Towards a democratic model of cybersecurity

Drawing upon securitization theories and constructivist cybersecurity studies, this chapter analyzes the establishment of the Italian Agency for National Cybersecurity. The paper reconstructs, compares and assesses three different institutional designs as they emerged during a 5-year debate across three distinct cabinets, led, respectively, by Matteo Renzi, Giuseppe Conte and Mario Draghi. The aim is to clarify relationships between policy dis- courses and institution-building processes in the cybersecurity field. The first part of the paper briefly outlines the historical evolution of the cybersecurity policy discourse at the global level, stressing its main long-term trends. The second part analyzes the set of controversies emerged during the first two failed attempts by Renzi and Conte to estab- lish a governmental unit for cybersecurity. Then, findings highlight how a process of politicization of the issue occurred during those attempts, and this in turn counteracted and mitigated the securitizing forces at play in the Italian cybersecurity field, by triggering public debate about the mis- sion and the organization of the Agency. This debate was able to inform the subsequent actual institutionalization of the Agency by President Draghi, eventually leading to an institutional design that is somehow a countertrend case in Western cybersecurity policy. Conclusions stress the need for an open policy dialogue in order to keep securitization processes occurring in cyberspace within a constitutional democratic path.