Abstract
Abstract
Understanding how cyber actors are labelled is important to effectively respond to cyber threats. It has beensuggested that cyber is becoming increasingly connected to national security concerns, a process called securitisation. Thisresearch sought to take a first step towards understanding if securitisation is occurring through examining the evolvingconceptualisation of cyber actors in the UK. The research reviewed cybercrime reporting from the UK Government and threeUK media websites between 2019-2023, taking a mixed methods approach using thematic analysis to group cyber actors,and content and statistical analysis to detect shifts in these categorisations. The research identified six primary categoriesused to conceptualise cyber actors: Attackers, Companies, Criminals, White Hats, Hacktivists, and Nation States. The researchidentified significant changes in multiple subcategories between 2019-2023, influenced by events such as COVID-19, the2021 Colonial Pipeline ransomware attack, and the changing geopolitical landscape. Notably, there was an increasedtendency to associate cyber actors with nation states, particularly evident following the Colonial Pipeline attack whichcorrelated with a shift towards linking cybercrime groups to states, and the 2023 TikTok ban on government devices whichsaw an increase in companies conceptualised as state influenced. The results also suggested the type of act does not alwaysdetermine the perception of cyber actors, instead geopolitics appears to have greater influence on conceptualisations. Theresearch additionally found that terms for cyber actors (such as Hackers) are often used loosely and interchangeably.Furthermore, the categories of actors formed a spectrum, especially blurring distinctions between state and criminals. Theresearch recommends organisations consider language around cyber actors more carefully. Further study is recommendedto understand if the results found are evidence of securitisation of cyber actors or a consequence of increased state cyberactivity.
Direct answer
What can I do from this paper page?
Use this page to scan "‘What’s in a Name?’: How Does the UK Government and Media Construct Cyber Actors?" quickly: start with the summary and abstract, then check the authors, source, topics, and related papers. From here, open Scollr to follow Cybersecurity and Cyber Warfare Studies research, save the paper, or map adjacent work.
Research areas
Follow related topics
Citation
BibTeX
@article{Brett2026What,
title = {‘What’s in a Name?’: How Does the UK Government and Media Construct Cyber Actors?},
author = {Alice Brett and Iain Reid},
journal = {European Conference on Cyber Warfare and Security},
year = {2026},
doi = {10.34190/eccws.25.1.4654},
url = {https://doi.org/10.34190/eccws.25.1.4654}
}
FAQ
Using this paper in a discovery workflow
How do I find related work for this paper?
Use the related papers and topic links on this page as starting points. In Scollr, you can also open the paper and build a literature map around its references, citing papers, and related work.
How can I keep up with new Cybersecurity and Cyber Warfare Studies research papers?
Follow Cybersecurity and Cyber Warfare Studies research in Scollr. New papers from the topic flow into a personalized feed, and you can save useful studies to revisit later.
Can I cite this paper from this page?
This page includes a static BibTeX block for ‘What’s in a Name?’: How Does the UK Government and Media Construct Cyber Actors?. Always verify the DOI, source, and publication details against the publisher record before submitting a manuscript.
Follow this research in Scollr
Follow the topics and authors behind this paper, save useful studies, and build a literature map when you are ready to go deeper.
Get the app