Why it matters
At every level of cybersecurity, people write. Incident reports, technical documentation, policy briefs, executive summaries. The higher you go in your career the more your writing has to reach people outside the technical space, and being able to do that clearly and persuasively is a skill that takes practice.
What it was
CYSE 425W looks at the strategic and policy side of cybersecurity rather than the technical mechanics. One of the main assignments was a policy analysis paper where I examined the social implications of the Cybersecurity Information Sharing Act, a 2015 US law that allows the government and private companies to share cyber threat information with each other. My paper covered the factors that led to CISA being created, its consequences on public trust and privacy, and how cultural differences between people who prioritize security versus privacy have shaped how the policy is received.
Reflection
Writing about CISA made me think seriously about the human side of cybersecurity policy. The technical case for information sharing makes sense on paper, but once you dig into the privacy concerns and the trust issues that come with it, it gets more complicated. That tension between security and individual rights is not going away and being able to write about it clearly is something every cybersecurity professional should be able to do. This course also just made me a stronger writer overall.
annotated-Policy-Analysis-Paper-4This policy analysis paper examines the social implications of the Cybersecurity Information Sharing Act, a 2015 United States law that allows the government and private companies to share cyber threat information. The paper covers the factors that led to CISA being created, its consequences on public trust and privacy, and how cultural differences have shaped the way the policy is received. It demonstrates my ability to analyze real cybersecurity policy, argue a position using scholarly sources, and communicate complex ideas clearly to a non-technical audience.