Course Syllabus

JOHN CABOT UNIVERSITY

COURSE CODE: "PL/LAW 338"
COURSE NAME: "The Policy, Politics and Law of Cybersecurity"
SEMESTER & YEAR: Summer Session II 2024

SYLLABUS

INSTRUCTOR: Tracy Mitrano
EMAIL: [email protected]
HOURS: MTWTH 9:00 AM 10:50 AM
TOTAL NO. OF CONTACT HOURS: 45
CREDITS: 3
PREREQUISITES:
OFFICE HOURS:

COURSE DESCRIPTION:
This course explores selected topics in the policy, politics, and law of cybersecurity. Of specific interest will be a historical understanding of the development of the internet and how that history laid the foundation for insecurity of products and internet users’ experience. Using a four-factor approach: law, market, social norms, and technology, students explore the domestic U.S. social and political development of the internet as well as the global landscape and its implications for international law.

SUMMARY OF COURSE CONTENT:

COURSE DESCRPTION AND SUMMARY OF COURSE CONTENT

This course explores selected topics in the policy, politics, and law of cybersecurity. Of specific interest will be a historical understanding of the development of the internet and how that history laid the foundation for insecurity of products and internet users’ experience. Using a four-factor approach: law, market, social norms, and technology, we will explore the domestic U.S. social and political development of the internet as well as the global landscape and its implications for international law. Topical areas include federal government structure for cyber, information security and risk management in the corporate environment, the National Cybersecurity Strategy, national defense generally and global internet governance.

LEARNING OUTCOMES:

LEARNING OUTCOMES

• Define and scope cybersecurity.

• History of insecurity products and use of information technology resources.

• Identify three security threats: individuals; organized crime; national states.

• Review legal remedies to software and security threats.

• Learn about U.S. government cybersecurity organization and structure.

• Discuss U.S. government defensive and offensive approaches to cyber threats.

• Obtain a working command of zero-day exploits.

• Balance information security and risk management in corporate organizations.

• Appreciate the relationship of cybersecurity and mis/disinformation campaigns.

• Formulate a cybersecurity framework national security and the global context.

TEXTBOOK:

NONE

REQUIRED RESERVED READING:

Book Title	Author	Publisher	ISBN number
BREACHED!	Solove	Oxford	978019094055
Fancy Bear	Shapiro	Farrar, etc.	9780374601181
Black Code	Deibert	Random House Canada	9780771025358
Fifth Domain	Clarke	Penguin	9780525561989

RECOMMENDED RESERVED READING:

NONE

GRADING POLICY
-ASSESSMENT METHODS:

Assignment	Guidelines	Weight
	ASSESSMENT METHODS Assignment Guidelines Weight Attendance and Participation To participate is to attend! 20% Modified Debate Time for you to think, formulate, and express yourself verbally! 15% Book Report How well can you analyze a book? 25% Final Paper How well can you synthesize the material and express yourself in writing? 40% ASSESSMENT CRITERIA A. Work of this quality directly addresses the question or problem raised and provides a coherent argument displaying an extensive knowledge of relevant information or content. This type of work demonstrates the ability to critically evaluate concepts and theory and has an element of novelty and originality. There is clear evidence of a significant amount of reading beyond that required for the course. B. This is highly competent level of performance and directly addresses the question or problem raised. There is a demonstration of some ability to critically evaluate theory and concepts and relate them to practice. Discussions reflect the student’s own arguments and are not simply a repetition of standard lecture and reference material. The work does not suffer from any major errors or omissions and provides evidence of reading beyond the required assignments. C. This is an acceptable level of performance and provides answers that are clear but limited, reflecting the information offered in the lectures and reference readings. D. This level of performances demonstrates that the student lacks a coherent grasp of the material. Important information is absent and irrelevant points included. In effect, the student has barely done enough to persuade the instructor that s/he should not fail. F. This work fails to show any knowledge or understanding of the issues raised in the question. Most of the material in the answer is irrelevant.

-ASSESSMENT CRITERIA:
AWork of this quality directly addresses the question or problem raised and provides a coherent argument displaying an extensive knowledge of relevant information or content. This type of work demonstrates the ability to critically evaluate concepts and theory and has an element of novelty and originality. There is clear evidence of a significant amount of reading beyond that required for the course.
BThis is highly competent level of performance and directly addresses the question or problem raised.There is a demonstration of some ability to critically evaluatetheory and concepts and relate them to practice. Discussions reflect the student’s own arguments and are not simply a repetition of standard lecture andreference material. The work does not suffer from any major errors or omissions and provides evidence of reading beyond the required assignments.
CThis is an acceptable level of performance and provides answers that are clear but limited, reflecting the information offered in the lectures and reference readings.
DThis level of performances demonstrates that the student lacks a coherent grasp of the material.Important information is omitted and irrelevant points included.In effect, the student has barely done enough to persuade the instructor that s/he should not fail.
FThis work fails to show any knowledge or understanding of the issues raised in the question. Most of the material in the answer is irrelevant.

