ACIT4055 Security politics, cyberwar, and ethics Course description

In this course, you will learn the technical, political, legal and ethical views on cyber warfare.

States and societies have grown highly dependent on the functioning of IT infrastructures. This has created new vulnerabilities. In cyberspace, only limited resources are often needed to cause significant harm; this poses security threats for States and societies. For instance, harmful cross-border cyber operations, both by State and non-State actors, can jeopardize international stability. Cyber activities have become an integral part of international relations, and cyber security is a very discussed topic in international law today and very pertinent to international security and geopolitical discussions.

At the same time, attacks against information technology and consequently against people and physical processes connected to them have become a means of war. Information warfare, targeted hacking, weaponization of stolen information and the digitally induced disruption of infrastructure are new methods in conflict. Their use in concealed hybrid warfare poses challenges in both critical infrastructure protection, as well as in law enforcement and international politics. The solution to those challenges are an emerging field in all related disciplines.

Students should be proficient in using literature reference mangers (e.g. Zotero, EndNote, Refworks, Mendeley) in both literature search and referencing in written work. OsloMet’s library offers introduction courses to literature search and to reference management tools, providing students with the skills necessary to efficiently organize and cite their sources. Taking advantage of these resources will help students adhere to academic integrity standards and enhance the quality of their scholarly work.

No formal requirements over and above the admission requirements.

A student who has completed this course should have the following learning outcomes defined in terms of knowledge, skills and general competence:

Knowledge

On successful completion of this course the student has:

• advanced knowledge of how international law applies to hostile cyber activities by States and non-State actors during both peacetime and armed conflict
• an understanding of the context in which cybercrime affects the security of States and society
• an understanding of the threat landscape
• and understanding of advanced persistent threats (APTs) and how they operate
• an understanding of how technological developments interact with broader geopolitical dynamics that call for different national and international political responses
• an understanding of how state actors create advanced, persistent threats, and knows where to find up-to-date information about such threats

• an understanding of the impact of security attack on critical infrastructure
• comprehensive knowledge of the rise of non-state actors in cyberwarfare and their implications for international law, including how digital technologies have stimulated their growing influence, challenging the state's dominance as the primary actor in international law
• a critical understanding of the nuanced role of cyber intelligence operations, including the reluctance of states to address such operations in multilateral diplomatic negotiations or within the framework of international law
• a comprehensive understanding of the legal, political, diplomatic, and military dimensions of cybersecurity issues
• a solid understanding of the elements of national security policy in the digital domain and its consequences for governance, trust in society, public safety, national sovereignty and a functioning economy.

Skills:

On successful completion of this course the student can:

• evaluate and critically analyze cybersecurity challenges and existing regulatory frameworks
• argue for and against security policies and practices using new technologies
• identify national security implications of cybersecurity and the current challenges that international lawyers, policymakers, diplomats and the private sector face in addressing those issues
• identify and address associated ethical dilemmas, while anticipating various related issues and interests to better advocate for future clients
• explain how governments attempt to develop policies and frameworks to deal with emerging cyber threats, specifically at societal scale, e.g. against critical infrastructures
• detect and investigate Advanced Persistent Threats (APTs)
• explore various legal and policy issues related to enabling a safe and secure Internet and protecting government and private sector networks

• understand how cyber capabilities have reshaped the use of information by states and heightened threats to national security

General competence

On successful completion of this course the student can:

• critically address complex legal and policy issues that national security decision-makers must address and to provide insight into the practical challenges they present

• understand the ethical responsibilities of cybersecurity profession and be able to treat ethical, moral and privacy issues responsibly
• recognize the importance of safeguarding critical infrastructure
• demonstrate intellectual flexibility to understand and respond to the challenges posed by new and emerging technologies and their consequences

• Lectures
• Guest lectures
• Assigned readings
• Case studies, including internet-based fieldwork and policy analysis
• Writing assignments
• Group discussions and presentations
• Collaborative group work and peer feedback on classmates’ contributions
• Scenario-based challenges and competitions

The following required coursework must be completed and approved before the student is eligible to take the exam:

• Individual: Submission of a written case report, policy, strategy document, or essay (1,500-2,000 words)
• Participation: Active involvement in three in-course group activities, such as case analyses, presentations, or role-playing exercises
• Group-based: Deliver one group presentation on assigned topics (groups of up to three students) and serve as a discussant for one presentation by another group.

The final examination consists of an individual written policy, strategy document, or essay (3000 - 4000 words). The exam can be appealed.

New/postponed exam:

In case of failed exam or legal absence, the student may apply for a new or postponed exam. New or postponed exams are offered within a reasonable time span following the regular exam. The student is responsible for registering for a new/postponed exam within the time limits set by OsloMet. The Regulations for new or postponed examinations are available in Regulations relating to studies and examinations at OsloMet.

All aids are permitted, provided the rules for plagiarism and source referencing are complied with.

Grade scale A-F.

One internal examiner. External examiners are used periodically.

Professor Lothar Fritsch and Assistant Professor Nuno Marques