CYSE 425W | Yohannes Teklu's Eportfolio

CYSE 425W: Cybersecurity Strategy and Policy

Course Description

CYSE 425W explores the development, implementation, and impact of cybersecurity strategies and policies at national and organizational levels. This course examines how cybersecurity policies shape national security, economic stability, and international relations. A strong emphasis is placed on NIST frameworks, policy analysis, crisis management, ethical debates, and strategic recommendations.

Through case studies, policy analysis, and research, students critically evaluate national security strategies and compare them to cybersecurity policies while considering political, legal, and social implications.

Key Learning Objectives

✅ Analyze National Security & Cybersecurity Strategy – Understand the goals, structure, and framework of a national security strategy and compare it to cybersecurity policies.
✅ Examine NIST Cybersecurity Framework – Study the structure and objectives of NIST policy and its role in guiding organizations and government entities in risk management.
✅ Assess Political & Social Implications – Evaluate how cybersecurity policies impact privacy, civil liberties, and national defense.
✅ Interpret Cybersecurity Policy Issues – Compare different policy frameworks and propose strategic recommendations based on risk assessment and compliance standards.
✅ Cyber Crisis Management & Conflict Resolution – Study international incident response mechanisms and strategies for resolving cyber conflicts.
✅ Debate Ethical Challenges – Address ethical concerns related to surveillance, data privacy, cyber warfare, and government intervention in cybersecurity.
✅ Predict Future Cybersecurity Trends – Identify emerging developments in cybersecurity strategy and policy, including AI security, zero-trust frameworks, and international cyber treaties.

Focus on NIST Cybersecurity Policy

📌 Understanding the NIST Cybersecurity Framework (CSF) – Studied how organizations use the NIST CSF to manage cybersecurity risks.
📌 Implementation of NIST 800-53 & 800-171 – Explored NIST security controls for federal agencies and contractors handling sensitive data.
📌 Risk Management & Compliance – Analyzed how NIST policies align with FISMA, HIPAA, and other compliance regulations.
📌 Case Study: NIST’s Role in National Security – Evaluated real-world examples of NIST cybersecurity strategies in national defense.
📌 Policy Recommendation Report – Developed strategic recommendations for improving NIST-based cybersecurity policies.

Skills Acquired

🔹 Cybersecurity Policy Analysis – Evaluating policy frameworks, identifying gaps, and making informed recommendations.
🔹 Strategic Planning & Risk Assessment – Applying NIST guidelines to assess and mitigate cybersecurity risks.
🔹 Crisis Management & Incident Response – Understanding global cyber conflict resolution mechanisms.
🔹 Ethical & Legal Considerations – Debating issues surrounding government surveillance, privacy laws, and cybersecurity enforcement.
🔹 Research & Critical Writing – Developing well-structured cybersecurity policy reports and recommendations.

Topics & Practical Work

📌 Comparing National Security & Cybersecurity Strategies – Studied the differences in governance, enforcement, and objectives.
📌 Cyber Policy Debates – Analyzed ethical dilemmas in cyber surveillance, AI governance, and cyber warfare.
📌 International Cyber Conflict & Crisis Management – Examined global cyber incidents and diplomatic response strategies.
📌 Cybersecurity Strategy Recommendations – Proposed policy improvements based on risk assessment frameworks.
📌 Future of Cybersecurity Policy – Researched trends in cyber resilience, zero-trust security models, and AI policy regulations.

Personal Reflection

This course deepened my understanding of cybersecurity governance, risk management, and strategic policy-making. By working on NIST policy analysis and real-world case studies, I gained insight into how cybersecurity policies impact national security, organizations, and individuals. The ability to assess cybersecurity frameworks, debate ethical implications, and propose strategic recommendations aligns with my professional aspirations in cybersecurity governance, compliance, and risk management.