http://ebooks.cambridge.org/ebook.jsf?bid=CBO9781316411292, https://www.nap.edu/catalog/18749/at-the-nexus-of-cybersecurity-and-public-policy-some-basic, https://dl.acm.org/citation.cfm?id=1629613, https://commotionwireless.net/docs/cck/networking/learn-networking-basics/, https://web.stanford.edu/class/msande91si/www-spr04/readings/week1/InternetWhitepaper.htm, https://www.nyu.edu/projects/nissenbaum/papers/ETINsecurity.pdf, https://www.howtogeek.com/58642/online-security-breaking-down-the-anatomy-of-a-phishing-email/, https://www.apnews.com/dea73efc01594839957c3c9a6c962b8a/Inside-story:-How-Russians-hacked-the-Democrats%27-emails, https://www.hoover.org/sites/default/files/research/docs/lin_webready.pdf, https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf, http://ieeexplore.ieee.org/document/991552/, https://www.nap.edu/catalog/12997/proceedings-of-a-workshop-on-deterring-cyberattacks-informing-strategies-and, https://www.nap.edu/read/12997/chapter/18, http://www.mitpressjournals.org/doi/abs/10.1162/DAED_a_00116, http://www.sciencedirect.com/science/article/pii/S0167404811001659, https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf, http://www2.ca3.uscourts.gov/opinarch/143514p.pdf, https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN, http://media.ca11.uscourts.gov/opinions/pub/files/201616270.pdf, https://oag.ca.gov/sites/all/files/agweb/pdfs/dbr/2016-data-breach-report.pdf, https://www.perkinscoie.com/en/news-insights/security-breach-notification-chart.html, https://www.wired.com/2015/08/happened-hackers-posted-stolen-ashley-madison-data/, https://www.pwc.com/us/en/increasing-it-effectiveness/publications/assets/adopt-the-nist.pdf, http://searchsecurity.techtarget.com/feature/The-history-of-the-PCI-DSS-standard-A-visual-timeline, https://www.sans.org/reading-room/whitepapers/compliance/compliant-secure-pci-certified-companies-breached-36497, https://heinonline.org/HOL/P?h=hein.journals/gwlr72&i=1222, https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf, https://fas.org/sgp/crs/secrecy/R42681.pdf, https://www2.deloitte.com/content/dam/insights/us/articles/loss-of-intellectual-property-ip-breach/DR19_TheHiddenCostsOfAnIPBreach.pdf, https://www.foxrothschild.com/content/uploads/2018/02/Ebook-Intellectual-Property-Strategies-for-Next-Generation-Cybersecurity-Technologies-James-M.-Singer-April-2018.pdf, https://www.ischool.berkeley.edu/sites/default/files/cybersec-research-nsf-workshop.pdf, https://www.amacad.org/content/publications/publication.aspx?d=1425, Vulnerabilities Equities Policy and Process for the United States Government, https://www.darkreading.com/vulnerabilities---threats/lessons-from-the-ukraine-electric-grid-hack/d/d-id/1324743, https://www.theatlantic.com/magazine/archive/2010/06/the-enemy-within/308098/, Alert (ICS-ALERT-14-281-01E) Ongoing Sophisticated Malware Campaign Compromising, https://corpgov.law.harvard.edu/2016/03/03/federal-guidance-on-the-cybersecurity-information-sharing-act-of-2015/, https://www.us-cert.gov/sites/default/files/ais_files/Non-Federal_Entity_Sharing_Guidance_%28Sec%20105%28a%29%29.pdf, Confront and Conceal, Obama's Secret Wars and Surprising Use of American Power, https://www.ftc.gov/tips-advice/business-center/guidance/financial-institutions-customer-information-complying, https://www.brookings.edu/wp-content/uploads/2016/05/sextortion1-1.pdf, https://www.nytimes.com/2018/06/23/technology/smart-home-devices-domestic-abuse.html, http://www.bu.edu/law/journals-archive/bulr/volume89n1/documents/CITRON.pdf, https://dspace.mit.edu/bitstream/handle/1721.1/97690/MIT-CSAIL-TR-2015-026.pdf?sequence=8, https://www.theatlantic.com/technology/archive/2014/11/what-the-law-can-and-cant-do-about-online-harassment/382638/, https://www.tandfonline.com/doi/pdf/10.1080/01402390.2011.608939, http://foreignpolicy.com/2012/02/27/cyberwar-is-already-upon-us/, http://armedforcesjournal.com/learn-cyber-conflict-history-or-doom-yourself-to-repeat-it/, http://www.airforce-technology.com/features/feature1625/, https://www.armyupress.army.mil/Portals/7/military-review/Archives/English/MilitaryReview_20160228_art009.pdf, https://scholarship.law.berkeley.edu/californialawreview/vol105/iss2/4/, https://www.defenseone.com/ideas/2018/11/what-happens-when-us-starts-defend-forward-cyberspace/152580/, https://www.nextgov.com/ideas/2018/11/china-top-long-term-threat-cyberspace/152588/, Statement of Ryan Goodman on Election Interference before the U.S. Senate Committee on the Judiciary, Statement