CYSE 525

Cybersecurity Strategy and Policy

Course Description:

This course explores cybersecurity policy and strategy and introduces students to the essentials of strategy development and policy making in cybersecurity. Topics considered include planning principles in cyber strategy; risk management and cybersecurity policy; the connections between cybersecurity policies, businesses, and governmental institutions; the knowledge, skills, and abilities needed to develop and implement cybersecurity policy; the social, political and ethical implications that arise in cybersecurity policies and strategies; strategies to assess cybersecurity policy; and the ties between national security and cybersecurity policy.

  • Course Objectives:

    By the end of the course, the students will be able to: 

    1. Describe the goal and structure of a national security strategy and compare it to cybersecurity strategy.
    2. Critically communicate the political and social implications that arise with cybersecurity policies and strategies.
    3. Compare and interpret cybersecurity policy issues and make recommendations on policy choices.
    4. Identify international cyber crisis management and conflict resolution mechanisms.
    5. Debate ethical issues that arise with cybersecurity policies
    6. Identify possible developments in cybersecurity strategy and policy.
    7. Assess cybersecurity strategy and policy

Course Outcome

This course broadened my understanding of cybersecurity, focusing on strategy, policy development, and the ethical and societal impacts beyond just technical solutions. It gave me valuable skills that I applied during my internship and that strengthen my resume for GRC (Governance, Risk, and Compliance) roles.

Key Engagements:

  1. Strategy & Policy Analysis: Compared national and organizational cybersecurity strategies, and assessed how frameworks like NIST CSF and CMMC guide risk management.

  2. Policy Recommendations: Wrote policy briefs and case studies, including proposals to improve critical infrastructure protection and debates on ethical issues like AI surveillance.

  3. International & Crisis Management: Explored global cyber norms and participated in simulations managing international cyber incidents.

  4. Real-World Application: Used these skills at my internship to review policies for compliance, help draft incident response plans, and present on global regulations.

This course helped me see cybersecurity from a broader perspective, preparing me to align technical solutions with strategic, legal, and ethical considerations.

Sample artifacts from this course, including my policy brief and compliance roadmap, are available in my e-portfolio.

 
 
 
 
 
 
 
CYSE525-Policy-Analysis-1-2Download
CYSE525-Policy-Analysis-2-1Download
cyse525-policy-analysis-3Download
CYSE525-Policy-Analysis-4-1Download
CYSE-525-Policy-Analysis-5-1Download