CYSE 425w – Cybersecurity Strategy and Policy

CYSE 425W Cybersecurity Strategy and Policy

Course Description:

This course explores cybersecurity policy and strategy and introduces students to the essentials of strategy development and policy making in cybersecurity. Topics considered include planning principles in cyber strategy; risk management and cybersecurity policy; the connections between cybersecurity policies, businesses, and governmental institutions; the knowledge, skills, and abilities needed to develop and implement cybersecurity policy; the social, political and ethical implications that arise in cybersecurity policies and strategies; strategies to assess cybersecurity policy; and the ties between national security and cybersecurity policy.

Course Objectives:

By the end of the course, the students will be able to:

  • Describe the goal and structure of a national security strategy and compare it to cybersecurity strategy.
  • Critically communicate the political and social implications that arise with cybersecurity policies and strategies.
  • Compare and interpret cybersecurity policy issues and make recommendations on policy choices.
  • Identify international cyber crisis management and conflict resolution mechanisms.
  • Debate ethical issues that arise with cybersecurity policies
  • Identify possible developments in cybersecurity strategy and policy.
  • Assess cybersecurity strategy and policy

These will be structured papers you write about a specific cybersecurity policy or strategy you select. Please, make all citations in APA, MLA or IEEE style. Taking on the role of a policy analyst, you will write five policy analysis papers addressing the following topics:

1. Paper 1. What is the cybersecurity policy/strategy you have selected?  This should be a two- page (double-spaced, 12 pt Times New Roman) paper describing a cybersecurity policy/strategy in layperson’s terms.  The focus should be on the overview of the policy, why it was developed, how it is applied, how the policy fits within a national (and international) cybersecurity policy, and how at least three scholarly journal articles have described the policy. Due: Week 3.

2. Paper 2. What are the political implications that arise from the cybersecurity policy/strategy you have selected?  This should be a two-page (double-spaced, 12 pt Times New Roman) paper describing the political issues that are related to the cybersecurity policy/strategy you have selected.  Attention should be given to how politicians or policy makers have addressed the policy/strategy, why those politicians or policy makers came to those conclusions, and the ramifications (Outcome )  of those decisions. The paper must include at least three scholarly articles from political science/international studies that address the policy. Due: Week 5.

3. Paper 3. What are the ethical implications that arise from the cybersecurity policy/strategy you have selected? This should be a two-page (double spaced, 12 pt Times New Roman) paper describing the ethical issues that arise when considering the cybersecurity policy/strategy you have selected. Attention should be given to the costs and benefits of the policy/strategy, the types of rights that are protected and potentially limited with the policy/strategy, and whether the policy/strategy appropriately addresses individuals’ rights. The paper must include at least three scholarly journal articles that frame the discussion. Due: Week 7.

4. Paper 4. What are the social implications that arise from the cybersecurity policy/strategy you have selected? This should be a two-page (double-spaced, 12pt Times New Roman) paper describing the connections between society and the cybersecurity policy/strategy you have selected. Attention should be given to the social factors that led to the development of the policy/strategy, the social consequences of the policy/strategy, and the way that cultural and subcultural influences have shaped the policy. The paper must include at least three scholarly journal articles to support the discussion. Due: Week 12.

5. Paper 5. Write a paper focused on how you would assess the effectiveness of the policy/strategy?  This should be a two-page paper describing how you would assess the effectiveness of the policy/strategy. Attention should be given to how experts have evaluated the policy/strategy in at least three different scholarly journal articles, how those policy assessments lead to additional policy implications, how you would assess the policy, and whether you believe the assessment would demonstrate success. This paper should incorporate the previous papers and summarize the ethical, political, and social implications in framing the assessment.  Due: Week 14.

Midterm Assignment. 

The National Cybersecurity Strategy March 2023 provides a comprehensive and coordinated plan to address the growing threats to the United States’ digital ecosystem. It aims to shift the burden of cybersecurity away from individuals, small businesses, and local governments and onto the organizations that are most capable of reducing risks for everyone. The strategy seeks to build and enhance collaboration around five pillars: defending critical infrastructure, disrupting and dismantling threat actors, shaping market forces to drive security and resilience, investing in a resilient future, and forging international partnerships to pursue shared goals. Its implementation will protect investments in rebuilding America’s infrastructure, developing clean energy, and reshoring America’s technology and manufacturing base.

https://www.whitehouse.gov/wp-content/uploads/2023/03/National-Cybersecurity-Strategy-2023.pdf

For this assignment, you are required to analyze the National Cybersecurity Strategy March 2023 and write a 4-page paper, double-spaced, with a focus on one of the five pillars of the strategy.

Instructions:

General Review: Write a two-page general review of the National Cybersecurity Strategy March 2023.

Chosen Pillar Review: Select one of the five pillars from the strategy and write a two-page review of it.

Midterm Project due by Sunday, November 5, 2023.

Requirements:
The assignment should be 4 pages double-spaced, excluding the title page and references page.
Use APA, MLA, or IEEE citation style to cite sources in the text and on the references page.

Final Exam. This will be an exam that includes both short answer questions and an essay question. The exam questions will become available to you on December 9, 2023 and the answers are due by December 14, 2023. The exam has to be completed in one sitting. You will have two hours to finish the questions.