The Cyber Ethics course is designed to provide students with an in-depth look at potential social and moral costs associated with the rise of new and emerging technology in a cybersecurity environment. Designed around current case and practical themes, Cyber Ethics explores up-to-date legal and philosophical perspectives, coupled with discussion and debate over best practices governing the use of cybersecurity models, developing meaningful cybersecurity policy, as well as providing effective guidance and resources to both public and private sector entities within the cyber domain. Topics covered in this course will include, an introduction to Cyber Ethics, digitizing ethical standards, Gate keepers and the government’s use of emerging technology, privacy concerns versus data integrity, ethical best practices, resolving ethical dilemmas in cybersecurity, and the future and final frontier of cyberspace related concepts. The accompanied reading in this course will provide students with a current synopsis of trends and patterns developing in the field of Cyber Ethics. Additional and accompanying materials
and articles will be provided by the instructor to expand current and meaningful dialogue related to Cyber Ethics challenges facing the modern professional. This course is designed as an essential learning element for individuals entering or continuing a career in Cybersecurity Law and Policy.

How does digital surveillance influence power and privilege? This course dissects how domestic digital surveillance, including video and GPS surveillance measures, identification systems, social networking, online advertising, health records, big data, data mining analytics, revenge pornography, and the war on terror have all shaped a patchwork of State, Federal, and International regulations concerning digital privacy.

This is a graduate-level distance-learning course. The course will examine the legal and policy issues related to cybersecurity, including the history and complex nature of computer-related crime and how societies have attempted to respond. Students will discuss the different types of cyber-criminals, including motives, rationale, and methods of attack. The course will evaluate the technology landscape in this dynamic area and will provide students with opportunities to discuss cutting-edge issues at the intersection of law, technology, and policy. Students will be presented with the challenge of a fast pace technological environment to highlight the tools necessary to identify problems in the world arising from the existing and perceived vulnerabilities. At the end of this course, participants should be able to, and offer informed opinions and potential solutions.

This is a graduate-level distance-learning course. The course discusses the various impacts of information security risks on corporate practices, preparing students for tomorrow’s market as legal counsels or other similar business advising position. Specifically, this course is divided into three parts which can be simplified as the what, who, and how of cybersecurity corporate practices as it relates to their legal aspects. The what covers the sources of legal obligations and/or concerns for corporations; the who discusses the entities and individuals that are held accountable; and the how articulates the notions reviewed in this course into a specific case study. This course will feature prominent guest speakers discussing top of the market technologies and methodologies, while providing real-life examples from their practices.

This is a graduate-level distance-learning course. The course will examine the social and legal processes developed by governments, the private sector, and civil society to secure the Internet. The course is intended to introduce students to an evolving area of the law. Our society depends on a stable and safe Internet, and there is growing concern about the misuse of cyberspace. News of large-scale cybersecurity threats and cyber-attacks overshadow the daily life of governments, corporations, and individuals. The challenge at hand is one that threatens the peaceful utilization of cyberspace. With the increasing proliferation of mobile technologies and the growing real-time border-less exchange of information, cybersecurity has become a vital subject with international connotations that requires a global approach to find a solution. Cyber-attacks are a personal threat to all users of cyberspace, and impose great dangers to nation-states. The course will also examine the role played by nation-states and other stakeholders. The seminar will also consider the concept of cyber-power and cyber-war.

Laws and regulations requiring information security and data privacy protections are created according to industry sector. That means that organizations must review their business operations and the laws and regulations that apply to those operations in order to determine the appropriate data protection requirements that apply to the organization, rather than simply protecting everything in the same way. Laws and regulations may require different protections for the same types of information, which can be difficult to implement. This course will teach the different sources of information security requirements that organizations face, how to pick the correct information security rules applicable to your organization, and how to assure that the organization is complying with those rules.

States as the cardinal subjects of international law have different interests, and just as they compete for influence offline, they do so in cyberspace as well. However, states are not the only actors in that arena; non-state actors are increasingly a force to be reckoned with. In this battle, a cutting-edge issue of international law has emerged: cybersecurity, the subject matter of this course. The World Economic Forum in its 2020 Report has ranked cyberattacks in the top ten global threats, both in likelihood and impact, for the next ten years. The world community and international law have a vested interest in building a cyber-resilient world and effective defenses to confront cybersecurity risks and to ensure peace and security. Issues of cyberwarfare perpetrated by state actors and cyberterrorism perpetrated by non-state actors, cyber espionage, cyber economic espionage, the intersection of human rights and cybersecurity are developing issues. How can the conduct of state and non-state actors be regulated? What constitutes a cyberattack? How can a state or the community of nations collectively respond to such an attack? Do the traditional laws of war apply? What rights exactly do individuals have in cyberspace? How do state responsibility and accountability of non-state actors come into play? Who makes such decisions? In what fora? The course addresses the above questions in addition to covering the basic prescriptions of international law, its traditional sources of law, the process of making and implementing lawful international decisions, and the impact of such decisions in domestic law.

This course provides an introduction to the field of cybersecurity. History, characteristics and models of information and computer security are explored. Topics such as risk management, logical and physical security, continuity, cryptography, and architecture are discussed. The National Institute of Science and Technology (NIST) Cybersecurity Framework is introduced as are information security terminology and concepts. Additional areas of study include infrastructure security, cryptography, and operational and organizational security as it relates to network hardware, software and data. Topics include authentication, attacks, intrusion detection, cryptography, disaster recovery and computer forensics regarding networked systems. Also covers identifying an organization’s information assets and the development, documentation and implementation of policies, standards, procedures and guidelines that ensure confidentiality, integrity and availability of those assets. Prepares students to understand the planning, organization and roles of individuals involved in security, to develop security policies, and to utilize management tools to identify threats, classify assets and rate vulnerabilities.

In this practical course, students will be introduced to risk management activities in which legal knowledge can be combined with other expertise to significantly improve organizations’ preparedness for crisis, such as ransomware attacks. Students will benefit from an interdisciplinary approach which will combine legislative knowledge with information security expertise to exemplify how lawyers can significantly contribute to protect their organization by playing a proactive role, including by establishing legal privilege strategies over risk mitigation exercises. In the second part of these courses, students will discover some principles of crisis management, should an incident occur. This course is intended to provide practical knowledge, and students should expect to complete and participate in hands-on activities. Each course includes reading, and online videos which complete the readings with additional content.

This course is intended as a Capstone for students who have completed Risk Management, Business Continuity and Crisis Management. The course is divided into three modules, each corresponding to a distinct scenario: (1) a data breach involving personal information; (2) the cyber misappropriation of trade secrets and (3) an attack on a critical infrastructure involving both the compromise of IT systems and physical impacts. Students will be required to produce documents, negotiate with cyber criminals, work with forensic teams, and manage internal issues through simulations. This is a practical course, allowing students to gain confidence through real-life situations and to exchange with various experts as students embark on a new journey as general counsels in charge of navigating these difficult situations. In each of the scenarios, professors will play the roles of management, and students, acting as General Counsel (“GC”), will be expected to interact and inform management of what actions should be taken.