CYSE 425W: Cyber Strategy and Policy

Course Description

This course explores cybersecurity policy and strategy and introduces students to the essentials of strategy development and policy making in cybersecurity. Topics considered include planning principles in cyber strategy; risk management and cybersecurity policy; the connections between cybersecurity policies, businesses, and governmental institutions; the knowledge, skills, and abilities needed to develop and implement cybersecurity policy; the social, political and ethical implications that arise in cybersecurity policies and strategies; strategies to assess cybersecurity policy; and the ties between national security and cybersecurity policy.

Course Objectives

By the end of the course, the students will be able to:

  • Describe the goal and structure of a national security strategy and compare it to cybersecurity strategy.
  • Critically communicate the political and social implications that arise with cybersecurity policies and strategies.
  • Compare and interpret cybersecurity policy issues and make recommendations on policy choices.
  • Identify international cyber crisis management and conflict resolution mechanisms.
  • Debate ethical issues that arise with cybersecurity policies
  • Identify possible developments in cybersecurity strategy and policy.
  • Assess cybersecurity strategy and policy
CyberPolicy-paper-1Download

Policy Paper 1

Policy Paper 2

Policy-Paper-2Download
Policy-Paper-3Download

Policy Paper 3

Policy Paper 4

Policy-Paper-4Download

These four papers were a part of a end of semester project that each paper focused on a specific aspect/implication of a specific policy. In my papers, I used the acceptable use policy and explained it using the four lens of definition, social implications, ethical implications, and political implications.

This course helped me improve my strategic thinking and think long-term rather than immediate situations. I have a better grasp of how governments and organizations use cybersecurity strategies to build their reputation and security, while also developing a sense of policy literacy, where I can truly explain and comprehend the language structure of cybersecurity policies.