PUBP 6725: Information Security Policies

Instructional Team

Milton Mueller

Milton Mueller
Instructor

Overview

This course introduces students to the policy and management aspects of cybersecurity. It is based on the idea that cybersecurity policy can be sorted into three “layers” representing different levels of social organization: individual organization, the national level, and the transnational level. The course is divided into four modules: the first exposes students to basic concepts and definitions regarding policy, governance, and threats; the second deals with cybersecurity policy at the organizational level; the third deals with cybersecurity public policy at the national level; the fourth deals with cyber conflict, policy, and diplomacy at the transnational level. This course situates cybersecurity in the overall Internet ecosystem. Student deliverables include small group projects as well as individually completed quizzes, discussions, and a final term paper. This is a required core course for all tracks in the Online MS in Cybersecurity.

Course Goals

Upon successful completion of this course, students should be able to: 

  • Recognize the different governance structures used to promote cybersecurity
  • Identify key cybersecurity policy frameworks and standards (e.g., NIST framework)
  • Write a cybersecurity policy for an organization
  • Analyze and assess the effects of existing and proposed cybersecurity laws and regulations
  • Identify the geopolitical dimension of cyber conflict
  • Recognize the intersections of cybersecurity governance with the governance, standards and operations of the Internet

This course does not count toward any specific specialization, and does not count as a foundational course.

Sample Syllabus

Spring 2020 syllabus and schedule (PDF)
Fall 2019 syllabus and schedule (PDF)

Note: sample syllabi are provided for informational purposes only. For the most up-to-date information, consult the official course documentation.

Before Taking This Class...

Suggested Background Knowledge

Students will be expected to have a basic understanding of computers and data networking and will be exposed to some technical material regarding internet protocols, vulnerabilities, exploits and incident response, but the primary focus of the course is on the public policy, management and international relations aspects of cybersecurity. As such, prior coursework on institutional or transaction cost economics would be helpful, as would courses or readings on public policy processes and public administration. Students should be able to blend and integrate economic, technical and political modes of analysis. A helpful overview of related issues is provided in the following:

National Research Council. 2014. At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues. Washington, DC: The National Academies Press. https://doi.org/10.17226/18749

Technical Requirements and Software

The course does not require any specific software tools nor does it rely on programming skills, although they can be useful in some assignments.

Academic Integrity

All Georgia Tech students are expected to uphold the Georgia Tech Academic Honor Code. This course may impose additional academic integrity stipulations; consult the official course documentation for more information.