POLS / CYSE 425W Cybersecurity Strategy and Policy

Course Description:

This course aims to get students to examine cybersecurity within the framework of strategy and policy making. The course intends to provide the students with the knowledge related to the essentials of strategy development and policy making in cybersecurity. We will debate on and answer the following questions: What are the planning principles in cyber strategy? What are the existing policies, and what is their translation/reflection in government and business? What qualities are needed to develop a policy and strategy in cybersecurity? What are the implementation principles for the strategies and policy? How is risk managed in cyber security? What is the knowledge, skill, and ability scope for cybersecurity policymakers and strategy developers? We will start with an introduction to national security and cybersecurity’s relation to national security, and build on this foundation with strategy and policy development basics and risk management topics. As students get a better comprehension of cybersecurity strategy and policy making, we will analyze its relevance to other policy issues, commitments, mechanisms and governance, and the international dimension of cybersecurity policy-making including crisis management and conflict resolution mechanisms


  • State and relate the basic terminology and concepts in cybersecurity.
  • Describe the goal and structure of a national security strategy and compare it to cybersecurity strategy.
  • Illustrate a risk management problem in cybersecurity and demonstrate a solution for the problem.
  • Explain and interpret commitments, mechanisms and governance in cybersecurity.
  • State and outline current legislation and policy initiatives in cybersecurity.
  • List and identify the international cyber crisis management and conflict resolution mechanisms.
  • Compare and interpret cybersecurity policy issues and make recommendations on policy choices.