01182nas a2200133   4500000000100000008004100001260001500042100001600057700002000073245010100093856017500194520066500369022001401034       2021                            d  c2021-01-241 aSean Atkins1 aChappell Lawson00aAn Improvised Patchwork: Success and Failure in Cybersecurity Policy for Critical Infrastructure  uhttps://onlinelibrary.wiley.com/doi/full/10.1111/puar.13322?casa_token=wTHZUd5IdvwAAAAA%3AAHjqZFyaGimFOJlGEhkUyNGffd8KBjXjJyjbIxcBLicOH-7Xg_FWPiToZk-iBxbJbaKmORr9AjtJs8JR3 aQualitative analysis based on in-depth interviews with over 40 policymakers and senior private sector managers, as well as public documents, reveals considerable variation in how well this approach has worked in practice. The main predictors of policy success appear to be (a) the nature of the cyber threat to firms’ operations and (b) regulatory pressure on firms. However, other factors—such as the nature of intra-industry competition—also affect how well the current regime works in specific sectors. Our findings have implications for public administration on civilian cybersecurity, as well as ramifications for regulation in other policy domains.  a0033-3352