This course explores cybersecurity policy and strategy and introduces students to the essentials of strategy development and policy making in cybersecurity. Topics considered include planning principles in cyber strategy; risk management and cybersecurity policy; the connections between cybersecurity policies, businesses, and governmental institutions; the knowledge, skills, and abilities needed to develop and implement cybersecurity policy; the social, political and ethical implications that arise in cybersecurity policies and strategies; strategies to assess cybersecurity policy; and the ties between national security and cybersecurity policy.
CYSE 425 is a research intensive course that has students assess various cybersecurity policies from entities like DHS. CISA, or NIST and analyze aspects and implications of these postures. In-depth analysis is required and students are required to think of these policies from a professional standpoint. Below is a sample writing assignment where I had to analyze a cybersecurity framework and create a report. The framework I chose was NIST CSF 2.0 and this essay describes the framework from an ethical standpoint
CYSE-425-Policy-Analysis-Paper3This course helped to build upon my skills of research, analysis, and writing through discovering the policies created for cybersecurity compliance and awareness. I was able to thrive in this course because I was tasked with exercising skills that I excel in. Cyber policies are important to me for my future career in risk assessment, analysis, and management. CYSE 425 corresponds with my values of inclusivity and fairness. For the policy I chose to analyze throughout the semester, NIST CSF, these values are at the heart of the document. It was desgned to be inclusive for businesses of all sizes, maturity, and economic worth. This document, which is free, is a great example of how cybersecurity does not have to be expensive, nor does it only apply to technology companies.