– CYSE 425W –
This course explores cybersecurity policy and strategy and introduces students to the essentials of strategy development and policy making in cybersecurity. Topics considered include planning principles in cyber strategy; risk management and cybersecurity policy; the connections between cybersecurity policies, businesses, and governmental institutions; the knowledge, skills, and abilities needed to develop and implement cybersecurity policy; the social, political and ethical implications that arise in cybersecurity policies and strategies; strategies to assess cybersecurity policy; and the ties between national security and cybersecurity policy.
Throughout this course, I engaged in in-depth policy analysis and strategic planning exercises, focusing on cybersecurity at the national and organizational levels. My work involved understanding and assessing real-world policies, such as the CISA National Cybersecurity Strategic Plan (FY2024-2026), and exploring how these policies are implemented to protect national security and critical infrastructure.
One of the primary components of this course was completing six Policy Analysis Papers, each addressing a different facet of cybersecurity policy. These papers provided me with a structured approach to critically analyzing cybersecurity strategies and the implications of policy decisions on national and organizational security. By analyzing current and proposed policies, I gained insights into the complexities of cybersecurity governance and the challenges of balancing security with privacy and ethical considerations.
Skills and Values:
Policy Analysis and Critical Thinking: Developed the ability to critically analyze cybersecurity policies, assess their effectiveness, and understand the implications of many policy decisions.
Strategic Planning: Gained skills in evaluating and contributing to cybersecurity strategies that align with national security and organizational goals.
Ethical Awareness and Legal Compliance: Enhanced my understanding of the ethical, legal, and societal considerations that shape cybersecurity policies, especially those that impact privacy.
Communication and Reporting: Learned to communicate complex policy analysis findings effectively, a skill crucial for roles in governance, risk, and compliance (GRC).
Policy Analysis Paper 1
annotated-Policy20Analysis201Policy Analysis Paper 2
annotated-Policy20Analysis2022028129Policy Analysis Paper 3
annotated-Policy20Analysis2032028129Policy Analysis Paper 4
annotated-Policy20Analysis2042028229Policy Analysis Paper 5
annotated-Policy20Analysis205