Cybersecurity Law, Policy and Practice

This course examines legal, regulatory and policy challenges in the embryonic cybersecurity threat arena. We will examine the national and international legal frameworks that govern actions in cyberspace, including laws related to cyberespionage and cyberwar. The objective of the course is to view the milieu of cybersecurity threats to the government and private sector and responses to them in a national and international law environment, while also recognizing the boundaries of current law. The course will include a survey of federal laws, executive orders, regulations, and cases related to surveillance, cyber intrusions by private and nation-state actors, data breaches, and privacy and civil liberties matters, among other things. The course will also explore the legislative and technology landscape in this dynamic area and will provide students with opportunities to discuss cutting-edge issues at the intersection of law and policy. We will use case corporate studies to examine recovery planning, cyber insurance, business continuity, board responsibility, compliance with best practices and the developing regulatory environment of the Federal Trade Commission, the SEC and other agencies as well as managing social media in the workplace.

Grading and Method of Evaluation:
Grades will be based on class participation, assignments and practical exercises, and completion of a 15-20 page paper.