Cybersecurity is daily news. Data leaks and hackers are common features in the media. We tend to look to the government when things go wrong: what is the government doing about it? In this special issue we also look to the government and ask ourselves whether we are ready for the challenges of cybersecurity. Asking this question is simple. Answering it, however, requires sophisticated knowledge. This includes knowledge about the technology of today and the future. It also includes knowledge about governance. Who should be prepared in the age of distributed responsibilities? Which public and private parties can enhance cybersecurity, including you and me? Finally, what is does ‘being prepared’ mean exactly? This special issue includes three academic articles, five interviews and a column. Cybersecurity is viewed from different academic perspectives and professional positions. In its entirety, this special issue provides state-of-the-art of academic and professional thinking on government cybersecurity.

Government cybersecurity requires action from many public and private actors. Both collective knowledge and collective priority are needed to ensure cybersecurity at a government level. This makes collective learning essential. There is a system of arrangements that includes all kinds of governmental organisations and private parties. How can learning be stimulated in this system? And what is the need for steering here? This article provides answers to these questions, based on the contributions in this special issue. We conclude that both central control and self-regulation are essential to cybersecurity, even if they are in conflict. We coin the term ‘complimentary self-regulation’. We also conclude that many arrangements have been developed or are under development, however, it is difficult to institutionalise the coherence between these initiatives. There is a long road ahead in terms of gaining a collective understanding. Cybersecurity and its organisation will probably not vanish from the administrative agenda any time soon.

This contribution contains a summary and a conclusion of the special issue ‘Innovation and government: a bad marriage or a fertile relation’. Innovation is said to be not the core quality of government. However, we found that government is actually good in innovation, albeit not in an obvious way. Government has a complex position when it comes to innovation. Sometimes innovation may be seen as a public value. However, innovation usually also involves conflict with other public values that civilians expect government to secure. This the innovation dilemma is that government ought to be both favour and innovation and fight its negative consequences to other public values. The four contributions show how governments deal with this dilemma. They first move along with the innovation and then redefine their positions by for instance developing new instruments, bundling private initiatives or framing private initiatives to large programmes.

Big data is a well-known phenomenon, even a buzzword nowadays. It refers to an abundance of data and new possibilities to process and use them. Big data is subject of many publications. Some pay attention to the many possibilities of big data, others warn us for their consequences. This special issue goes beyond the hype. It contains accessible contributions about opportunities and threats of big data. The authors have put special emphasize on big data institutions. Many publications about big data seem relatively poor on institutions, reflecting a more technocratic approach. In this first contribution we will introduce core concepts around big data. Additionally, we will specify the need to delve into institutions of big data.

In this final contribution we will summarize the main findings of this special issue. Moreover, we will think through the main consequences. The contributions all suggest major societal shifts. Organization of government is changing as a consequence of big data. They either reorganize or initiate new collaborations with businesses and knowledge institutions. What’s more, the processes of data generation, data processing and use are far from neutral. It requires more - at least other - technological knowledge and skills, which some possess and others not. New checks and balances are necessary, notably between data scientists and decision makers, between organizations that make big data their business and civilians, and maybe even between man and computer. Their relations might get reconfigured and those not familiar with the new big data methods will prove vulnerable. This final contribution contains an institutional research agenda that will meet these concerns.

In the sequence of creating, processing and use of data several actors are involved. They have different knowledge, skills, motives and interests. In this contribution big data is framed as a coordination effort in a chain. This perspective emphasizes the importance of transfers between actors. It emphasizes their difficulties too. Do actors mean the same? Do actors understand the same? Do actors want the same? To understand the value of data, the entire process from data creation to use need to be considered. This process may entirely take place within an organization. More often parts of the process are outside the organization. The challenge for governments that use big data for their decisions, is managing the quality of data and the chain that process them.

Risks taken by some organizations may have considerable impact on society. In this contribution the assessment and management of risk are perceived to take place in a multi-actor setting. Within an organization operators, risk managers, and top managers interact about risk assessments and risk mitigation strategies. Public regulators and inspectorates increasingly focus on risk management systems instead of the operational activities or organizational outputs. Are organizations systematically assessing their risks? This contribution identifies two contrasting perspectives on risk assessment and risk mitigation in literature: risk management and risk governance. An empirical study in three sectors reveals evidence of both perspectives in practice. Companies adopt hybrid approaches, which are essential for the quality of risk assessment and mitigation. Indeed, adopting just one perspective seems dangerous. We conclude that public regulators and inspectorates might provide incentives to focus on just one perspective and suggest two heuristics for public inspectorates that respect hybrid approaches of risk assessment and mitigation.

Public regulators and inspectorates are increasingly involved in self-regulatory initiatives. This contribution is about co-regulation, which are co-ordination efforts among public regulators and self-regulating institutions. In co-regulation arrangements typical regulation and oversight activities, such as standard setting, information gathering and sanctioning become subjects of co-ordination between public and private actors. Co-regulation arrangements are typically network efforts. At the same time ‘regulation’ has a hierarchical connotation. This paradox shows in interpretations of ‘governance’ and ‘the move from government to governance’, the latter being a popular phrase qualifying a change of the government’s role in society. Main question in this paper is what the changing role of government in society means for the assessment of co-regulation. Based on literature two implicit, but opposing interpretations of ‘governance’ and the change are described. This implicitness may cause unsound assessments of co-regulation, either too tough or too lenient. In this contribution the normative implications of both interpretations are made explicit for co-regulation. The argument is illustrated by the case of co-regulation in the Dutch coach travel industry.

Horizontal governance arrangements potentially conflict with the very principles of representative democracy and, likewise, with the existing political institutions. This conflict manifests itself in the interaction between representatives and the executive power: although the former have the formal power, the latter participates in horizontal networks and therefore has the resources that are necessary to form good policy. This erodes the power position of representatives. Frame work setting is commonly suggested as an arrangement for representatives to enhance their grip on policy processes in network-settings. The authors of this contribution examine the effects of frame setting as coupling mechanism between horizontal networks and vertical politics in six policy processes in a Dutch Province. Based on both theory and research findings they redefine the concept of framework setting in order to make it more attuned to the complex, interdependent and dynamic nature of policy-making in networks.