Cybersecurity Regulation: Using Analogies to Develop Frameworks for Regulation", in Tikk, E. & Talihärm, A-M. (eds.), International Cyber Security Legal & Policy Proceedings 2010, Tallinn: NATO CCD COE, 76-99.

"Democracy Under The Influence: Paradigms of State Responsibility for Cyber Influence Operations on Elections", Chinese Journal of International Law, 18 (1): 1–56.

Four Battlegrounds: Power in the Age of Artificial Intelligence. W.W. Norton.

A Global Protocol on Cybersecurity and Cybercrime, Cybercrimelaw.net.

A Global Treaty on Cybersecurity and Cybercrime, Cybercrimelaw.net.

""Virtual" Disenfranchisement: Cyber Election Meddling in the Grey Zones of International Law", Chicago Journal of International Law, 19 (1): 30-67.

"Grey Zones in the International Law of Cyberspace", The Yale Journal of International Law Online, 42 (2): 1-21.

"Peacetime Cyber Responses and Wartime Cyber Operations Under International Law: An Analytical Vade Mecum", Harvard National Security Journal, 8: 239-282.

"Wired Warfare 3.0: Protecting the Civilian Population During Cyber Operations", International Review of the Red Cross: 1-23.

"Autonomous Cyber Capabilities and the International Law of Sovereignty and Intervention", International Law Studies, 96: 549-576.

"The Nature of International Law Cyber Norms", Tallinn Paper No. 5, Special Expanded Issue, Tallinn: NATO CCD COE Publications.

"Sovereignty in Cyberspace: Lex Lata Vel Non?", AJIL Unbound, 111: 213-218.

"Respect for Sovereignty in Cyberspace", Texas Law Review, 95: 1639-1670.

Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, Cambridge: Cambridge University Press.

Tallinn Manual on the International Law Applicable to Cyber Warfare, Cambridge: Cambridge University Press.

International Cyber Norms: Reflections on the Path Ahead, Ministerie van Defensie.

"Inside the Drive for Cyber Peace: Unpacking Implications for Practitioners and Policymakers", UC Davis Business Law Journal, 21 (285).

Governing New Frontiers in the Information Age: Toward Cyber Peace, Cambridge University Press.

"Tragedy of the Digital Commons." North Carolina Law Review (forthcoming/available at SSRN).

Cybersecurity under the Ocean: Submarine Cables and US National Security. Hoover Institution, Aegis Series Paper No. 2301.

"Windmills of the Mind: Higher-Order Forms of Disinformation in International Politics", in: Jančárková, T., Lindström, L., Visky, G. & Zotz, P. (eds.), 2021 13th International Conference on Cyber Conflict: Going Viral, Tallinn: NATO CCD COE Publications.

The Politics of Cybersecurity in the Middle East, Hurst.

"Governance of International Trade and the Internet: Existing and Evolving Regulatory Systems", Global Commission on Internet Governance, Paper Series: No. 32 – May, Centre for International Governance Innovation (CIGI) and Chatham House.

"War, Health, & Ecosystem: Generative Metaphors in Cybersecurity Governance", Philosophy & Technology, forthcoming. (Pre-print available at SSRN: https://ssrn.com/abstract=3534579).

"US cyber strategy of persistent engagement & defend forward: implications for the alliance and intelligence collection", Intelligence and National Security, 35 (3): 444-453.

"There Are Too Many Red Lines in Cyberspace", Lawfare (20 March 2019).

"Cyber Arms Transfer: Meaning, Limits, and Implications", Security Studies, 31 (1): 65-91.

No Shortcuts: Why States Struggle to Develop a Military Cyber-Force. London: Hurst & Company.

"Cyber Security and International Agreements", Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy, National Academies Press, 179-206.

"Cybersecurity and cyber defence in the emerging democracies." Journal of Cyber Policy 5 (3): 392-412.

"The Layers Principle: Internet Architecture and the Law", Notre Dame Law Review, 79 (3): 815-948.

"Prospects for Global Restraints on Cyberattack", Arms Control Today, 41 (10): 21-26.

"A Cyberwar of Ideas? Deterrence and Norms in Cyberspace", Contemporary Security Policy, 33 (1): 148-170.

"United Kingdom: Pragmatism and adaptability in the cyber realm", in Romaniuk, S.N. & Manjikian, M., The Routledge Companion to Global Cyber-Security Strategy, Basingstoke: Palgrave MacMillan.

"International Information Security: Description and Legal Aspects", in Vignard, K. (ed.), Disarmament Forum: ICTs and International Security, Geneva: UNIDIR, 2007 (3): 5-14.

"Deterrence and Norms to Foster Stability in Cyberspace", Philosophy & Technology, 31: 323-329.