-ATTENDANCE REQUIREMENTS:
ATTENDANCE REQUIREMENTS AND EXAMINATION POLICY
You cannot make-up a major exam (midterm or final) without the permission of the Dean’s Office. The Dean’s Office will grant such permission only when the absence was caused by a serious impediment, such as a documented illness, hospitalization or death in the immediate family (in which you must attend the funeral) or other situations of similar gravity. Absences due to other meaningful conflicts, such as job interviews, family celebrations, travel difficulties, student misunderstandings or personal convenience, will not be excused. Students who will be absent from a major exam must notify the Dean’s Office prior to that exam. Absences from class due to the observance of a religious holiday will normally be excused. Individual students who will have to miss class to observe a religious holiday should notify the instructor by the end of the Add/Drop period to make prior arrangements for making up any work that will be missed. The final exam period runs until ____________

ACADEMIC HONESTY
As stated in the university catalog, any student who commits an act of academic dishonesty will receive a failing grade on the work in which the dishonesty occurred. In addition, acts of academic dishonesty, irrespective of the weight of the assignment, may result in the student receiving a failing grade in the course. Instances of academic dishonesty will be reported to the Dean of Academic Affairs. A student who is reported twice for academic dishonesty is subject to summary dismissal from the University. In such a case, the Academic Council will then make a recommendation to the President, who will make the final decision.

STUDENTS WITH LEARNING OR OTHER DISABILITIES
John Cabot University does not discriminate on the basis of disability or handicap. Students with approved accommodations must inform their professors at the beginning of the term. Please see the website for the complete policy.

SCHEDULE

Class 1: Introduction and Governance

Don’t forget to read WP and WSJ Cyber M-F Email

National Cybersecurity Strategy (https://www.whitehouse.gov/wp-content/uploads/2023/03/National-Cybersecurity-Strategy-2023.pdf)

Class 2: International Law

Don’t forget to read WP and WSJ Cyber M-F Email

Declaration of the Rights of Cyberspace (https://www.eff.org/cyberspace-independence)

Law of the Horse (https://chicagounbound.uchicago.edu/cgi/viewcontent.cgi?referer=&httpsredir=1&article=2147&context=journal_articles)

Lessig, Code, Chapter One, and pp. 121-125 (available on the internet)

Class 3: Operations and International Law, pp. 1-14,

“Does International Law Matter in Cyberspace?” (If not available, I will lecture on it.)

Deibert, pp. 1-29, 112-133

Class 4: Historical Background

Don’t forget to read WP and WSJ Cyber M-F Email

Deibert, pp. 29-69

Class 5: Case Studies

Don’t forget to read WP and WSJ Cyber M-F Email

Fancy Bear, Introduction, Chapters One and Two

Class 6: Case Studies

Don’t forget to read WP and WSJ Cyber M-F Email

Fancy Bear, Chapters Three and Four

Class 7: Case Studies

Don’t forget to read WP and WSJ Cyber M-F Email

Fancy Bear, Chapters Five and Six

Class 8: Case Studies

Don’t forget to read WP and WSJ Cyber M-F Email

Fancy Bear, Chapters Seven and Eight

Class 9: Case Studies

Don’t forget to read WP and WSJ Cyber M-F Email

Fancy Bear, Chapter Nine and Ten, Conclusion and Epilogue

Class 10: Privacy and Information Security Policy

Don’t forget to read WP and WSJ Cyber M-F Email

Solove and Hartzog, Breached! Part I

Class 11: Privacy and Information Security Policy

Don’t forget to read WP and WSJ Cyber M-F Email

Solove and Hartzog, Breached Part II, pp. 65-128

Class 12: Privacy and Information Security Policy

Don’t forget to read WP and WSJ Cyber M-F Email

Solove and Hartzog, Breached, Part II, pp. 128-198

Class 13: Privacy and Information Security

Don’t forget to read WP and WSJ Cyber M-F Email

Review of Cornell University Information Technology Policy

Deibert, 112-133, 195-217

Class 14: Contemporary Landscape of Cybersecurity

Don’t forget to read WP and WSJ Cyber M-F Email

Fifth Domain, Part I

Class 15: Contemporary Landscape of Cybersecurity: Corporations

Don’t forget to read WP and WSJ Cyber M-F Email

Fifth Domain, Part II

Class 16: Course Preparation for Debate

Don’t forget to read WP and WSJ Cyber M-F Email

Topic and Materials TBA

Class 17: Class Debate

Class 18: Contemporary Landscape of Cybersecurity: Government and Military

Don’t forget to read WP and WSJ Cyber M-F Email

Fifth Domain, Part III and IV

Class 19: Contemporary Landscape of Cybersecurity: International

Don’t forget to read WP and WSJ Cyber M-F Email

Fifth Domain, Part V and VI

Class 20: What Dreams May Come

Don’t forget to read WP and WSJ Cyber M-F Email

Deibert, 232-245

Declaration for the Future of the Internet (https://www.state.gov/declaration-for-the-future-of-the-internet)

Final Paper

A Final Paper will be due in Moodle on the date and time of the Final Exam Schedule for this course. The Final Paper should not be more than three (5) pages, 1-inch margins, 1.5 spacing, 12-point regular Times New Roman type. It will be a synthetic rendering of what you have learned in the course based on a prompt you will be provided at the end of the semester. The best way to prepare for it is to maintain consistent attention to class, readings, lectures, etc. and take note of the connections in the materials in the course to reach a larger understanding of the politics, policy, and law of cybersecurity.