in Response to NIST Request for Information regarding the Cybersecurity Framework, https://www.eff.org/cyberspace-independence, Death of a data haven: cypherpunks, WikiLeaks, and the world’s smallest nation, https://www.usvotefoundation.org/sites/default/files/E2EVIV_full_report.pdf, Introduction to the course: Why Cybersecurity in Context, Course Intro: why cybersecurity "in context?". Having a working knowledge of cybersecurity threats will make you better equipped to design and implement an efficient plan for securing your systems and networks. Ross Anderson, Why information security is hard - an economic perspective, Computer Security Applications Conference, 2001, Tyler Moore, Introducing the Economics of Cybersecurity: Principles and Policy Options (a single chapter). However, one of the most important aspects of threat intelligence feed for an organization is the maintenance of a database consisting of past incidents and threats, alongside the competence to realize better counter-threat recognition and prevention. Neither are they suitable when it comes to actively feeding your SIEM. Protect your fleet with Prey's reactive security. These feeds are usually paid for and obtained from third-party security vendors. What power should professionals and institutions have with regard to choosing what is exogenous to the cybersecurity system? Online threats are varied and they don’t discriminate organizations from individuals when looking for a target. Being a competent lawyer requires the ability to understand the facts and theories that underlie or touch upon a legal problem. It allows for much … What is the law of cybersecurity emerging from the FTC? This paid for course appears to cover a comprehensive sylabus that includes threat modelling and risk analysis techniques. Cyber threats come from a variety of places, people and contexts. Students are expected to read, watch, or listen to all assigned materials and be prepared to participate actively in class activities and discussion.

Learn more about the sources of threat intelligence and how to apply them by taking any of our globally recognized intelligence training courses. Today, the term is almost exclusively used to describe information security matters. 61–84 (2009), http://www.bu.edu/law/journals-archive/bulr/volume89n1/documents/CITRON.pdf. Understand the legal, social, and political frameworks that affect cybersecurity; Identify and define challenges to achieving cybersecurity; Identify and explain social, legal, political, and economic impediments to cybersecurity; Suggest approaches to maintain a reasonable state of cybersecurity and to address breaches effectively, ethically, and according to law; and. These include: For individuals, the best practices are simple. 1607 (2016), Attribution: electrons do not wear uniforms, yet the demands of more specific attribution are growing. To allow everyone to participate fully in the discussion and avoid distractions, we ask that you keep your laptop generally closed and other electronic devices turned off and put away during class. Knowledge and understanding of Information Security triad: Confidentiality, Integrity and Availability. This is at our usual time, in our usual room. Graduate students: please view the video of Monday's class (the law students started on Monday) and do all of Monday's readings. They provide an official qualification for CCTIM designed to accredit managers and directors who participate in threat intelligence used in the UK threat led penetration testing standards (CBEST and STAR). You can expect to spend this amount of time per unit per week on out-of class, course-related work as described above. Jason Faulkner, Online security: Breaking down the anatomy of a phishing email, How-to Geek, April 13 2011. Gartner explains, “Cybersecurity risks pervade every organization and aren’t always under IT’s direct control. Deirdre K. Mulligan & Fred B. Schneider, Doctrine for Cybersecurity, 140(4) Daedalus 70–92 (2011), The American approach of "public-private cybersecurity", Watch interview with Professor Kirsten Eichensehr (in Files>Videos), Security as a contested value; considering the non-economic barriers to security, such as free speech, Watch interview with Professor Laura DeNardis (in Files>Videos). We help you state priorities for intelligence support. Air Force Technology.com, March 10, 2008. A brief history of the internet. What is the right balance between election security and voting rights?