"Norms and Strategies for Stability in Cyberspace", in Burr, C. & Milano, S. (eds.). The 2019 Yearbook of the Digital Ethics Lab, Digital Ethics Lab Yearbook: Springer.

"Deterrence by Norms to Stop Interstate Cyber Attacks", Minds and Machines, 27(3): 387-392.

"Disrupt and restraint: The evolution of cyber conflict and the implications for collective security", Contemporary Security Policy, 40 (3): 368-381.

"Winning Future Wars: Russian Offensive Cyber and Its Vital Importance in Moscow’s Strategic Thinking", The Cyber Defense Review 7 (3): 117-135.

"Ten Rules for Cyber Security", Survival, 53 (3): 119-132.

"Developments in the Field of Information and Telecommunication in the Context of International Security: Work of the UN First Committee 1998-2012", Cyber Policy Process Brief, ICT4Peace Foundation.

"Legal Framework of Cyber Security", in Lehto, M. & Neittaanmäki, P. (eds.), Cyber Security: Analytics, Technology and Automation, Springer International Publishing.

"International Cyber Norms Dialogue as an Exercise of Normative Power", Georgetown Journal of International Affairs, 17 (3): 47-59.

Evolution of the Cyber Domain: The Implications for National and Global Security - Strategic Dossier, IISS-Routledge, "Chapter 5: The 2000s".

Self- and Co-regulation in Cybercrime, Cybersecurity and National Security, Springer.

"Non-State Actors, Ungoverned Spaces and International Responsibility for Cyber Acts", Journal of Conflict and Security Law, 21 (3): 455-474.

"The Failure of the Offense/Defense Balance in Cyber Security", The Cyber Defense Review 7 (3): 91-101.

"Fragmenting Cybersecurity Norms Through the Language(s) of Subalternity: India in 'the East' and the Global Community", Columbia Journal of Asian Law, 32 (2): 78-138. (Available at SSRN: https://ssrn.com/abstract=3392781).

"Key Concepts in Cyber Security: Towards a Common Policy and Technology Context for Cyber Security Norms", in Osula, A.-M. & Rõigas, H. (eds.), International Cyber Norms: Legal, Policy & Industry Perspectives, Tallinn: NATO CCD COE Publications, 221-242.

"Domestic Law Responses to Transnational Cyberattacks and Other Online Harms: Internet Dreams Turned to Internet Nightmares and Back Again", Notre Dame Journal of International & Comparative Law, 10 (1).

"Law of the Horse to Law of the Submarine: The Future State Behavior in Cyberspace", in Maybaum, M., Osula, A.-M., & Lindström, L. (eds.), 2015 7th International Conference on Cyber Conflict: Architectures in Cyberspace, Tallinn: NATO CCD COE  Publications, 93-104.

"Cyber Law Development and the United States Law of War Manual", in Osula, A.-M. & Rõigas, H. (eds.), International Cyber Norms: Legal, Policy & Industry Perspectives, Tallinn: NATO CCD COE Publications, 49-63.

"The rise of cybersecurity warriors?", Small Wars & Insurgencies 33 (1-2): 272-293.

"Dissecting the Digital World: A Review of the Construction and Constitution of Cyber Conflict Research", International Studies Review, 20 (3): 520-532.

"Assessing Cyber Power", Survival, 61 (1): 85-90.

"US cyber deterrence: Practising guiding theory", Journal of Strategic Studies, 43 (2): 245-280.

"Frameworks for International Cyber Security: The Cube, the Pyramid, and the Screen", in Tikk, E. & Talihärm, A-M. (eds.), International Cyber Security Legal & Policy Proceedings 2010, Tallinn: NATO CCD COE, 16-23.

Cyberinsurance Policy: Rethinking Risk in an Age of Ransomware, Computer Fraud, Data Breaches, and Cyberattacks, MIT Press.

"Insurance definitions of cyber war", The Geneva Papers on Risk and Insurance - Issues and Practice, 45: 639-656.

"Burned and Blinded: Escalation Risks of Intelligence Loss from Countercyber Operations in Crisis", International Journal of Intelligence and CounterIntelligence.

Spies, Lies, and Algorithms: The History and Future of American Intelligence, Princeton University Press.

"Chinese Approach to International Law with Regard to Cyberspace Governance and Cyber Operation: From the Perspective of the Five Principles of Peaceful Co-existence." Baltic Yearbook of International Law Online 20 (1): 187-208.

Confidence Building Measures for Cyberspace – Legal Implications, Tallinn: NATO CCD COE Publications.

Peacetime Regime for State Activities in Cyberspace, International Law, International Relations and Diplomacy, Tallinn: NATO CCD COE Publications.

The Future of the Internet and How to Stop It, New Haven: Yale University Press.