The Internet is not the only critical infrastructure that relies on the participation of unorganized and technically inexpert end users. Transportation, health, waste management, and disaster preparedness are other areas where cooperation between unorganized citizens who lack experience with the domain has increased resiliency, reduced social costs, and helped meet shared goals. Theories of community-based production and management of the commons explain this type of cooperation, both offline and online. This essay examines these two complementary approaches to organizing the cybercitizen for cybersecurity. Cybersecurity discourse has reasonably focused on centralized parties and network operators. From domain name registrars to network service providers, solutions are sought through incentives, regulation, and even law enforcement. However great the ability of these centralized entities to implement change, the end user plays a crucial role. The Internet must remain open to enable innovation and diffusion of innovation; thus, the end user will continue to be important. What is the role of the citizen in cybersecurity? What socio-technical characteristics might enable a system that encourages and empowers users to create a secure infrastructure?

This content is only available as a PDF.
This is an open-access article distributed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) license, which permits copying and redistributing the material in any medium or format for noncommercial purposes only. For a full description of the license, please visit