CYSE 406 – Cyber Law

This memo shows how I write professionally about cybersecurity issues where law, ethics, and platform governance intersect.

Context (What / When / Why it matters)

CYSE 406 helped me understand how cybersecurity decisions are shaped by laws, regulations, and ethics, not just technical controls. Throughout the course, I focused on how privacy expectations, online speech, platform governance, and real-world breaches influence what organizations are allowed (and required) to do. This course mattered to me because it connected cybersecurity to real consequences—how companies handle personal data, how platforms moderate content, and how government and industry practices impact individual privacy.

Artifact

Cyber Law Memorandum: “Freedom of Expression and Privacy in the Digital World” (Memo to Professor Klena, dated 3/23/2025).

annotated-Cyber20law20406.docxDownload


In this memo, I analyzed how online platforms (such as YouTube and Reddit) balance speech with moderation, and I examined privacy concerns tied to personal data use, breaches, and surveillance.

Reflection (Focused, not “I learned a lot”)

What did I do?
I wrote a formal memo that applied course ideas to real digital spaces I use (platform moderation, user reporting systems, privacy policies, and breach risks). I also connected privacy concerns to real-world examples like major data breaches and how institutions handle sensitive personal data.

What did I value about this experience?
I valued learning how to think like a cybersecurity professional who has to consider legal boundaries and ethical impact, not just what is technically possible. The course made me more aware that security decisions often become policy decisions.

What lesson did I learn?
I learned that privacy and free expression create constant trade-offs in the digital world. Even when companies claim to protect users, risks still exist through third parties, data sharing, and breaches—so individual awareness and organizational accountability both matter.

How did this develop a skill or competency?
This course strengthened my communication and critical thinking by pushing me to write clearly, support claims with evidence, and explain complicated issues (law + technology + society) in a structured way. It also improved my ability to connect cybersecurity topics to real-world policy and compliance expectations.

How will I use this in the future?
I will use what I learned when interpreting security policies, writing reports, explaining risk to non-technical stakeholders, and working in environments that require compliance (privacy rules, breach response expectations, and responsible data handling).

Key Concepts I Took Away (Course Learning)

  • The difference between platform rules vs. legal rights (speech online is often governed by private policies)
  • Why privacy is complicated even when organizations use security controls (data still moves through partners and systems)
  • How major breaches shape risk awareness and personal security habits (credit monitoring, identity risk, etc.)
  • Why cybersecurity professionals must understand law, policy, and ethics to make defensible decisions

Skills Connection (NACE)

  • Communication: professional memo writing + clear explanation of complex issues annotated-Cyber%20law%20406.docx
  • Critical Thinking: weighing trade-offs (speech vs. safety, privacy vs. convenience)
  • Professionalism: understanding legal/ethical responsibility tied to data handling and user trust