Future leaders will need to understand the science, technology, public policy, and national security considerations behind cybersecurity well enough to make informed decisions when provided advice and options for action. Over the last decade, cybersecurity issues have risen in prominence in both the public and private spheres, with an increasing interrelationship between what have traditionally been two distinct domains. There have been near-daily reports regarding cyber operations launched by nation-states, hacking groups, criminal organizations, and other malign actors against a variety of targets, using different tools and methods, and with different effects. The U.S. government has attempted to reorganize and reorient towards this multi-dimensional threat, in addition to private industry, state and local governments, and academia? but despite this increased focus, there are still several gaps and vulnerabilities that deserve technical and policy attention and solutions. As we head towards another Presidential election in November 2020, these issues will remain at the forefront given what occurred in the last elections and the use of sophisticated cyber means to influence public opinion, sow political divisions, potentially compromise election results, and demonstrate a capability that was not fully operationalized.
This class will examine the broad landscape of cybersecurity from both a technical and policy perspective. It will introduce fundamental concepts of computing and cybersecurity, including information theory, computability, cryptography, networking fundamentals, how vulnerabilities arise, and how attacks work. In addition, it will explore foundational ideas including definitions, cyber norms, and ethics; identify existing U.S. laws, authorities, and governmental constructs; and frame classic security concepts like deterrence, attribution, offense, defense, and retaliation? which will be accentuated by expert perspectives from a range of guest speakers. Graded assignments will entail policy papers designed to explore technical concepts and policy positions on different cybersecurity topics, student-led panel discussions related to weekly syllabus themes, and a simulated policy meeting where students will have the choice of assuming different private sector or government roles and examine potential courses of action in response to a cybersecurity crisis scenario.