CYBERSECURITY AND ENGINEERING LAW: LEGAL FRAMEWORK FOR ACCOUNTABILITY AND ETHICAL RISK MANAGEMENT IN SMART INFRASTRUCTURES

Abstract

The integration of smart infrastructures-ranging from intelligent transportation systems to interconnected energy grids—has amplified both the opportunities and vulnerabilities within contemporary societies. As these infrastructures rely on cyber-physical systems, the stakes of cybersecurity transcend technical contingencies, extending into domains of legal accountability, regulatory compliance, and ethical governance. This paper examines the legal frameworks that underpin accountability in cybersecurity within engineering contexts, situating them against the backdrop of risk society theory and the expanding surveillance economy. It argues that engineering law must evolve to accommodate the dual imperatives of technological innovation and societal protection, thereby ensuring both resilience and public trust. Through an interdisciplinary approach, the analysis explores how regulatory models, professional codes of conduct, and liability regimes intersect with the ethical responsibilities of engineers in designing, maintaining, and governing smart infrastructures. Emphasis is placed on the reflexive role of law-not merely as a mechanism for sanction but as a framework that fosters responsible risk management, anticipatory governance, and ethical accountability in environments where attribution of cyber incidents is often complex and contested. Ultimately, the paper advances a normative claim that effective cybersecurity governance in smart infrastructures requires an integrated legal-ethical architecture that aligns engineering practice with societal values, ensuring both security and legitimacy in an increasingly digitised public sphere.